diff --git a/.circleci/config.yml b/.circleci/config.yml index e5be5d75f..62058a92a 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -6,8 +6,6 @@ experimental: only: - master - - # Define shareable packages of configuration # elements used into the worflow (= Orbs) orbs: @@ -57,7 +55,7 @@ orbs: name: Vendor dependencies command: if [ ! -d vendor ]; then go mod vendor; fi - run: - name: Generate k8s + name: Generate command: | make generate [ "$(git ls-files -m | grep -c zz_generated)" -eq 0 ] @@ -73,42 +71,6 @@ orbs: - build/_output - vendor - # Build job, which build operator docker image (with operator-sdk build) - build-ci: - <<: *params_operator - <<: *job_operator - steps: - - checkout: - path: /home/circleci/nifikop - - setup_remote_docker # Creates a separate environment for each build for security. - - restore_cache: # If exist, restore dependencies libs download cache, from previous pipeline execution. - keys: # Use checksum of go.sum to version cache. - - << parameters.operatorName >>-build-ci-{{ .Branch }}-{{ checksum "go.sum" }} - - attach_workspace: # Attach artifact from workdir - at: /home/circleci - - run: - name: Build Operator - command: make build-ci-image - - persist_to_workspace: # Create artifacts - root: /home/circleci - paths: - - << parameters.operatorDir >>/build/_output - - deploy: - name: Push image to Docker Hub - command: | - if [[ $(echo "$CIRCLE_BRANCH" | grep -c "pull") -gt 0 ]]; then - echo "This is a PR, we don't push to Hub." - else - docker login --username $DOCKERHUB_USER --password $DOCKERHUB_PASSWORD - make push-ci-image - fi - - save_cache: - name: Save build artifacts in cache - key: << parameters.operatorName >>-build-ci-{{ .Branch }}-{{ checksum "go.sum" }} - paths: - - build/_output - - # Build job, which build operator docker image (with operator-sdk build) build-operator: <<: *params_operator @@ -137,7 +99,7 @@ orbs: echo "This is a PR, we don't push to Hub." else docker login --username $DOCKERHUB_USER --password $DOCKERHUB_PASSWORD - make push + make docker-push fi - save_cache: name: Save build artifacts in cache @@ -158,15 +120,14 @@ orbs: # Unit tests steps - run: name: Unit Tests - command: make unit-test-with-vendor + command: make test-with-vendor # Artifacts definitions - store_artifacts: # Store unit test coverage reports path: coverage.html - persist_to_workspace: root: /home/circleci paths: - - << parameters.operatorDir >>/coverage.out - - << parameters.operatorDir >>/test-report.out + - << parameters.operatorDir >>/cover.out # report-sonar: # description: Detect bugs and vulnerabilities # parameters: @@ -249,7 +210,7 @@ orbs: if [[ $(echo "$CIRCLE_BRANCH" | grep -c "pull") -gt 0 ]]; then echo "This is a PR, we don't publish to helm repo." else - GCP_SA_CREDS=${GCP_POC_RTC_SA_KEY} /home/circleci/nifikop/tools/publish_helm_gcs.sh + CHART_VERSION=$(cat helm/nifikop/Chart.yaml| grep version | awk -F"version: " '{print $2}') GCP_SA_CREDS=${GCP_POC_RTC_SA_KEY} /home/circleci/nifikop/tools/publish_helm_gcs.sh fi jobs: deploy-website: @@ -325,13 +286,6 @@ workflows: - unit-test-nifikop <<: *everytime_filter - - operator/build-ci: - type: approval - name: build-ci - requires: - - unit-test-nifikop - <<: *website_publish - # - operator/report-sonar: # name: report-nifikop # requires: diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 000000000..243f81a50 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,5 @@ +# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file +# Ignore all files which are not go type +!**/*.go +!**/*.mod +!**/*.sum diff --git a/.gitignore b/.gitignore index 81237719e..7e5592084 100644 --- a/.gitignore +++ b/.gitignore @@ -104,3 +104,20 @@ website/.env.production.local website/npm-debug.log* website/yarn-debug.log* website/yarn-error.log* + +bin +testbin/* + +# Test binary, build with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# Kubernetes Generated files - skip generated files, except for vendored files + +!vendor/**/zz_generated.* + +# editor and IDE paraphernalia + +*~ \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index c21b147c5..b689ca2d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,14 +2,25 @@ ### Added +- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator/NifiUser]** Cert-manager integration can now be disabled (it's still required for secured cluster). + ### Changed +- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator]** Upgrade operator-sdk from v0.18.0 to v.1.3.0, which upgrade k8s dependencies to 0.19.4 and migrate to Kubebuilder aligned project layout. +- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[CI]** Update steps with new Makefile commands. + ### Deprecated +- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator/CRD]** No more support for Kubernetes cluster under version 1.16 (we no longer provide crds in version v1beta1) + ### Removed ### Fixed Bugs +- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator]** Upgrade k8s dependencies to match with new version requirement : [#52](https://github.com/Orange-OpenSource/nifikop/issues/52) [#51](https://github.com/Orange-OpenSource/nifikop/issues/51) [#33](https://github.com/Orange-OpenSource/nifikop/issues/33) +- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Operator]** Fix the users used into Reader user group +- [PR #53](https://github.com/Orange-OpenSource/nifikop/pull/53) - **[Documentation]** Fix the chart version informations : [#51](https://github.com/Orange-OpenSource/nifikop/issues/51) + ## v0.4.2-alpha-release ### Fixed Bugs @@ -18,7 +29,6 @@ - [PR #41](https://github.com/Orange-OpenSource/nifikop/pull/42) - **[Operator]** Access policies enum type list - ### Added - [PR #41](https://github.com/Orange-OpenSource/nifikop/pull/41) - **[Operator/NifiUser]** Manage NiFi's users into NiFi Cluster diff --git a/build/Dockerfile b/Dockerfile similarity index 58% rename from build/Dockerfile rename to Dockerfile index 104ed58b6..522f6d936 100644 --- a/build/Dockerfile +++ b/Dockerfile @@ -1,15 +1,28 @@ -FROM golang:1.14 as build - -ENV GO111MODULE=on - -ADD tools tools -RUN cd tools/health && go build -o ../../health main.go - -RUN useradd -u 1001 nifikop -RUN mkdir -p /tmp && chown nifikop /tmp - -FROM registry.access.redhat.com/ubi8/ubi-minimal:latest - +# Build the manager binary +FROM golang:1.15 as builder + +WORKDIR /workspace + +# Copy the Go Modules manifests +COPY go.mod go.mod +COPY go.sum go.sum +# cache deps before building and copying source so that we don't need to re-download as much +# and so that source changes don't invalidate our downloaded layer +RUN go mod download + +# Copy the go source +COPY main.go main.go +COPY api/ api/ +COPY controllers/ controllers/ +COPY pkg/ pkg/ +COPY version/ version/ + +# Build +RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go + +# Use distroless as minimal base image to package the manager binary +# Refer to https://github.com/GoogleContainerTools/distroless for more details +FROM gcr.io/distroless/static:nonroot LABEL org.opencontainers.image.documentation="https://github.com/Orange-OpenSource/nifikop/blob/master/README.md" LABEL org.opencontainers.image.authors="Alexandre Guitton " LABEL org.opencontainers.image.source="https://github.com/Orange-OpenSource/nifikop" @@ -27,19 +40,10 @@ LABEL org.label-schema.docker.cmd.help="N/A" LABEL org.label-schema.docker.cmd.debug="N/A" LABEL org.label-schema.docker.params="LOG_LEVEL=define loglevel,RESYNC_PERIOD=period in second to execute resynchronisation,WATCH_NAMESPACE=namespace to watch for nificlusters,OPERATOR_NAME=name of the operator instance pod" -ENV OPERATOR=/usr/local/bin/nifikop \ - USER_UID=1001 \ - USER_NAME=nifikop - -COPY --from=build /tmp /tmp -COPY --from=build /go/health / - -# install operator binary -COPY build/_output/bin/nifikop ${OPERATOR} - -COPY build/bin /usr/local/bin -RUN /usr/local/bin/user_setup +WORKDIR / +COPY --from=builder /workspace/manager . -ENTRYPOINT ["/usr/local/bin/entrypoint"] +#USER 65532:65532 +USER 1001:1001 -USER ${USER_UID} +ENTRYPOINT ["/manager"] diff --git a/Makefile b/Makefile index b092240c8..832ea30a9 100644 --- a/Makefile +++ b/Makefile @@ -3,9 +3,7 @@ SERVICE_NAME := nifikop DOCKER_REGISTRY_BASE ?= orangeopensource IMAGE_TAG ?= $(shell git describe --tags --abbrev=0 --match '[0-9].*[0-9].*[0-9]' 2>/dev/null) IMAGE_NAME ?= $(SERVICE_NAME) -BUILD_IMAGE ?= orangeopensource/nifikop-build -OPERATOR_SDK_VERSION=v0.18.0 # workdir WORKDIR := /go/nifikop @@ -50,115 +48,170 @@ ifeq ($(CIRCLE_BRANCH),master) PUSHLATEST := true endif -# Shell to use for running scripts -SHELL := $(shell which bash) +# The default action of this Makefile is to build the development docker image +default: build +all: manager -# Get docker path or an empty string -DOCKER := $(shell command -v docker) +# Default bundle image tag +BUNDLE_IMG ?= $(REPOSITORY)-bundle:$(VERSION) +# Options for 'bundle-build' +ifneq ($(origin CHANNELS), undefined) +BUNDLE_CHANNELS := --channels=$(CHANNELS) +endif +ifneq ($(origin DEFAULT_CHANNEL), undefined) +BUNDLE_DEFAULT_CHANNEL := --default-channel=$(DEFAULT_CHANNEL) +endif +BUNDLE_METADATA_OPTS ?= $(BUNDLE_CHANNELS) $(BUNDLE_DEFAULT_CHANNEL) -# Get the main unix group for the user running make (to be used by docker-compose later) -GID := $(shell id -g) -# Get the unix user id for the user running make (to be used by docker-compose later) -UID := $(shell id -u) +# ---- +# Produce CRDs that work back to Kubernetes 1.11 (no version conversion) +CRD_OPTIONS ?= "crd:trivialVersions=true,preserveUnknownFields=false" -# Commit hash from git -COMMIT=$(shell git rev-parse HEAD) +# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set) +ifeq (,$(shell go env GOBIN)) +GOBIN=$(shell go env GOPATH)/bin +else +GOBIN=$(shell go env GOBIN) +endif -# CMDs -UNIT_TEST_CMD := KUBERNETES_CONFIG=`pwd`/config/test-kube-config.yaml POD_NAME=test go test --cover --coverprofile=coverage.out `go list ./... | grep -v e2e` > test-report.out -UNIT_TEST_CMD_WITH_VENDOR := KUBERNETES_CONFIG=`pwd`/config/test-kube-config.yaml POD_NAME=test go test -mod=vendor --cover --coverprofile=coverage.out `go list -mod=vendor ./... | grep -v e2e` > test-report.out -UNIT_TEST_COVERAGE := go tool cover -html=coverage.out -o coverage.html -GO_GENERATE_CMD := go generate `go list ./... | grep -v /vendor/` -GO_LINT_CMD := golint `go list ./... | grep -v /vendor/` +# Build manager binary +manager: generate fmt vet + go build -o bin/manager main.go + +# Generate code +generate: controller-gen + @echo "Generate zzz-deepcopy objects" + $(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..." + +# Generate manifests e.g. CRD, RBAC etc. +manifests: controller-gen + $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases + +# Build the docker image +docker-build: + docker build -t $(REPOSITORY):$(VERSION) . + +build: manager manifests docker-build + +# Download controller-gen locally if necessary +CONTROLLER_GEN = $(shell pwd)/bin/controller-gen +controller-gen: + $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.1) + +# Run go fmt against code +fmt: + go fmt ./... + +# Run go vet against code +vet: + go vet ./... + +# Run tests +ENVTEST_ASSETS_DIR=$(shell pwd)/testbin +test: generate fmt vet manifests + mkdir -p ${ENVTEST_ASSETS_DIR} + test -f ${ENVTEST_ASSETS_DIR}/setup-envtest.sh || curl -sSLo ${ENVTEST_ASSETS_DIR}/setup-envtest.sh https://raw.githubusercontent.com/kubernetes-sigs/controller-runtime/v0.7.0/hack/setup-envtest.sh + source ${ENVTEST_ASSETS_DIR}/setup-envtest.sh; fetch_envtest_tools $(ENVTEST_ASSETS_DIR); setup_envtest_env $(ENVTEST_ASSETS_DIR); go test ./... -coverprofile cover.out; go tool cover -html=cover.out -o coverage.html + +test-with-vendor: generate fmt vet manifests + mkdir -p ${ENVTEST_ASSETS_DIR} + test -f ${ENVTEST_ASSETS_DIR}/setup-envtest.sh || curl -sSLo ${ENVTEST_ASSETS_DIR}/setup-envtest.sh https://raw.githubusercontent.com/kubernetes-sigs/controller-runtime/v0.7.0/hack/setup-envtest.sh + source ${ENVTEST_ASSETS_DIR}/setup-envtest.sh; fetch_envtest_tools $(ENVTEST_ASSETS_DIR); setup_envtest_env $(ENVTEST_ASSETS_DIR); go test -mod=vendor ./... -coverprofile cover.out; go tool cover -html=cover.out -o coverage.html + +# Run against the configured Kubernetes cluster in ~/.kube/config +run: generate fmt vet manifests + go run ./main.go + +# Install CRDs into a cluster +install: manifests kustomize + $(KUSTOMIZE) build config/crd | kubectl apply -f - + +# Uninstall CRDs from a cluster +uninstall: manifests kustomize + $(KUSTOMIZE) build config/crd | kubectl delete -f - + +# Deploy controller in the configured Kubernetes cluster in ~/.kube/config +deploy: manifests kustomize + cd config/manager && $(KUSTOMIZE) edit set image controller=$(REPOSITORY):$(VERSION) + $(KUSTOMIZE) build config/default | kubectl apply -f - + +# UnDeploy controller from the configured Kubernetes cluster in ~/.kube/config +undeploy: + $(KUSTOMIZE) build config/default | kubectl delete -f - + +# Download kustomize locally if necessary +KUSTOMIZE = $(shell pwd)/bin/kustomize +kustomize: + $(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.8.7) + +# go-get-tool will 'go get' any package $2 and install it to $1. +PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST)))) +define go-get-tool +@[ -f $(1) ] || { \ +set -e ;\ +TMP_DIR=$$(mktemp -d) ;\ +cd $$TMP_DIR ;\ +go mod init tmp ;\ +echo "Downloading $(2)" ;\ +GOBIN=$(PROJECT_DIR)/bin go get $(2) ;\ +rm -rf $$TMP_DIR ;\ +} +endef -# environment dirs -DEV_DIR := docker/build-image -APP_DIR := build/Dockerfile +# Generate bundle manifests and metadata, then validate generated files. +.PHONY: bundle +bundle: manifests kustomize + operator-sdk generate kustomize manifests -q + cd config/manager && $(KUSTOMIZE) edit set image controller=$(REPOSITORY):$(VERSION) + $(KUSTOMIZE) build config/manifests | operator-sdk generate bundle -q --overwrite --version $(VERSION) $(BUNDLE_METADATA_OPTS) + operator-sdk bundle validate ./bundle -# The default action of this Makefile is to build the development docker image -default: build +# Build the bundle image. +.PHONY: bundle-build +bundle-build: + docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) . + +helm-package: + @echo Packaging $(CHART_VERSION) +ifdef CHART_VERSION + echo $(CHART_VERSION) + helm package --version $(CHART_VERSION) helm/nifikop +else + CHART_VERSION=$(HELM_VERSION) + helm package helm/nifikop +endif + mv nifikop-$(CHART_VERSION).tgz $(HELM_TARGET_DIR) + helm repo index $(HELM_TARGET_DIR)/ + +# Push the docker image +docker-push: + docker push $(REPOSITORY):$(VERSION) +ifdef PUSHLATEST + docker push $(REPOSITORY):latest +endif +# ---- .DEFAULT_GOAL := help help: @grep -E '(^[a-zA-Z_-]+:.*?##.*$$)|(^##)' $(MAKEFILE_LIST) | awk 'BEGIN {FS = ":.*?## "}{printf "\033[32m%-30s\033[0m %s\n", $$1, $$2}' | sed -e 's/\[32m##/[33m/' -get-baseversion: - @echo $(BASEVERSION) - get-version: @echo $(VERSION) clean: @rm -rf $(OUT_BIN) || true - @rm -f apis/nificluster/v1alpha1/zz_generated.deepcopy.go || true - -helm-package: - @echo Packaging $(HELM_VERSION) - helm package helm/nifikop - mv nifikop-$(HELM_VERSION).tgz $(HELM_TARGET_DIR) - helm repo index $(HELM_TARGET_DIR)/ + @rm -f api/v1alpha1/zz_generated.deepcopy.go || true -.PHONY: generate -generate: - echo "Generate zzz-deepcopy objects" - operator-sdk version - operator-sdk generate k8s - mkdir -p deploy/crds/v1beta1 deploy/crds/v1 - operator-sdk generate crds - mv deploy/crds/nifi* deploy/crds/v1 - operator-sdk generate crds --crd-version v1beta1 - mv deploy/crds/nifi* deploy/crds/v1beta1 - mkdir -p helm/nifikop/crds - cp deploy/crds/v1/* helm/nifikop/crds - -# Build nifikop executable file in local go env -.PHONY: build -build: - echo "Generate zzz-deepcopy objects" - operator-sdk version - operator-sdk generate k8s - operator-sdk generate crds - echo "Build Nifi Operator" - operator-sdk build $(REPOSITORY):$(VERSION) --image-build-args "--build-arg https_proxy=$$https_proxy --build-arg http_proxy=$$http_proxy" -ifdef PUSHLATEST - docker tag $(REPOSITORY):$(VERSION) $(REPOSITORY):latest -endif +#Generate dep for graph +UNAME := $(shell uname -s) -# Run a shell into the development docker image -docker-build: ## Build the Operator and it's Docker Image - echo "Generate zzz-deepcopy objects" - docker run --rm -v $(PWD):$(WORKDIR) -v $(GOPATH)/pkg/mod:/go/pkg/mod \ - -v $(shell go env GOCACHE):/root/.cache/go-build --env GO111MODULE=on \ - --env https_proxy=$(https_proxy) --env http_proxy=$(http_proxy) \ - $(BUILD_IMAGE):$(OPERATOR_SDK_VERSION) /bin/bash -c 'operator-sdk generate k8s' - docker run --rm -v $(PWD):$(WORKDIR) -v $(GOPATH)/pkg/mod:/go/pkg/mod \ - -v $(shell go env GOCACHE):/root/.cache/go-build --env GO111MODULE=on \ - --env https_proxy=$(https_proxy) --env http_proxy=$(http_proxy) \ - $(BUILD_IMAGE):$(OPERATOR_SDK_VERSION) /bin/bash -c 'operator-sdk generate crds' - echo "Build NiFi Operator. Using cache from "$(shell go env GOCACHE) - docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v $(PWD):$(WORKDIR) \ - -v $(GOPATH)/pkg/mod:/go/pkg/mod -v $(shell go env GOCACHE):/root/.cache/go-build \ - --env GO111MODULE=on --env https_proxy=$(https_proxy) --env http_proxy=$(http_proxy) \ - $(BUILD_IMAGE):$(OPERATOR_SDK_VERSION) /bin/bash -c 'operator-sdk build $(REPOSITORY):$(VERSION) \ - --image-build-args "--build-arg https_proxy=$$https_proxy --build-arg http_proxy=$$http_proxy"' -ifdef PUSHLATEST - docker tag $(REPOSITORY):$(VERSION) $(REPOSITORY):latest +dep-graph: +ifeq ($(UNAME), Darwin) + dep status -dot | dot -T png | open -f -a /Applications/Preview.app endif - -# Build the docker development environment -build-ci-image: deps-development - docker build --cache-from $(BUILD_IMAGE):latest \ - --build-arg OPERATOR_SDK_VERSION=$(OPERATOR_SDK_VERSION) \ - -t $(BUILD_IMAGE):latest \ - -t $(BUILD_IMAGE):$(OPERATOR_SDK_VERSION) \ - -f $(DEV_DIR)/Dockerfile \ - . - -push-ci-image: deps-development - docker push $(BUILD_IMAGE):$(OPERATOR_SDK_VERSION) -ifdef PUSHLATEST - docker push $(BUILD_IMAGE):latest +ifeq ($(UNAME), Linux) + dep status -dot | dot -T png | display endif debug-port-forward: @@ -181,73 +234,4 @@ debug-telepresence: $(call debug_telepresence) debug-telepresence-with-alias: - $(call debug_telepresence,--also-proxy,10.40.0.0/16) - -# Run the development environment (in local go env) in the background using local ~/.kube/config -run: - export POD_NAME=nifikop; \ - operator-sdk up local - -push: - docker push $(REPOSITORY):$(VERSION) -ifdef PUSHLATEST - docker push $(REPOSITORY):latest -endif - -tag: - git tag $(VERSION) - -publish: - @COMMIT_VERSION="$$(git rev-list -n 1 $(VERSION))"; \ - docker tag $(REPOSITORY):"$$COMMIT_VERSION" $(REPOSITORY):$(VERSION) - docker push $(REPOSITORY):$(VERSION) -ifdef PUSHLATEST - docker push $(REPOSITORY):latest -endif - -release: tag image publish - -# Install CRDS and Deploy controller in -# the configured Kubernetes cluster in ~/.kube/config -deploy: generate - kubectl apply -f deploy/crds/nifi.orange.com_nificlusters_crd.yaml - kubectl apply -f deploy/. - -# Test stuff in dev -docker-unit-test: - docker run --env GO111MODULE=on --rm -v $(PWD):$(WORKDIR) -v $(GOPATH)/pkg/mod:/go/pkg/mod -v $(shell go env GOCACHE):/root/.cache/go-build $(BUILD_IMAGE):$(OPERATOR_SDK_VERSION) /bin/bash -c '$(UNIT_TEST_CMD); cat test-report.out; $(UNIT_TEST_COVERAGE)' - -docker-unit-test-with-vendor: - docker run --env GO111MODULE=on --rm -v $(PWD):$(WORKDIR) -v $(GOPATH)/pkg/mod:/go/pkg/mod -v $(shell go env GOCACHE):/root/.cache/go-build $(BUILD_IMAGE):$(OPERATOR_SDK_VERSION) /bin/bash -c '$(UNIT_TEST_CMD_WITH_VENDOR); cat test-report.out; $(UNIT_TEST_COVERAGE)' - -unit-test: - $(UNIT_TEST_CMD) && echo "success!" || { echo "failure!"; cat test-report.out; exit 1; } - cat test-report.out - $(UNIT_TEST_COVERAGE) - -unit-test-with-vendor: - $(UNIT_TEST_CMD_WITH_VENDOR) && echo "success!" || { echo "failure!"; cat test-report.out; exit 1; } - cat test-report.out - $(UNIT_TEST_COVERAGE) - -# golint is not fully supported by modules yet - https://github.com/golang/lint/issues/409 -go-lint: - $(GO_LINT_CMD) - -# Test if the dependencies we need to run this Makefile are installed -deps-development: -ifndef DOCKER - @echo "Docker is not available. Please install docker" - @exit 1 -endif - -#Generate dep for graph -UNAME := $(shell uname -s) - -dep-graph: -ifeq ($(UNAME), Darwin) - dep status -dot | dot -T png | open -f -a /Applications/Preview.app -endif -ifeq ($(UNAME), Linux) - dep status -dot | dot -T png | display -endif \ No newline at end of file + $(call debug_telepresence,--also-proxy,10.40.0.0/16) \ No newline at end of file diff --git a/PROJECT b/PROJECT new file mode 100644 index 000000000..303c43078 --- /dev/null +++ b/PROJECT @@ -0,0 +1,33 @@ +domain: orange.com +layout: go.kubebuilder.io/v3 +projectName: nifikop +repo: github.com/Orange-OpenSource/nifikop +resources: +- crdVersion: v1 + group: nifi + kind: NifiCluster + version: v1alpha1 +- crdVersion: v1 + group: nifi + kind: NifiUserGroup + version: v1alpha1 +- crdVersion: v1 + group: nifi + kind: NifiUser + version: v1alpha1 +- crdVersion: v1 + group: nifi + kind: NifiRegistryClient + version: v1alpha1 +- crdVersion: v1 + group: nifi + kind: NifiDataflow + version: v1alpha1 +- crdVersion: v1 + group: nifi + kind: NifiParameterContext + version: v1alpha1 +version: 3-alpha +plugins: + manifests.sdk.operatorframework.io/v2: {} + scorecard.sdk.operatorframework.io/v2: {} diff --git a/pkg/apis/nifi/v1alpha1/common_types.go b/api/v1alpha1/common_types.go similarity index 99% rename from pkg/apis/nifi/v1alpha1/common_types.go rename to api/v1alpha1/common_types.go index c58a1ca19..41ec6c76b 100644 --- a/pkg/apis/nifi/v1alpha1/common_types.go +++ b/api/v1alpha1/common_types.go @@ -157,7 +157,7 @@ func (a *AccessPolicy) GetResource(cluster *NifiCluster) string { return fmt.Sprintf("%s/%s/%s", resource, a.ComponentType, componentId) } -const( +const ( // Global access policies govern the following system level authorizations GlobalAccessPolicyType AccessPolicyType = "global" // Component level access policies govern the following component level authorizations diff --git a/api/v1alpha1/groupversion_info.go b/api/v1alpha1/groupversion_info.go new file mode 100644 index 000000000..749a9b2e1 --- /dev/null +++ b/api/v1alpha1/groupversion_info.go @@ -0,0 +1,36 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Package v1alpha1 contains API Schema definitions for the nifi v1alpha1 API group +// +kubebuilder:object:generate=true +// +groupName=nifi.orange.com +package v1alpha1 + +import ( + "k8s.io/apimachinery/pkg/runtime/schema" + "sigs.k8s.io/controller-runtime/pkg/scheme" +) + +var ( + // GroupVersion is group version used to register these objects + GroupVersion = schema.GroupVersion{Group: "nifi.orange.com", Version: "v1alpha1"} + + // SchemeBuilder is used to add go types to the GroupVersionKind scheme + SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} + + // AddToScheme adds the types in this group-version to the given scheme. + AddToScheme = SchemeBuilder.AddToScheme +) diff --git a/pkg/apis/nifi/v1alpha1/nificluster_types.go b/api/v1alpha1/nificluster_types.go similarity index 96% rename from pkg/apis/nifi/v1alpha1/nificluster_types.go rename to api/v1alpha1/nificluster_types.go index a1ac9c045..4c7061273 100644 --- a/pkg/apis/nifi/v1alpha1/nificluster_types.go +++ b/api/v1alpha1/nificluster_types.go @@ -1,26 +1,27 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ package v1alpha1 import ( - "strings" - cmmeta "github.com/jetstack/cert-manager/pkg/apis/meta/v1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "strings" ) const ( @@ -61,9 +62,9 @@ type NifiClusterSpec struct { // propage PropagateLabels bool `json:"propagateLabels,omitempty"` // managedAdminUsers contains the list of users that will be added to the managed admin group (with all rights) - ManagedAdminUsers []ManagedUser `json:"managedAdminUsers,omitempty""` + ManagedAdminUsers []ManagedUser `json:"managedAdminUsers,omitempty"` // managedReaderUsers contains the list of users that will be added to the managed reader group (with all view rights) - ManagedReaderUsers []ManagedUser `json:"managedReaderUsers,omitempty""` + ManagedReaderUsers []ManagedUser `json:"managedReaderUsers,omitempty"` // readOnlyConfig specifies the read-only type Nifi config cluster wide, all theses // will be merged with node specified readOnly configurations, so it can be overwritten per node. ReadOnlyConfig ReadOnlyConfig `json:"readOnlyConfig,omitempty"` @@ -109,18 +110,6 @@ type PodPolicy struct { // rollingUpgradeConfig specifies the rolling upgrade config for the cluster //RollingUpgradeConfig RollingUpgradeConfig `json:"rollingUpgradeConfig"` -// NifiClusterStatus defines the observed state of NifiCluster -type NifiClusterStatus struct { - // Store the state of each nifi node - NodesState map[string]NodeState `json:"nodesState,omitempty"` - // ClusterState holds info about the cluster state - State ClusterState `json:"state"` - // RollingUpgradeStatus defines status of rolling upgrade - RollingUpgrade RollingUpgradeStatus `json:"rollingUpgradeStatus,omitempty"` - // RootProcessGroupId contains the uuid of the root process group for this cluster - RootProcessGroupId string `json:"rootProcessGroupId,omitempty"` -} - // RollingUpgradeStatus defines status of rolling upgrade type RollingUpgradeStatus struct { // @@ -336,11 +325,22 @@ type NifiClusterTaskSpec struct { RetryDurationMinutes int `json:"retryDurationMinutes"` } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// NifiClusterStatus defines the observed state of NifiCluster +type NifiClusterStatus struct { + // Store the state of each nifi node + NodesState map[string]NodeState `json:"nodesState,omitempty"` + // ClusterState holds info about the cluster state + State ClusterState `json:"state"` + // RollingUpgradeStatus defines status of rolling upgrade + RollingUpgrade RollingUpgradeStatus `json:"rollingUpgradeStatus,omitempty"` + // RootProcessGroupId contains the uuid of the root process group for this cluster + RootProcessGroupId string `json:"rootProcessGroupId,omitempty"` +} + +// +kubebuilder:object:root=true +// +kubebuilder:subresource:status // NifiCluster is the Schema for the nificlusters API -// +kubebuilder:subresource:status -// +kubebuilder:resource:path=nificlusters,scope=Namespaced type NifiCluster struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` @@ -349,6 +349,19 @@ type NifiCluster struct { Status NifiClusterStatus `json:"status,omitempty"` } +// +kubebuilder:object:root=true + +// NifiClusterList contains a list of NifiCluster +type NifiClusterList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []NifiCluster `json:"items"` +} + +func init() { + SchemeBuilder.Register(&NifiCluster{}, &NifiClusterList{}) +} + type ManagedUser struct { // identity field is use to define the user identity on NiFi cluster side, // it use full when the user's name doesn't suite with Kubernetes resource name. @@ -365,19 +378,6 @@ func (u *ManagedUser) GetIdentity() string { return u.Identity } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object - -// NifiClusterList contains a list of NifiCluster -type NifiClusterList struct { - metav1.TypeMeta `json:",inline"` - metav1.ListMeta `json:"metadata,omitempty"` - Items []NifiCluster `json:"items"` -} - -func init() { - SchemeBuilder.Register(&NifiCluster{}, &NifiClusterList{}) -} - // GetZkPath returns the default "/" ZkPath if not specified otherwise func (nSpec *NifiClusterSpec) GetZkPath() string { const prefix = "/" @@ -502,4 +502,4 @@ func (nProperties NifiProperties) GetAuthorizer() string { return nProperties.Authorizer } return "managed-authorizer" -} \ No newline at end of file +} diff --git a/pkg/apis/nifi/v1alpha1/nifidataflow_types.go b/api/v1alpha1/nifidataflow_types.go similarity index 87% rename from pkg/apis/nifi/v1alpha1/nifidataflow_types.go rename to api/v1alpha1/nifidataflow_types.go index e22d71687..3a253eb3b 100644 --- a/pkg/apis/nifi/v1alpha1/nifidataflow_types.go +++ b/api/v1alpha1/nifidataflow_types.go @@ -1,11 +1,29 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + // NifiDataflowSpec defines the desired state of NifiDataflow -// +k8s:openapi-gen=true type NifiDataflowSpec struct { // the UUID of the parent process group where you want to deploy your dataflow, if not set deploy at root level. ParentProcessGroupID string `json:"parentProcessGroupID,omitempty"` @@ -89,7 +107,6 @@ type DropRequest struct { } // NifiDataflowStatus defines the observed state of NifiDataflow -// +k8s:openapi-gen=true type NifiDataflowStatus struct { // process Group ID ProcessGroupID string `json:"processGroupID"` @@ -101,11 +118,10 @@ type NifiDataflowStatus struct { LatestDropRequest *DropRequest `json:"latestDropRequest,omitempty"` } -// Nifi Dataflow is the Schema for the nifi dataflow API -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +k8s:openapi-gen=true // +kubebuilder:object:root=true // +kubebuilder:subresource:status + +// NifiDataflow is the Schema for the nifidataflows API type NifiDataflow struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` @@ -114,7 +130,8 @@ type NifiDataflow struct { Status NifiDataflowStatus `json:"status,omitempty"` } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true + // NifiDataflowList contains a list of NifiDataflow type NifiDataflowList struct { metav1.TypeMeta `json:",inline"` @@ -139,4 +156,3 @@ func (d *NifiDataflowSpec) GetParentProcessGroupID(cluster *NifiCluster) string } return d.ParentProcessGroupID } - diff --git a/pkg/apis/nifi/v1alpha1/nifiparametercontext_types.go b/api/v1alpha1/nifiparametercontext_types.go similarity index 76% rename from pkg/apis/nifi/v1alpha1/nifiparametercontext_types.go rename to api/v1alpha1/nifiparametercontext_types.go index 728cae338..bac1c86d2 100644 --- a/pkg/apis/nifi/v1alpha1/nifiparametercontext_types.go +++ b/api/v1alpha1/nifiparametercontext_types.go @@ -1,11 +1,29 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + // NifiParameterContextSpec defines the desired state of NifiParameterContext -// +k8s:openapi-gen=true type NifiParameterContextSpec struct { // the Description of the Parameter Context. Description string `json:"description,omitempty"` @@ -27,7 +45,6 @@ type Parameter struct { } // NifiParameterContextStatus defines the observed state of NifiParameterContext -// +k8s:openapi-gen=true type NifiParameterContextStatus struct { // the nifi parameter context id. Id string `json:"id"` @@ -56,11 +73,10 @@ type ParameterContextUpdateRequest struct { State string `json:"state"` } -// NifiParameterContext is the Schema for the nifi parameter context API -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +k8s:openapi-gen=true // +kubebuilder:object:root=true // +kubebuilder:subresource:status + +// NifiParameterContext is the Schema for the nifiparametercontexts API type NifiParameterContext struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` @@ -69,7 +85,7 @@ type NifiParameterContext struct { Status NifiParameterContextStatus `json:"status,omitempty"` } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true // NifiParameterContextList contains a list of NifiParameterContext type NifiParameterContextList struct { diff --git a/pkg/apis/nifi/v1alpha1/nifiregistryclient_types.go b/api/v1alpha1/nifiregistryclient_types.go similarity index 63% rename from pkg/apis/nifi/v1alpha1/nifiregistryclient_types.go rename to api/v1alpha1/nifiregistryclient_types.go index f89f90fb0..0659547e6 100644 --- a/pkg/apis/nifi/v1alpha1/nifiregistryclient_types.go +++ b/api/v1alpha1/nifiregistryclient_types.go @@ -1,11 +1,29 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1alpha1 import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + // NifiRegistryClientSpec defines the desired state of NifiRegistryClient -// +k8s:openapi-gen=true type NifiRegistryClientSpec struct { // The URI of the NiFi registry that should be used for pulling the flow. Uri string `json:"uri"` @@ -16,7 +34,6 @@ type NifiRegistryClientSpec struct { } // NifiRegistryClientStatus defines the observed state of NifiRegistryClient -// +k8s:openapi-gen=true type NifiRegistryClientStatus struct { // The nifi registry client's id Id string `json:"id"` @@ -24,11 +41,10 @@ type NifiRegistryClientStatus struct { Version int64 `json:"version"` } -// Nifi Registry Client is the Schema for the nifi registry client API -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +k8s:openapi-gen=true // +kubebuilder:object:root=true // +kubebuilder:subresource:status + +// NifiRegistryClient is the Schema for the nifiregistryclients API type NifiRegistryClient struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` @@ -37,7 +53,7 @@ type NifiRegistryClient struct { Status NifiRegistryClientStatus `json:"status,omitempty"` } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true // NifiRegistryClientList contains a list of NifiRegistryClient type NifiRegistryClientList struct { diff --git a/pkg/apis/nifi/v1alpha1/nifiuser_types.go b/api/v1alpha1/nifiuser_types.go similarity index 71% rename from pkg/apis/nifi/v1alpha1/nifiuser_types.go rename to api/v1alpha1/nifiuser_types.go index 2f230a61f..e36a47567 100644 --- a/pkg/apis/nifi/v1alpha1/nifiuser_types.go +++ b/api/v1alpha1/nifiuser_types.go @@ -1,16 +1,18 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ package v1alpha1 @@ -18,8 +20,10 @@ import ( metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + // NifiUserSpec defines the desired state of NifiUser -// +k8s:openapi-gen=true type NifiUserSpec struct { // identity field is used to define the user identity on NiFi cluster side, when the user's name doesn't // suit with Kubernetes resource name. @@ -39,7 +43,6 @@ type NifiUserSpec struct { } // NifiUserStatus defines the observed state of NifiUser -// +k8s:openapi-gen=true type NifiUserStatus struct { // The nifi user's node id Id string `json:"id"` @@ -47,11 +50,10 @@ type NifiUserStatus struct { Version int64 `json:"version"` } -// Nifi User is the Schema for the nifi users API -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +k8s:openapi-gen=true // +kubebuilder:object:root=true // +kubebuilder:subresource:status + +// NifiUser is the Schema for the nifiusers API type NifiUser struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` @@ -60,7 +62,7 @@ type NifiUser struct { Status NifiUserStatus `json:"status,omitempty"` } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true // NifiUserList contains a list of NifiUser type NifiUserList struct { diff --git a/pkg/apis/nifi/v1alpha1/nifiusergroup_types.go b/api/v1alpha1/nifiusergroup_types.go similarity index 65% rename from pkg/apis/nifi/v1alpha1/nifiusergroup_types.go rename to api/v1alpha1/nifiusergroup_types.go index cf991aa95..0acb753f6 100644 --- a/pkg/apis/nifi/v1alpha1/nifiusergroup_types.go +++ b/api/v1alpha1/nifiusergroup_types.go @@ -1,13 +1,30 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + package v1alpha1 import ( "fmt" - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) +// EDIT THIS FILE! THIS IS SCAFFOLDING FOR YOU TO OWN! +// NOTE: json tags are required. Any new fields you add must have json tags for the fields to be serialized. + // NifiUserGroupSpec defines the desired state of NifiUserGroup -// +k8s:openapi-gen=true type NifiUserGroupSpec struct { // clusterRef contains the reference to the NifiCluster with the one the registry client is linked. ClusterRef ClusterReference `json:"clusterRef"` @@ -18,7 +35,6 @@ type NifiUserGroupSpec struct { } // NifiUserGroupStatus defines the observed state of NifiUserGroup -// +k8s:openapi-gen=true type NifiUserGroupStatus struct { // The nifi usergroup's node id Id string `json:"id"` @@ -26,11 +42,10 @@ type NifiUserGroupStatus struct { Version int64 `json:"version"` } -// Nifi Registry Client is the Schema for the nifi registry client API -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object -// +k8s:openapi-gen=true // +kubebuilder:object:root=true // +kubebuilder:subresource:status + +// NifiUserGroup is the Schema for the nifiusergroups API type NifiUserGroup struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` @@ -39,7 +54,7 @@ type NifiUserGroup struct { Status NifiUserGroupStatus `json:"status,omitempty"` } -// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object +// +kubebuilder:object:root=true // NifiUserGroupList contains a list of NifiUserGroup type NifiUserGroupList struct { diff --git a/pkg/apis/nifi/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go similarity index 98% rename from pkg/apis/nifi/v1alpha1/zz_generated.deepcopy.go rename to api/v1alpha1/zz_generated.deepcopy.go index 21a32e308..d39233b2e 100644 --- a/pkg/apis/nifi/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -1,19 +1,34 @@ // +build !ignore_autogenerated -// Code generated by operator-sdk. DO NOT EDIT. +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +// Code generated by controller-gen. DO NOT EDIT. package v1alpha1 import ( metav1 "github.com/jetstack/cert-manager/pkg/apis/meta/v1" - v1 "k8s.io/api/core/v1" + "k8s.io/api/core/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *AccessPolicy) DeepCopyInto(out *AccessPolicy) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessPolicy. @@ -29,7 +44,6 @@ func (in *AccessPolicy) DeepCopy() *AccessPolicy { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *BootstrapProperties) DeepCopyInto(out *BootstrapProperties) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BootstrapProperties. @@ -45,7 +59,6 @@ func (in *BootstrapProperties) DeepCopy() *BootstrapProperties { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ClusterReference) DeepCopyInto(out *ClusterReference) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterReference. @@ -61,7 +74,6 @@ func (in *ClusterReference) DeepCopy() *ClusterReference { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DisruptionBudget) DeepCopyInto(out *DisruptionBudget) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DisruptionBudget. @@ -77,7 +89,6 @@ func (in *DisruptionBudget) DeepCopy() *DisruptionBudget { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DropRequest) DeepCopyInto(out *DropRequest) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DropRequest. @@ -93,7 +104,6 @@ func (in *DropRequest) DeepCopy() *DropRequest { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ExternalListenerConfig) DeepCopyInto(out *ExternalListenerConfig) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalListenerConfig. @@ -109,7 +119,6 @@ func (in *ExternalListenerConfig) DeepCopy() *ExternalListenerConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *GracefulActionState) DeepCopyInto(out *GracefulActionState) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GracefulActionState. @@ -125,7 +134,6 @@ func (in *GracefulActionState) DeepCopy() *GracefulActionState { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InternalListenerConfig) DeepCopyInto(out *InternalListenerConfig) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InternalListenerConfig. @@ -141,7 +149,6 @@ func (in *InternalListenerConfig) DeepCopy() *InternalListenerConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LdapConfiguration) DeepCopyInto(out *LdapConfiguration) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LdapConfiguration. @@ -167,7 +174,6 @@ func (in *ListenersConfig) DeepCopyInto(out *ListenersConfig) { *out = new(SSLSecrets) (*in).DeepCopyInto(*out) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListenersConfig. @@ -183,7 +189,6 @@ func (in *ListenersConfig) DeepCopy() *ListenersConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ManagedUser) DeepCopyInto(out *ManagedUser) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ManagedUser. @@ -203,7 +208,6 @@ func (in *NifiCluster) DeepCopyInto(out *NifiCluster) { in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiCluster. @@ -236,7 +240,6 @@ func (in *NifiClusterList) DeepCopyInto(out *NifiClusterList) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiClusterList. @@ -298,7 +301,6 @@ func (in *NifiClusterSpec) DeepCopyInto(out *NifiClusterSpec) { out.LdapConfiguration = in.LdapConfiguration out.NifiClusterTaskSpec = in.NifiClusterTaskSpec in.ListenersConfig.DeepCopyInto(&out.ListenersConfig) - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiClusterSpec. @@ -322,7 +324,6 @@ func (in *NifiClusterStatus) DeepCopyInto(out *NifiClusterStatus) { } } out.RollingUpgrade = in.RollingUpgrade - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiClusterStatus. @@ -338,7 +339,6 @@ func (in *NifiClusterStatus) DeepCopy() *NifiClusterStatus { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NifiClusterTaskSpec) DeepCopyInto(out *NifiClusterTaskSpec) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiClusterTaskSpec. @@ -358,7 +358,6 @@ func (in *NifiDataflow) DeepCopyInto(out *NifiDataflow) { in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiDataflow. @@ -391,7 +390,6 @@ func (in *NifiDataflowList) DeepCopyInto(out *NifiDataflowList) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiDataflowList. @@ -436,7 +434,6 @@ func (in *NifiDataflowSpec) DeepCopyInto(out *NifiDataflowSpec) { *out = new(RegistryClientReference) **out = **in } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiDataflowSpec. @@ -462,7 +459,6 @@ func (in *NifiDataflowStatus) DeepCopyInto(out *NifiDataflowStatus) { *out = new(DropRequest) **out = **in } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiDataflowStatus. @@ -482,7 +478,6 @@ func (in *NifiParameterContext) DeepCopyInto(out *NifiParameterContext) { in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) in.Status.DeepCopyInto(&out.Status) - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiParameterContext. @@ -515,7 +510,6 @@ func (in *NifiParameterContextList) DeepCopyInto(out *NifiParameterContextList) (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiParameterContextList. @@ -550,7 +544,6 @@ func (in *NifiParameterContextSpec) DeepCopyInto(out *NifiParameterContextSpec) *out = make([]SecretReference, len(*in)) copy(*out, *in) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiParameterContextSpec. @@ -571,7 +564,6 @@ func (in *NifiParameterContextStatus) DeepCopyInto(out *NifiParameterContextStat *out = new(ParameterContextUpdateRequest) **out = **in } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiParameterContextStatus. @@ -592,7 +584,6 @@ func (in *NifiProperties) DeepCopyInto(out *NifiProperties) { *out = make([]string, len(*in)) copy(*out, *in) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiProperties. @@ -612,7 +603,6 @@ func (in *NifiRegistryClient) DeepCopyInto(out *NifiRegistryClient) { in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) out.Spec = in.Spec out.Status = in.Status - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiRegistryClient. @@ -645,7 +635,6 @@ func (in *NifiRegistryClientList) DeepCopyInto(out *NifiRegistryClientList) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiRegistryClientList. @@ -670,7 +659,6 @@ func (in *NifiRegistryClientList) DeepCopyObject() runtime.Object { func (in *NifiRegistryClientSpec) DeepCopyInto(out *NifiRegistryClientSpec) { *out = *in out.ClusterRef = in.ClusterRef - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiRegistryClientSpec. @@ -686,7 +674,6 @@ func (in *NifiRegistryClientSpec) DeepCopy() *NifiRegistryClientSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NifiRegistryClientStatus) DeepCopyInto(out *NifiRegistryClientStatus) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiRegistryClientStatus. @@ -706,7 +693,6 @@ func (in *NifiUser) DeepCopyInto(out *NifiUser) { in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) out.Status = in.Status - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUser. @@ -734,7 +720,6 @@ func (in *NifiUserGroup) DeepCopyInto(out *NifiUserGroup) { in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) in.Spec.DeepCopyInto(&out.Spec) out.Status = in.Status - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUserGroup. @@ -767,7 +752,6 @@ func (in *NifiUserGroupList) DeepCopyInto(out *NifiUserGroupList) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUserGroupList. @@ -802,7 +786,6 @@ func (in *NifiUserGroupSpec) DeepCopyInto(out *NifiUserGroupSpec) { *out = make([]AccessPolicy, len(*in)) copy(*out, *in) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUserGroupSpec. @@ -818,7 +801,6 @@ func (in *NifiUserGroupSpec) DeepCopy() *NifiUserGroupSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NifiUserGroupStatus) DeepCopyInto(out *NifiUserGroupStatus) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUserGroupStatus. @@ -843,7 +825,6 @@ func (in *NifiUserList) DeepCopyInto(out *NifiUserList) { (*in)[i].DeepCopyInto(&(*out)[i]) } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUserList. @@ -883,7 +864,6 @@ func (in *NifiUserSpec) DeepCopyInto(out *NifiUserSpec) { *out = make([]AccessPolicy, len(*in)) copy(*out, *in) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUserSpec. @@ -899,7 +879,6 @@ func (in *NifiUserSpec) DeepCopy() *NifiUserSpec { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *NifiUserStatus) DeepCopyInto(out *NifiUserStatus) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NifiUserStatus. @@ -925,7 +904,6 @@ func (in *Node) DeepCopyInto(out *Node) { *out = new(NodeConfig) (*in).DeepCopyInto(*out) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Node. @@ -994,7 +972,6 @@ func (in *NodeConfig) DeepCopyInto(out *NodeConfig) { (*out)[key] = val } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeConfig. @@ -1011,7 +988,6 @@ func (in *NodeConfig) DeepCopy() *NodeConfig { func (in *NodeState) DeepCopyInto(out *NodeState) { *out = *in out.GracefulActionState = in.GracefulActionState - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NodeState. @@ -1027,7 +1003,6 @@ func (in *NodeState) DeepCopy() *NodeState { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Parameter) DeepCopyInto(out *Parameter) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Parameter. @@ -1043,7 +1018,6 @@ func (in *Parameter) DeepCopy() *Parameter { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ParameterContextReference) DeepCopyInto(out *ParameterContextReference) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParameterContextReference. @@ -1059,7 +1033,6 @@ func (in *ParameterContextReference) DeepCopy() *ParameterContextReference { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ParameterContextUpdateRequest) DeepCopyInto(out *ParameterContextUpdateRequest) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ParameterContextUpdateRequest. @@ -1082,7 +1055,6 @@ func (in *PodPolicy) DeepCopyInto(out *PodPolicy) { (*out)[key] = val } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PodPolicy. @@ -1101,7 +1073,6 @@ func (in *ReadOnlyConfig) DeepCopyInto(out *ReadOnlyConfig) { in.NifiProperties.DeepCopyInto(&out.NifiProperties) out.ZookeeperProperties = in.ZookeeperProperties out.BootstrapProperties = in.BootstrapProperties - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReadOnlyConfig. @@ -1117,7 +1088,6 @@ func (in *ReadOnlyConfig) DeepCopy() *ReadOnlyConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RegistryClientReference) DeepCopyInto(out *RegistryClientReference) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RegistryClientReference. @@ -1133,7 +1103,6 @@ func (in *RegistryClientReference) DeepCopy() *RegistryClientReference { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *RollingUpgradeStatus) DeepCopyInto(out *RollingUpgradeStatus) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RollingUpgradeStatus. @@ -1154,7 +1123,6 @@ func (in *SSLSecrets) DeepCopyInto(out *SSLSecrets) { *out = new(metav1.ObjectReference) **out = **in } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SSLSecrets. @@ -1170,7 +1138,6 @@ func (in *SSLSecrets) DeepCopy() *SSLSecrets { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SecretReference) DeepCopyInto(out *SecretReference) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference. @@ -1193,7 +1160,6 @@ func (in *ServicePolicy) DeepCopyInto(out *ServicePolicy) { (*out)[key] = val } } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServicePolicy. @@ -1214,7 +1180,6 @@ func (in *StorageConfig) DeepCopyInto(out *StorageConfig) { *out = new(v1.PersistentVolumeClaimSpec) (*in).DeepCopyInto(*out) } - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StorageConfig. @@ -1230,7 +1195,6 @@ func (in *StorageConfig) DeepCopy() *StorageConfig { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UpdateRequest) DeepCopyInto(out *UpdateRequest) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UpdateRequest. @@ -1246,7 +1210,6 @@ func (in *UpdateRequest) DeepCopy() *UpdateRequest { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *UserReference) DeepCopyInto(out *UserReference) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserReference. @@ -1262,7 +1225,6 @@ func (in *UserReference) DeepCopy() *UserReference { // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ZookeeperProperties) DeepCopyInto(out *ZookeeperProperties) { *out = *in - return } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ZookeeperProperties. diff --git a/build/bin/entrypoint b/build/bin/entrypoint deleted file mode 100755 index 7c11ed7ab..000000000 --- a/build/bin/entrypoint +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -e - -# This is documented here: -# https://docs.openshift.com/container-platform/3.11/creating_images/guidelines.html#openshift-specific-guidelines - -if ! whoami &>/dev/null; then - if [ -w /etc/passwd ]; then - echo "${USER_NAME:-nifikop}:x:$(id -u):$(id -g):${USER_NAME:-nifikop} user:${HOME}:/sbin/nologin" >> /etc/passwd - fi -fi - -exec ${OPERATOR} $@ diff --git a/build/bin/user_setup b/build/bin/user_setup deleted file mode 100755 index 1e36064cb..000000000 --- a/build/bin/user_setup +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/sh -set -x - -# ensure $HOME exists and is accessible by group 0 (we don't know what the runtime UID will be) -mkdir -p ${HOME} -chown ${USER_UID}:0 ${HOME} -chmod ug+rwx ${HOME} - -# runtime user will need to be able to self-insert in /etc/passwd -chmod g+rw /etc/passwd - -# no need for this script to remain in the image after running -rm $0 diff --git a/cmd/manager/main.go b/cmd/manager/main.go deleted file mode 100644 index e30e311d5..000000000 --- a/cmd/manager/main.go +++ /dev/null @@ -1,244 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package main - -import ( - "context" - "errors" - "flag" - "fmt" - "os" - "runtime" - "strings" - - certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - "github.com/operator-framework/operator-sdk/pkg/ready" - "github.com/sirupsen/logrus" - "sigs.k8s.io/controller-runtime/pkg/cache" - - // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) - _ "k8s.io/client-go/plugin/pkg/client/auth" - "k8s.io/client-go/rest" - - "github.com/Orange-OpenSource/nifikop/pkg/apis" - "github.com/Orange-OpenSource/nifikop/pkg/controller" - "github.com/Orange-OpenSource/nifikop/version" - - "github.com/operator-framework/operator-sdk/pkg/k8sutil" - kubemetrics "github.com/operator-framework/operator-sdk/pkg/kube-metrics" - "github.com/operator-framework/operator-sdk/pkg/leader" - "github.com/operator-framework/operator-sdk/pkg/log/zap" - "github.com/operator-framework/operator-sdk/pkg/metrics" - sdkVersion "github.com/operator-framework/operator-sdk/version" - "github.com/spf13/pflag" - v1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/util/intstr" - "sigs.k8s.io/controller-runtime/pkg/client/config" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/manager/signals" -) - -// Change below variables to serve metrics on different host or port. -// TODO: work on exporting metrics (check casskop work about it) -var ( - metricsHost = "0.0.0.0" - metricsPort int32 = 8383 - operatorMetricsPort int32 = 8686 -) -var log = logf.Log.WithName("cmd") - -func printVersion() { - // TODO: Choose the most appropriate log module - log.Info(fmt.Sprintf("Operator Version: %s", version.Version)) - log.Info(fmt.Sprintf("Go Version: %s", runtime.Version())) - log.Info(fmt.Sprintf("Go OS/Arch: %s/%s", runtime.GOOS, runtime.GOARCH)) - log.Info(fmt.Sprintf("Version of operator-sdk: %v", sdkVersion.Version)) -} - -func main() { - var namespaces string - - flag.StringVar(&namespaces, "namespaces", "", "Comma separated list of namespaces where operator listens for resources") - flag.Parse() - - // Add the zap logger flag set to the CLI. The flag set must - // be added before calling pflag.Parse(). - pflag.CommandLine.AddFlagSet(zap.FlagSet()) - - // Add flags registered by imported packages (e.g. glog and - // controller-runtime) - pflag.CommandLine.AddGoFlagSet(flag.CommandLine) - - pflag.Parse() - - // Use a zap logr.Logger implementation. If none of the zap - // flags are configured (or if the zap flag set is not being - // used), this defaults to a production zap logger. - // - // The logger instantiated here can be changed to any logger - // implementing the logr.Logger interface. This logger will - // be propagated through the whole operator, generating - // uniform and structured logs. - logf.SetLogger(zap.Logger()) - - printVersion() - - managerWatchCache := (cache.NewCacheFunc)(nil) - var namespaceList []string - if namespaces == "" { - namespace, err := k8sutil.GetWatchNamespace() - if err != nil { - logrus.Error(err, "failed to get watch namespace") - os.Exit(1) - } - namespaceList = append(namespaceList, namespace) - managerWatchCache = cache.MultiNamespacedCacheBuilder(namespaceList) - } else if namespaces != "*" { - namespaceList = strings.Split(namespaces, ",") - for i := range namespaceList { - namespaceList[i] = strings.TrimSpace(namespaceList[i]) - } - managerWatchCache = cache.MultiNamespacedCacheBuilder(namespaceList) - } - - // Get a config to talk to the apiserver - cfg, err := config.GetConfig() - if err != nil { - log.Error(err, "") - os.Exit(1) - } - - ctx := context.TODO() - // Become the leader before proceeding - err = leader.Become(ctx, "nifikop-lock") - if err != nil { - log.Error(err, "") - os.Exit(1) - } - - // NewFileReady returns a Ready that uses the presence of a file on disk to - // communicate whether the operator is ready. The operator's Pod definition - // "stat /tmp/operator-sdk-ready". - logrus.Info("Writing ready file.") - r := ready.NewFileReady() - err = r.Set() - if err != nil { - logrus.Error(err) - os.Exit(1) - } - defer r.Unset() - - // Create a new Cmd to provide shared dependencies and start components - mgr, err := manager.New(cfg, manager.Options{ - //Namespace: namespace, - NewCache: managerWatchCache, - MetricsBindAddress: fmt.Sprintf("%s:%d", metricsHost, metricsPort), - }) - if err != nil { - log.Error(err, "") - os.Exit(1) - } - - log.Info("Registering Components.") - // Setup Scheme for all resources - if err := apis.AddToScheme(mgr.GetScheme()); err != nil { - log.Error(err, "") - os.Exit(1) - } - - if err := certv1.AddToScheme(mgr.GetScheme()); err != nil { - log.Error(err, "") - os.Exit(1) - } - - // Setup all Controllers - if err := controller.AddToManager(mgr, namespaceList); err != nil { - log.Error(err, "") - os.Exit(1) - } - - // Add the Metrics Service - //addMetrics(ctx, cfg, namespace) - - log.Info("Starting manager.") - - // Start the Cmd - if err := mgr.Start(signals.SetupSignalHandler()); err != nil { - log.Error(err, "Manager exited non-zero") - os.Exit(1) - } -} - -// addMetrics will create the Services and Service Monitors to allow the operator export the metrics by using -// the Prometheus operator -func addMetrics(ctx context.Context, cfg *rest.Config, namespace string) { - if err := serveCRMetrics(cfg); err != nil { - if errors.Is(err, k8sutil.ErrRunLocal) { - log.Info("Skipping CR metrics server creation; not running in a cluster.") - return - } - log.Info("Could not generate and serve custom resource metrics", "error", err.Error()) - } - - // Add to the below struct any other metrics ports you want to expose. - servicePorts := []v1.ServicePort{ - {Port: metricsPort, Name: metrics.OperatorPortName, Protocol: v1.ProtocolTCP, TargetPort: intstr.IntOrString{Type: intstr.Int, IntVal: metricsPort}}, - {Port: operatorMetricsPort, Name: metrics.CRPortName, Protocol: v1.ProtocolTCP, TargetPort: intstr.IntOrString{Type: intstr.Int, IntVal: operatorMetricsPort}}, - } - - // Create Service object to expose the metrics port(s). - service, err := metrics.CreateMetricsService(ctx, cfg, servicePorts) - if err != nil { - log.Info("Could not create metrics Service", "error", err.Error()) - } - - // CreateServiceMonitors will automatically create the prometheus-operator ServiceMonitor resources - // necessary to configure Prometheus to scrape metrics from this operator. - services := []*v1.Service{service} - _, err = metrics.CreateServiceMonitors(cfg, namespace, services) - if err != nil { - log.Info("Could not create ServiceMonitor object", "error", err.Error()) - // If this operator is deployed to a cluster without the prometheus-operator running, it will return - // ErrServiceMonitorNotPresent, which can be used to safely skip ServiceMonitor creation. - if err == metrics.ErrServiceMonitorNotPresent { - log.Info("Install prometheus-operator in your cluster to create ServiceMonitor objects", "error", err.Error()) - } - } -} - -// serveCRMetrics gets the Operator/CustomResource GVKs and generates metrics based on those types. -// It serves those metrics on "http://metricsHost:operatorMetricsPort". -func serveCRMetrics(cfg *rest.Config) error { - // Below function returns filtered operator/CustomResource specific GVKs. - // For more control override the below GVK list with your own custom logic. - filteredGVK, err := k8sutil.GetGVKsFromAddToScheme(apis.AddToScheme) - if err != nil { - return err - } - // Get the namespace the operator is currently deployed in. - operatorNs, err := k8sutil.GetOperatorNamespace() - if err != nil { - return err - } - // To generate metrics in other namespaces, add the values below. - ns := []string{operatorNs} - // Generate and serve custom resource specific metrics. - err = kubemetrics.GenerateAndServeCRMetrics(cfg, ns, filteredGVK, metricsHost, operatorMetricsPort) - if err != nil { - return err - } - return nil -} diff --git a/config/certmanager/certificate.yaml b/config/certmanager/certificate.yaml new file mode 100644 index 000000000..52d866183 --- /dev/null +++ b/config/certmanager/certificate.yaml @@ -0,0 +1,25 @@ +# The following manifests contain a self-signed issuer CR and a certificate CR. +# More document can be found at https://docs.cert-manager.io +# WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes. +apiVersion: cert-manager.io/v1 +kind: Issuer +metadata: + name: selfsigned-issuer + namespace: system +spec: + selfSigned: {} +--- +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + namespace: system +spec: + # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + dnsNames: + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc + - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize diff --git a/config/certmanager/kustomization.yaml b/config/certmanager/kustomization.yaml new file mode 100644 index 000000000..bebea5a59 --- /dev/null +++ b/config/certmanager/kustomization.yaml @@ -0,0 +1,5 @@ +resources: +- certificate.yaml + +configurations: +- kustomizeconfig.yaml diff --git a/config/certmanager/kustomizeconfig.yaml b/config/certmanager/kustomizeconfig.yaml new file mode 100644 index 000000000..90d7c313c --- /dev/null +++ b/config/certmanager/kustomizeconfig.yaml @@ -0,0 +1,16 @@ +# This configuration is for teaching kustomize how to update name ref and var substitution +nameReference: +- kind: Issuer + group: cert-manager.io + fieldSpecs: + - kind: Certificate + group: cert-manager.io + path: spec/issuerRef/name + +varReference: +- kind: Certificate + group: cert-manager.io + path: spec/commonName +- kind: Certificate + group: cert-manager.io + path: spec/dnsNames diff --git a/deploy/crds/v1/nifi.orange.com_nificlusters_crd.yaml b/config/crd/bases/nifi.orange.com_nificlusters.yaml similarity index 98% rename from deploy/crds/v1/nifi.orange.com_nificlusters_crd.yaml rename to config/crd/bases/nifi.orange.com_nificlusters.yaml index 84eef63a8..698650d2c 100644 --- a/deploy/crds/v1/nifi.orange.com_nificlusters_crd.yaml +++ b/config/crd/bases/nifi.orange.com_nificlusters.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nificlusters.nifi.orange.com spec: group: nifi.orange.com @@ -127,9 +132,10 @@ spec: type: object fieldRef: description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, metadata.labels, - metadata.annotations, spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -595,6 +601,7 @@ spec: be referred to by services. type: string protocol: + default: TCP description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string @@ -851,6 +858,30 @@ spec: to the container. type: string type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object windowsOptions: description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext @@ -2525,3 +2556,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/nifikop/crds/nifi.orange.com_nifidataflows_crd.yaml b/config/crd/bases/nifi.orange.com_nifidataflows.yaml similarity index 97% rename from helm/nifikop/crds/nifi.orange.com_nifidataflows_crd.yaml rename to config/crd/bases/nifi.orange.com_nifidataflows.yaml index 62c68edb1..265322bfd 100644 --- a/helm/nifikop/crds/nifi.orange.com_nifidataflows_crd.yaml +++ b/config/crd/bases/nifi.orange.com_nifidataflows.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifidataflows.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi Dataflow is the Schema for the nifi dataflow API + description: NifiDataflow is the Schema for the nifidataflows API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -247,3 +252,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/nifikop/crds/nifi.orange.com_nifiparametercontexts_crd.yaml b/config/crd/bases/nifi.orange.com_nifiparametercontexts.yaml similarity index 96% rename from helm/nifikop/crds/nifi.orange.com_nifiparametercontexts_crd.yaml rename to config/crd/bases/nifi.orange.com_nifiparametercontexts.yaml index 2f3f41a98..a70c23709 100644 --- a/helm/nifikop/crds/nifi.orange.com_nifiparametercontexts_crd.yaml +++ b/config/crd/bases/nifi.orange.com_nifiparametercontexts.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiparametercontexts.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: NifiParameterContext is the Schema for the nifi parameter context + description: NifiParameterContext is the Schema for the nifiparametercontexts API properties: apiVersion: @@ -143,3 +148,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/crds/v1/nifi.orange.com_nifiregistryclients_crd.yaml b/config/crd/bases/nifi.orange.com_nifiregistryclients.yaml similarity index 91% rename from deploy/crds/v1/nifi.orange.com_nifiregistryclients_crd.yaml rename to config/crd/bases/nifi.orange.com_nifiregistryclients.yaml index 37de0aa59..e604f891f 100644 --- a/deploy/crds/v1/nifi.orange.com_nifiregistryclients_crd.yaml +++ b/config/crd/bases/nifi.orange.com_nifiregistryclients.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiregistryclients.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi Registry Client is the Schema for the nifi registry client + description: NifiRegistryClient is the Schema for the nifiregistryclients API properties: apiVersion: @@ -73,3 +78,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/nifikop/crds/nifi.orange.com_nifiusergroups_crd.yaml b/config/crd/bases/nifi.orange.com_nifiusergroups.yaml similarity index 95% rename from helm/nifikop/crds/nifi.orange.com_nifiusergroups_crd.yaml rename to config/crd/bases/nifi.orange.com_nifiusergroups.yaml index f6626892e..b3777280c 100644 --- a/helm/nifikop/crds/nifi.orange.com_nifiusergroups_crd.yaml +++ b/config/crd/bases/nifi.orange.com_nifiusergroups.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiusergroups.nifi.orange.com spec: group: nifi.orange.com @@ -14,8 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi Registry Client is the Schema for the nifi registry client - API + description: NifiUserGroup is the Schema for the nifiusergroups API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -138,3 +142,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/crds/v1/nifi.orange.com_nifiusers_crd.yaml b/config/crd/bases/nifi.orange.com_nifiusers.yaml similarity index 95% rename from deploy/crds/v1/nifi.orange.com_nifiusers_crd.yaml rename to config/crd/bases/nifi.orange.com_nifiusers.yaml index 4d8a7b227..f3b6ab4d4 100644 --- a/deploy/crds/v1/nifi.orange.com_nifiusers_crd.yaml +++ b/config/crd/bases/nifi.orange.com_nifiusers.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiusers.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi User is the Schema for the nifi users API + description: NifiUser is the Schema for the nifiusers API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -144,3 +149,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml new file mode 100644 index 000000000..76325506e --- /dev/null +++ b/config/crd/kustomization.yaml @@ -0,0 +1,37 @@ +# This kustomization.yaml is not intended to be run by itself, +# since it depends on service name and namespace that are out of this kustomize package. +# It should be run by config/default +resources: +- bases/nifi.orange.com_nificlusters.yaml +- bases/nifi.orange.com_nifiusers.yaml +- bases/nifi.orange.com_nifiusergroups.yaml +- bases/nifi.orange.com_nifidataflows.yaml +- bases/nifi.orange.com_nifiparametercontexts.yaml + +- bases/nifi.orange.com_nifiregistryclients.yaml +# +kubebuilder:scaffold:crdkustomizeresource + +patchesStrategicMerge: +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. +# patches here are for enabling the conversion webhook for each CRD +#- patches/webhook_in_nificlusters.yaml +#- patches/webhook_in_nifiusers.yaml +#- patches/webhook_in_nifiusergroups.yaml +#- patches/webhook_in_nifidataflows.yaml +#- patches/webhook_in_nifiparametercontexts.yaml +#- patches/webhook_in_nifiregistryclients.yaml +# +kubebuilder:scaffold:crdkustomizewebhookpatch + +# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix. +# patches here are for enabling the CA injection for each CRD +#- patches/cainjection_in_nificlusters.yaml +#- patches/cainjection_in_nifiusers.yaml +#- patches/cainjection_in_nifiusergroups.yaml +#- patches/cainjection_in_nifidataflows.yaml +#- patches/cainjection_in_nifiparametercontexts.yaml +#- patches/cainjection_in_nifiregistryclients.yaml +# +kubebuilder:scaffold:crdkustomizecainjectionpatch + +# the following config is for teaching kustomize how to do kustomization for CRDs. +configurations: +- kustomizeconfig.yaml diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml new file mode 100644 index 000000000..ec5c150a9 --- /dev/null +++ b/config/crd/kustomizeconfig.yaml @@ -0,0 +1,19 @@ +# This file is for teaching kustomize how to substitute name and namespace reference in CRD +nameReference: +- kind: Service + version: v1 + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name + +namespace: +- kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false + +varReference: +- path: metadata/annotations diff --git a/config/crd/patches/cainjection_in_nificlusters.yaml b/config/crd/patches/cainjection_in_nificlusters.yaml new file mode 100644 index 000000000..affc4f67e --- /dev/null +++ b/config/crd/patches/cainjection_in_nificlusters.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: nificlusters.nifi.orange.com diff --git a/config/crd/patches/cainjection_in_nifidataflows.yaml b/config/crd/patches/cainjection_in_nifidataflows.yaml new file mode 100644 index 000000000..901876cff --- /dev/null +++ b/config/crd/patches/cainjection_in_nifidataflows.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: nifidataflows.nifi.orange.com diff --git a/config/crd/patches/cainjection_in_nifiparametercontexts.yaml b/config/crd/patches/cainjection_in_nifiparametercontexts.yaml new file mode 100644 index 000000000..7d9954cfb --- /dev/null +++ b/config/crd/patches/cainjection_in_nifiparametercontexts.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: nifiparametercontexts.nifi.orange.com diff --git a/config/crd/patches/cainjection_in_nifiregistryclients.yaml b/config/crd/patches/cainjection_in_nifiregistryclients.yaml new file mode 100644 index 000000000..1ba95e62d --- /dev/null +++ b/config/crd/patches/cainjection_in_nifiregistryclients.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: nifiregistryclients.nifi.orange.com diff --git a/config/crd/patches/cainjection_in_nifiusergroups.yaml b/config/crd/patches/cainjection_in_nifiusergroups.yaml new file mode 100644 index 000000000..19dd118d8 --- /dev/null +++ b/config/crd/patches/cainjection_in_nifiusergroups.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: nifiusergroups.nifi.orange.com diff --git a/config/crd/patches/cainjection_in_nifiusers.yaml b/config/crd/patches/cainjection_in_nifiusers.yaml new file mode 100644 index 000000000..3d2c71843 --- /dev/null +++ b/config/crd/patches/cainjection_in_nifiusers.yaml @@ -0,0 +1,7 @@ +# The following patch adds a directive for certmanager to inject CA into the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) + name: nifiusers.nifi.orange.com diff --git a/config/crd/patches/webhook_in_nificlusters.yaml b/config/crd/patches/webhook_in_nificlusters.yaml new file mode 100644 index 000000000..bf96c7633 --- /dev/null +++ b/config/crd/patches/webhook_in_nificlusters.yaml @@ -0,0 +1,14 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: nificlusters.nifi.orange.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert diff --git a/config/crd/patches/webhook_in_nifidataflows.yaml b/config/crd/patches/webhook_in_nifidataflows.yaml new file mode 100644 index 000000000..fbcc32581 --- /dev/null +++ b/config/crd/patches/webhook_in_nifidataflows.yaml @@ -0,0 +1,14 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: nifidataflows.nifi.orange.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert diff --git a/config/crd/patches/webhook_in_nifiparametercontexts.yaml b/config/crd/patches/webhook_in_nifiparametercontexts.yaml new file mode 100644 index 000000000..46d5de85d --- /dev/null +++ b/config/crd/patches/webhook_in_nifiparametercontexts.yaml @@ -0,0 +1,14 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: nifiparametercontexts.nifi.orange.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert diff --git a/config/crd/patches/webhook_in_nifiregistryclients.yaml b/config/crd/patches/webhook_in_nifiregistryclients.yaml new file mode 100644 index 000000000..ab109f60e --- /dev/null +++ b/config/crd/patches/webhook_in_nifiregistryclients.yaml @@ -0,0 +1,14 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: nifiregistryclients.nifi.orange.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert diff --git a/config/crd/patches/webhook_in_nifiusergroups.yaml b/config/crd/patches/webhook_in_nifiusergroups.yaml new file mode 100644 index 000000000..01b967810 --- /dev/null +++ b/config/crd/patches/webhook_in_nifiusergroups.yaml @@ -0,0 +1,14 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: nifiusergroups.nifi.orange.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert diff --git a/config/crd/patches/webhook_in_nifiusers.yaml b/config/crd/patches/webhook_in_nifiusers.yaml new file mode 100644 index 000000000..033b3d1c9 --- /dev/null +++ b/config/crd/patches/webhook_in_nifiusers.yaml @@ -0,0 +1,14 @@ +# The following patch enables a conversion webhook for the CRD +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + name: nifiusers.nifi.orange.com +spec: + conversion: + strategy: Webhook + webhook: + clientConfig: + service: + namespace: system + name: webhook-service + path: /convert diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml new file mode 100644 index 000000000..737f2d55e --- /dev/null +++ b/config/default/kustomization.yaml @@ -0,0 +1,74 @@ +# Adds namespace to all resources. +namespace: nifikop-system + +# Value of this field is prepended to the +# names of all resources, e.g. a deployment named +# "wordpress" becomes "alices-wordpress". +# Note that it should also match with the prefix (text before '-') of the namespace +# field above. +namePrefix: nifikop- + +# Labels to add to all resources and selectors. +#commonLabels: +# someName: someValue + +bases: +- ../crd +- ../rbac +- ../manager +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# crd/kustomization.yaml +#- ../webhook +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. +#- ../certmanager +# [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. +#- ../prometheus + +patchesStrategicMerge: +# Protect the /metrics endpoint by putting it behind auth. +# If you want your controller-manager to expose the /metrics +# endpoint w/o any authn/z, please comment the following line. +- manager_auth_proxy_patch.yaml + +# Mount the controller config file for loading manager configurations +# through a ComponentConfig type +#- manager_config_patch.yaml + +# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in +# crd/kustomization.yaml +#- manager_webhook_patch.yaml + +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. +# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. +# 'CERTMANAGER' needs to be enabled to use ca injection +#- webhookcainjection_patch.yaml + +# the following config is for teaching kustomize how to do var substitution +vars: +# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. +#- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR +# objref: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert # this name should match the one in certificate.yaml +# fieldref: +# fieldpath: metadata.namespace +#- name: CERTIFICATE_NAME +# objref: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert # this name should match the one in certificate.yaml +#- name: SERVICE_NAMESPACE # namespace of the service +# objref: +# kind: Service +# version: v1 +# name: webhook-service +# fieldref: +# fieldpath: metadata.namespace +#- name: SERVICE_NAME +# objref: +# kind: Service +# version: v1 +# name: webhook-service diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml new file mode 100644 index 000000000..49b1f1ab3 --- /dev/null +++ b/config/default/manager_auth_proxy_patch.yaml @@ -0,0 +1,26 @@ +# This patch inject a sidecar container which is a HTTP proxy for the +# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: kube-rbac-proxy + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + args: + - "--secure-listen-address=0.0.0.0:8443" + - "--upstream=http://127.0.0.1:8080/" + - "--logtostderr=true" + - "--v=10" + ports: + - containerPort: 8443 + name: https + - name: manager + args: + - "--health-probe-bind-address=:8081" + - "--metrics-bind-address=127.0.0.1:8080" + - "--leader-elect" diff --git a/config/default/manager_config_patch.yaml b/config/default/manager_config_patch.yaml new file mode 100644 index 000000000..6c400155c --- /dev/null +++ b/config/default/manager_config_patch.yaml @@ -0,0 +1,20 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--config=controller_manager_config.yaml" + volumeMounts: + - name: manager-config + mountPath: /controller_manager_config.yaml + subPath: controller_manager_config.yaml + volumes: + - name: manager-config + configMap: + name: manager-config diff --git a/config/manager/controller_manager_config.yaml b/config/manager/controller_manager_config.yaml new file mode 100644 index 000000000..62438a7c7 --- /dev/null +++ b/config/manager/controller_manager_config.yaml @@ -0,0 +1,11 @@ +apiVersion: controller-runtime.sigs.k8s.io/v1alpha1 +kind: ControllerManagerConfig +health: + healthProbeBindAddress: :8081 +metrics: + bindAddress: 127.0.0.1:8080 +webhook: + port: 9443 +leaderElection: + leaderElect: true + resourceName: 14ddbdff.orange.com diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml new file mode 100644 index 000000000..2bcd3eeaa --- /dev/null +++ b/config/manager/kustomization.yaml @@ -0,0 +1,10 @@ +resources: +- manager.yaml + +generatorOptions: + disableNameSuffixHash: true + +configMapGenerator: +- name: manager-config + files: + - controller_manager_config.yaml diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml new file mode 100644 index 000000000..70e3f6acf --- /dev/null +++ b/config/manager/manager.yaml @@ -0,0 +1,55 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: system +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system + labels: + control-plane: controller-manager +spec: + selector: + matchLabels: + control-plane: controller-manager + replicas: 1 + template: + metadata: + labels: + control-plane: controller-manager + spec: + securityContext: + runAsUser: 65532 + containers: + - command: + - /manager + args: + - --leader-elect + image: controller:latest + name: manager + securityContext: + allowPrivilegeEscalation: false + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 30Mi + requests: + cpu: 100m + memory: 20Mi + terminationGracePeriodSeconds: 10 diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml new file mode 100644 index 000000000..ed137168a --- /dev/null +++ b/config/prometheus/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- monitor.yaml diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml new file mode 100644 index 000000000..9b8047b76 --- /dev/null +++ b/config/prometheus/monitor.yaml @@ -0,0 +1,16 @@ + +# Prometheus Monitor Service (Metrics) +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-monitor + namespace: system +spec: + endpoints: + - path: /metrics + port: https + selector: + matchLabels: + control-plane: controller-manager diff --git a/config/rbac/auth_proxy_client_clusterrole.yaml b/config/rbac/auth_proxy_client_clusterrole.yaml new file mode 100644 index 000000000..bd4af137a --- /dev/null +++ b/config/rbac/auth_proxy_client_clusterrole.yaml @@ -0,0 +1,7 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: metrics-reader +rules: +- nonResourceURLs: ["/metrics"] + verbs: ["get"] diff --git a/config/rbac/auth_proxy_role.yaml b/config/rbac/auth_proxy_role.yaml new file mode 100644 index 000000000..618f5e417 --- /dev/null +++ b/config/rbac/auth_proxy_role.yaml @@ -0,0 +1,13 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: proxy-role +rules: +- apiGroups: ["authentication.k8s.io"] + resources: + - tokenreviews + verbs: ["create"] +- apiGroups: ["authorization.k8s.io"] + resources: + - subjectaccessreviews + verbs: ["create"] diff --git a/config/rbac/auth_proxy_role_binding.yaml b/config/rbac/auth_proxy_role_binding.yaml new file mode 100644 index 000000000..48ed1e4b8 --- /dev/null +++ b/config/rbac/auth_proxy_role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: system diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml new file mode 100644 index 000000000..6cf656be1 --- /dev/null +++ b/config/rbac/auth_proxy_service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml new file mode 100644 index 000000000..66c28338f --- /dev/null +++ b/config/rbac/kustomization.yaml @@ -0,0 +1,12 @@ +resources: +- role.yaml +- role_binding.yaml +- leader_election_role.yaml +- leader_election_role_binding.yaml +# Comment the following 4 lines if you want to disable +# the auth proxy (https://github.com/brancz/kube-rbac-proxy) +# which protects your /metrics endpoint. +- auth_proxy_service.yaml +- auth_proxy_role.yaml +- auth_proxy_role_binding.yaml +- auth_proxy_client_clusterrole.yaml diff --git a/config/rbac/leader_election_role.yaml b/config/rbac/leader_election_role.yaml new file mode 100644 index 000000000..6334cc51c --- /dev/null +++ b/config/rbac/leader_election_role.yaml @@ -0,0 +1,27 @@ +# permissions to do leader election. +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: leader-election-role +rules: +- apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch diff --git a/deploy/role_binding.yaml b/config/rbac/leader_election_role_binding.yaml similarity index 61% rename from deploy/role_binding.yaml rename to config/rbac/leader_election_role_binding.yaml index 49945aad0..eed16906f 100644 --- a/deploy/role_binding.yaml +++ b/config/rbac/leader_election_role_binding.yaml @@ -1,11 +1,12 @@ -kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding metadata: - name: nifikop -subjects: -- kind: ServiceAccount - name: nifikop + name: leader-election-rolebinding roleRef: - kind: Role - name: nifikop apiGroup: rbac.authorization.k8s.io + kind: Role + name: leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: system diff --git a/config/rbac/nificluster_editor_role.yaml b/config/rbac/nificluster_editor_role.yaml new file mode 100644 index 000000000..96fe7e152 --- /dev/null +++ b/config/rbac/nificluster_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit nificlusters. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nificluster-editor-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nificlusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nificlusters/status + verbs: + - get diff --git a/config/rbac/nificluster_viewer_role.yaml b/config/rbac/nificluster_viewer_role.yaml new file mode 100644 index 000000000..6b575c3c6 --- /dev/null +++ b/config/rbac/nificluster_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view nificlusters. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nificluster-viewer-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nificlusters + verbs: + - get + - list + - watch +- apiGroups: + - nifi.orange.com + resources: + - nificlusters/status + verbs: + - get diff --git a/config/rbac/nifidataflow_editor_role.yaml b/config/rbac/nifidataflow_editor_role.yaml new file mode 100644 index 000000000..27ea222f8 --- /dev/null +++ b/config/rbac/nifidataflow_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit nifidataflows. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifidataflow-editor-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifidataflows + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifidataflows/status + verbs: + - get diff --git a/config/rbac/nifidataflow_viewer_role.yaml b/config/rbac/nifidataflow_viewer_role.yaml new file mode 100644 index 000000000..5e026c0ed --- /dev/null +++ b/config/rbac/nifidataflow_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view nifidataflows. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifidataflow-viewer-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifidataflows + verbs: + - get + - list + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifidataflows/status + verbs: + - get diff --git a/config/rbac/nifiparametercontext_editor_role.yaml b/config/rbac/nifiparametercontext_editor_role.yaml new file mode 100644 index 000000000..4ee53553e --- /dev/null +++ b/config/rbac/nifiparametercontext_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit nifiparametercontexts. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiparametercontext-editor-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiparametercontexts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiparametercontexts/status + verbs: + - get diff --git a/config/rbac/nifiparametercontext_viewer_role.yaml b/config/rbac/nifiparametercontext_viewer_role.yaml new file mode 100644 index 000000000..b287abeca --- /dev/null +++ b/config/rbac/nifiparametercontext_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view nifiparametercontexts. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiparametercontext-viewer-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiparametercontexts + verbs: + - get + - list + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiparametercontexts/status + verbs: + - get diff --git a/config/rbac/nifiregistryclient_editor_role.yaml b/config/rbac/nifiregistryclient_editor_role.yaml new file mode 100644 index 000000000..ea9d66b9a --- /dev/null +++ b/config/rbac/nifiregistryclient_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit nifiregistryclients. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiregistryclient-editor-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiregistryclients + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiregistryclients/status + verbs: + - get diff --git a/config/rbac/nifiregistryclient_viewer_role.yaml b/config/rbac/nifiregistryclient_viewer_role.yaml new file mode 100644 index 000000000..0074c6d24 --- /dev/null +++ b/config/rbac/nifiregistryclient_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view nifiregistryclients. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiregistryclient-viewer-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiregistryclients + verbs: + - get + - list + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiregistryclients/status + verbs: + - get diff --git a/config/rbac/nifiuser_editor_role.yaml b/config/rbac/nifiuser_editor_role.yaml new file mode 100644 index 000000000..60692254e --- /dev/null +++ b/config/rbac/nifiuser_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit nifiusers. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiuser-editor-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiusers/status + verbs: + - get diff --git a/config/rbac/nifiuser_viewer_role.yaml b/config/rbac/nifiuser_viewer_role.yaml new file mode 100644 index 000000000..0481c66db --- /dev/null +++ b/config/rbac/nifiuser_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view nifiusers. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiuser-viewer-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiusers + verbs: + - get + - list + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiusers/status + verbs: + - get diff --git a/config/rbac/nifiusergroup_editor_role.yaml b/config/rbac/nifiusergroup_editor_role.yaml new file mode 100644 index 000000000..0ee5c7fb5 --- /dev/null +++ b/config/rbac/nifiusergroup_editor_role.yaml @@ -0,0 +1,24 @@ +# permissions for end users to edit nifiusergroups. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiusergroup-editor-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiusergroups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiusergroups/status + verbs: + - get diff --git a/config/rbac/nifiusergroup_viewer_role.yaml b/config/rbac/nifiusergroup_viewer_role.yaml new file mode 100644 index 000000000..bfbbc27f0 --- /dev/null +++ b/config/rbac/nifiusergroup_viewer_role.yaml @@ -0,0 +1,20 @@ +# permissions for end users to view nifiusergroups. +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: nifiusergroup-viewer-role +rules: +- apiGroups: + - nifi.orange.com + resources: + - nifiusergroups + verbs: + - get + - list + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiusergroups/status + verbs: + - get diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml new file mode 100644 index 000000000..81ec0c9e3 --- /dev/null +++ b/config/rbac/role.yaml @@ -0,0 +1,287 @@ + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: manager-role +rules: +- apiGroups: + - "" + resources: + - configmaps + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - nodes + verbs: + - get + - list + - watch +- apiGroups: + - "" + resources: + - persistentvolumeclaims + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - pods + verbs: + - create + - delete + - get + - list + - update + - watch +- apiGroups: + - "" + resources: + - secrets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - "" + resources: + - services + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cert-manager.io + resources: + - certificates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cert-manager.io + resources: + - clusterissuers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - cert-manager.io + resources: + - issuers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nificlusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nificlusters/finalizers + verbs: + - update +- apiGroups: + - nifi.orange.com + resources: + - nificlusters/status + verbs: + - get + - patch + - update +- apiGroups: + - nifi.orange.com + resources: + - nifidataflows + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifidataflows/finalizers + verbs: + - update +- apiGroups: + - nifi.orange.com + resources: + - nifidataflows/status + verbs: + - get + - patch + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiparametercontexts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiparametercontexts/finalizers + verbs: + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiparametercontexts/status + verbs: + - get + - patch + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiregistryclients + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiregistryclients/finalizers + verbs: + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiregistryclients/status + verbs: + - get + - patch + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiusergroups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiusergroups/finalizers + verbs: + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiusergroups/status + verbs: + - get + - patch + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - nifi.orange.com + resources: + - nifiusers/finalizers + verbs: + - update +- apiGroups: + - nifi.orange.com + resources: + - nifiusers/status + verbs: + - get + - patch + - update +- apiGroups: + - policy + resources: + - poddisruptionbudgets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch diff --git a/config/rbac/role_binding.yaml b/config/rbac/role_binding.yaml new file mode 100644 index 000000000..8f2658702 --- /dev/null +++ b/config/rbac/role_binding.yaml @@ -0,0 +1,12 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: manager-role +subjects: +- kind: ServiceAccount + name: default + namespace: system diff --git a/config/samples/dataflow/dataflow-dev.yaml b/config/samples/dataflow/dataflow-dev.yaml deleted file mode 100644 index c2a226da6..000000000 --- a/config/samples/dataflow/dataflow-dev.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: nifi.orange.com/v1alpha1 -kind: NifiDataflow -metadata: - name: dataflow-lifecycle-dev -spec: - parentProcessGroupID: "16cfd2ec-0174-1000-0000-00004b9b35cc" - bucketId: "01ced6cc-0378-4893-9403-f6c70d080d4f" - flowId: "8fefc874-0c93-4ce5-ba53-1672f0b59aaa" - flowVersion: 5 - runOnce: true - skipInvalidControllerService: true - skipInvalidComponent: true - clusterRef: - name: nc - namespace: nifikop - registryClientRef: - name: squidflow - namespace: nifikop - parameterContextRef: - name: dataflow-lifecycle-dev - namespace: nifikop - updateStrategy: drop \ No newline at end of file diff --git a/config/samples/dataflow/demo-config-dev.yaml b/config/samples/dataflow/demo-config-dev.yaml deleted file mode 100644 index 93e8c1b0b..000000000 --- a/config/samples/dataflow/demo-config-dev.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# kubectl create secret generic secret-params --from-literal=secret1=yop --from-literal=secret2=yep -apiVersion: nifi.orange.com/v1alpha1 -kind: NifiParameterContext -metadata: - name: dataflow-lifecycle-dev -spec: - description: "Contains dev configuration" - clusterRef: - name: nc - namespace: nifikop - secretRefs: - - name: secret-params-dev - namespace: nifikop - parameters: - - name: value1 - value: dev3 - description: "First variable" - - name: value2 - value: dev - description: "Second variable" - - name: value3 - value: dev - description: "Third variable" - - name: value4 - value: dev - description: "Fourth variable" \ No newline at end of file diff --git a/config/samples/dataflow/prod/dataflow-prod.yaml b/config/samples/dataflow/prod/dataflow-prod.yaml deleted file mode 100644 index 50c3f4d50..000000000 --- a/config/samples/dataflow/prod/dataflow-prod.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: nifi.orange.com/v1alpha1 -kind: NifiDataflow -metadata: - name: dataflow-lifecycle-prod -spec: - parentProcessGroupID: "4dbcb875-0174-1000-217b-30a14fdd33ef" - bucketId: "01ced6cc-0378-4893-9403-f6c70d080d4f" - flowId: "8fefc874-0c93-4ce5-ba53-1672f0b59aaa" - flowVersion: 7 - runOnce: false - skipInvalidControllerService: true - skipInvalidComponent: true - clusterRef: - name: nc - namespace: nifikop - registryClientRef: - name: squidflow - namespace: nifikop - parameterContextRef: - name: dataflow-lifecycle-prod - namespace: nifikop - updateStrategy: drain \ No newline at end of file diff --git a/config/samples/dataflow/prod/demo-config-prod.yaml b/config/samples/dataflow/prod/demo-config-prod.yaml deleted file mode 100644 index ac61906b6..000000000 --- a/config/samples/dataflow/prod/demo-config-prod.yaml +++ /dev/null @@ -1,26 +0,0 @@ -# kubectl create secret generic secret-params --from-literal=secret1=yop --from-literal=secret2=yep -apiVersion: nifi.orange.com/v1alpha1 -kind: NifiParameterContext -metadata: - name: dataflow-lifecycle-prod -spec: - description: "Contains prod configuration" - clusterRef: - name: nc - namespace: nifikop - secretRefs: - - name: secret-params-prod - namespace: nifikop - parameters: - - name: value1 - value: prod1 - description: "First variable" - - name: value2 - value: prod2 - description: "Second variable" - - name: value3 - value: prod3 - description: "Third variable" - - name: value4 - value: prod4 - description: "Fourth variable" \ No newline at end of file diff --git a/config/samples/dataflow/prod/secret-prod.yaml b/config/samples/dataflow/prod/secret-prod.yaml deleted file mode 100644 index d8a8cd1ff..000000000 --- a/config/samples/dataflow/prod/secret-prod.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-params-prod -type: Opaque -data: - secret1: toto - secret2: titi - secret3: tutu \ No newline at end of file diff --git a/config/samples/dataflow/secret-dev.yaml b/config/samples/dataflow/secret-dev.yaml deleted file mode 100644 index 4a497959f..000000000 --- a/config/samples/dataflow/secret-dev.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secret-params-dev -type: Opaque -data: - secret1: toto - secret2: titi - secret5: titi - secret4: tuot \ No newline at end of file diff --git a/config/samples/dataflow/squidflow-registry.yaml b/config/samples/dataflow/squidflow-registry.yaml deleted file mode 100644 index 98a472008..000000000 --- a/config/samples/dataflow/squidflow-registry.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: nifi.orange.com/v1alpha1 -kind: NifiRegistryClient -metadata: - name: squidflow -spec: - clusterRef: - name: nc - namespace: nifikop - description: "Squidflow demo test" - uri: "http://nifi-registry-service:18080" diff --git a/config/samples/dex/Readme.MD b/config/samples/dex/Readme.MD deleted file mode 100644 index bd721e08b..000000000 --- a/config/samples/dex/Readme.MD +++ /dev/null @@ -1,10 +0,0 @@ - -helm install dex \ - stable-ext/dex \ - --set crd.present=true \ - --set service.type=LoadBalancer \ - --set config.issuer=http://dex.orange.trycatchlearn.fr:32000 \ - -f docs/tutorials/secured_nifi_cluster_on_gcp_with_external_dns/kubernetes/dex/values.yaml - -kubectl apply -f \ - docs/tutorials/secured_nifi_cluster_on_gcp_with_external_dns/kubernetes/nifi/secured_nifi_cluster_dex.yaml \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/authcodes.yaml b/config/samples/dex/crds/v1beta1/authcodes.yaml deleted file mode 100644 index 8f24c36c8..000000000 --- a/config/samples/dex/crds/v1beta1/authcodes.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: authcodes.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: AuthCode - listKind: AuthCodeList - plural: authcodes - singular: authcode - version: v1 \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/authrequests.yaml b/config/samples/dex/crds/v1beta1/authrequests.yaml deleted file mode 100644 index e66b41637..000000000 --- a/config/samples/dex/crds/v1beta1/authrequests.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: authrequests.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: AuthRequest - listKind: AuthRequestList - plural: authrequests - singular: authrequest - version: v1 \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/connectors.yaml b/config/samples/dex/crds/v1beta1/connectors.yaml deleted file mode 100644 index a59e86be2..000000000 --- a/config/samples/dex/crds/v1beta1/connectors.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: connectors.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: Connector - listKind: ConnectorList - plural: connectors - singular: connector - version: v1 \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/oauth2clients.yaml b/config/samples/dex/crds/v1beta1/oauth2clients.yaml deleted file mode 100644 index 9677d996e..000000000 --- a/config/samples/dex/crds/v1beta1/oauth2clients.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: oauth2clients.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: OAuth2Client - listKind: OAuth2ClientList - plural: oauth2clients - singular: oauth2client - version: v1 \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/offlinesessionses.yaml b/config/samples/dex/crds/v1beta1/offlinesessionses.yaml deleted file mode 100644 index 89d81fcf3..000000000 --- a/config/samples/dex/crds/v1beta1/offlinesessionses.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: offlinesessionses.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: OfflineSessions - listKind: OfflineSessionsList - plural: offlinesessionses - singular: offlinesessions - version: v1 \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/passwords.yaml b/config/samples/dex/crds/v1beta1/passwords.yaml deleted file mode 100644 index d85eaa682..000000000 --- a/config/samples/dex/crds/v1beta1/passwords.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: passwords.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: Password - listKind: PasswordList - plural: passwords - singular: password - version: v1 \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/refreshtokens.yaml b/config/samples/dex/crds/v1beta1/refreshtokens.yaml deleted file mode 100644 index 2577b35dd..000000000 --- a/config/samples/dex/crds/v1beta1/refreshtokens.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: refreshtokens.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: RefreshToken - listKind: RefreshTokenList - plural: refreshtokens - singular: refreshtoken - version: v1 \ No newline at end of file diff --git a/config/samples/dex/crds/v1beta1/signingkeies.yaml b/config/samples/dex/crds/v1beta1/signingkeies.yaml deleted file mode 100644 index 2ace673c5..000000000 --- a/config/samples/dex/crds/v1beta1/signingkeies.yaml +++ /dev/null @@ -1,13 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: signingkeies.dex.coreos.com -spec: - scope: Namespaced - group: dex.coreos.com - names: - kind: SigningKey - listKind: SigningKeyList - plural: signingkeies - singular: signingkey - version: v1 \ No newline at end of file diff --git a/config/samples/dex/values.yaml b/config/samples/dex/values.yaml deleted file mode 100644 index b8c5d9b80..000000000 --- a/config/samples/dex/values.yaml +++ /dev/null @@ -1,227 +0,0 @@ -# Default values for dex -# This is a YAML-formatted file. -# Declare name/value pairs to be passed into your templates. -# name: value - -image: quay.io/dexidp/dex -imageTag: "v2.24.0" -imagePullPolicy: "IfNotPresent" - -inMiniKube: false - -nodeSelector: {} - -podLabels: {} - -podAnnotations: {} - -initContainers: [] - -tolerations: [] - # - key: CriticalAddonsOnly - # operator: Exists - # - key: foo - # operator: Equal - # value: bar -# effect: NoSchedule - -securityContext: -# Rejecting containers trying to run with root privileges -# runAsNonRoot: true -# Preventing privilege escalation to root privileges -# allowPrivilegeEscalation: false -# Set the user ID used to run the container -# runAsUser: 1001 -# Set the primary group ID used to run all processes within any container of the pod -# runAsGroup: 1001 -# Set the group ID associated with the container -# fsGroup: 1001 - -replicas: 1 - -resources: - limits: - cpu: 100m - memory: 50Mi - requests: - cpu: 100m - memory: 50Mi - -# grpc support -grpc: false - -# https termination by dex itself -https: false - -# expose prometheus metrics ? -telemetry: false - -ports: - web: - containerPort: 5556 - # for service.type: NodePort - nodePort: 32000 - servicePort: 32000 - # Relevant only when grpc support is enabled - grpc: - containerPort: 5000 - # for service.type: NodePort - nodePort: 35000 - servicePort: 35000 - telemetry: - containerPort: 5558 - # for service.type: NodePort - nodePort: 37000 - servicePort: 37000 - -livenessProbe: - enabled: true - initialDelaySeconds: 1 - failureThreshold: 1 - httpPath: "/healthz" - periodSeconds: 10 - timeoutSeconds: 1 - -readinessProbe: - enabled: true - initialDelaySeconds: 1 - failureThreshold: 1 - httpPath: "/healthz" - periodSeconds: 10 - timeoutSeconds: 1 - -service: - type: ClusterIP - # Override IP for the Service Type: LoadBalancer. - # This feature depends on whether the underlying cloud-provider supports specifying the loadBalancerIP when a load balancer is created. - # loadBalancerIP: 127.0.0.1 - # loadBalancerIP: 127.0.0.1 - annotations: {} - -ingress: - enabled: true - annotations: {} - kubernetes.io/ingress.class: traefik - external-dns.alpha.kubernetes.io/target: traefikt.nifi.pns.svc.rickaastley.p.fti.net - # kubernetes.io/tls-acme: "true" - path: / - hosts: - - dex.nifi.pns.svc.rickaastley.p.fti.net - tls: [] - # - secretName: dex-example-tls - # hosts: - # - dex.example.com - -extraVolumes: [] -extraVolumeMounts: [] - -certs: - securityContext: - enabled: true - runAsUser: 65534 - fsGroup: 65534 - image: gcr.io/google_containers/kubernetes-dashboard-init-amd64 - imageTag: "v1.0.0" - imagePullPolicy: "IfNotPresent" - # Section below is relevant only when https termination is enabled - web: - create: false - activeDeadlineSeconds: 300 - caDays: 10000 - certDays: 10000 - altNames: - - dex.example.com - altIPs: {} - secret: - tlsName: dex-web-server-tls - caName: dex-web-server-ca - pod: - annotations: {} - # Section below is relevant only when grpc support is enabled - grpc: - create: false - activeDeadlineSeconds: 300 - altNames: - - dex.example.com - altIPs: {} - secret: - serverTlsName: dex-grpc-server-tls - clientTlsName: dex-grpc-client-tls - caName: dex-grpc-ca - pod: - annotations: {} - -env: [] - -rbac: - # Specifies whether RBAC resources should be created - create: true - -crd: - # Specifies whether dex's CRDs are already present (if not cluster role and cluster role binding will be created - # to enable dex to create them). Depends on rbac.create - present: false - -serviceAccount: - # Specifies whether a ServiceAccount should be created - create: true - # The name of the ServiceAccount to use. - # If not set and create is true, a name is generated using the fullname template - name: - -affinity: {} - # podAntiAffinity: - # preferredDuringSchedulingIgnoredDuringExecution: - # - weight: 5 - # podAffinityTerm: - # topologyKey: "kubernetes.io/hostname" - # labelSelector: - # matchLabels: - # app: {{ template "dex.name" . }} -# release: "{{ .Release.Name }}" - -podDisruptionBudget: {} -# maxUnavailable: 1 - -config: - issuer: "" - storage: - type: kubernetes - config: - inCluster: true - logger: - level: debug - connectors: [] - # - type: github - # id: github - # name: GitHub - # config: - # clientID: xxxxxxxxxxxxxxx - # clientSecret: yyyyyyyyyyyyyyyyyyyyy - # redirectURI: https://dex.minikube.local:5556/callback - # org: kubernetes - oauth2: - alwaysShowLoginScreen: false - skipApprovalScreen: true - - # expiry: - # signingKeys: "6h" - # idTokens: "24h" - - staticClients: - - id: nifisec - redirectURIs: - - 'https://sec.orange.trycatchlearn.fr:8443/nifi-api/access/oidc/callback' - name: 'NiFi' - secret: BvmEyr81P0YXZtIt1FIfGsRs - - enablePasswordDB: true - staticPasswords: - - email: "alexandre.guitton@orange.com" - # bcrypt hash of the string "password" - hash: "$2y$12$96VRztd6f0D7xtMIYuJWFe484HWpEyPSzHsG7j2wihXhnWL9ZbKQu" - username: "aguitton" - userID: "08a8684b-db88-4b73-90a9-3cd1661f5466" - -# frontend: -# logoURL: https://example.com/yourlogo.png \ No newline at end of file diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml new file mode 100644 index 000000000..6778d97f4 --- /dev/null +++ b/config/samples/kustomization.yaml @@ -0,0 +1,7 @@ +## Append samples you want in your CSV to this file as resources ## +resources: +- nifi_v1alpha1_nificluster.yaml +- nifi_v1alpha1_nifiusergroup.yaml +- nifi_v1alpha1_nifidataflow.yaml +- nifi_v1alpha1_nifiparametercontext.yaml +# +kubebuilder:scaffold:manifestskustomizesamples diff --git a/config/samples/nifi.orange.com_v1alpha1_nificluster.yaml b/config/samples/nifi_v1alpha1_nificluster.yaml similarity index 90% rename from config/samples/nifi.orange.com_v1alpha1_nificluster.yaml rename to config/samples/nifi_v1alpha1_nificluster.yaml index a9c2e47d9..7b96cff0b 100644 --- a/config/samples/nifi.orange.com_v1alpha1_nificluster.yaml +++ b/config/samples/nifi_v1alpha1_nificluster.yaml @@ -8,10 +8,10 @@ spec: # using service per nodes may come an handy case of service mesh. headlessEnabled: true # Annotations specifies the annotations to attach to services the operator creates -# annotations: -# pod: + # annotations: + # pod: # Annotations specifies the annotations to attach to pods the operator creates -# annotations: + # annotations: # zKAddress specifies the ZooKeeper connection string # in the form hostname:port where host and port are those of a Zookeeper server. zkAddress: "zookeepercluster-client.zookeeper:2181" @@ -20,18 +20,18 @@ spec: zkPath: "/myNiFi" # initContainerImage can override the default image used into the init container to check if # ZoooKeeper server is reachable. -# initContainerImage: busybox + # initContainerImage: busybox # initContainers defines additional initContainers configurations -# initContainers: -# - image: eu.gcr.io/poc-rtc/nifi-proxydata-bundle:1.11.4-1.0.0 -# name: nifi-proxydata-lib -# imagePullPolicy: IfNotPresent -# command: ["sh", "-c", "cp -vr /nifi_lib/* /nifi_lib_volume/"] -# volumeMounts: -# - name: extensions-repository -# mountPath: /nifi_lib_volume -# - name: logs -# mountPath: /logs + # initContainers: + # - image: eu.gcr.io/poc-rtc/nifi-proxydata-bundle:1.11.4-1.0.0 + # name: nifi-proxydata-lib + # imagePullPolicy: IfNotPresent + # command: ["sh", "-c", "cp -vr /nifi_lib/* /nifi_lib_volume/"] + # volumeMounts: + # - name: extensions-repository + # mountPath: /nifi_lib_volume + # - name: logs + # mountPath: /logs # clusterImage can specify the whole nificluster image in one place clusterImage: "apache/nifi:1.12.1" # oneNifiNodePerNode if set to true every nifi node is started on a new node, if there is not enough node to do that @@ -40,12 +40,12 @@ spec: oneNifiNodePerNode: false # propagateLabels: true -# managedAdminUsers: -# - identity : "alexandre.guitton@orange.com" -# name: "aguitton" -# managedReaderUsers: -# - identity : "toto@orange.com" -# name: "toto" + # managedAdminUsers: + # - identity : "alexandre.guitton@orange.com" + # name: "aguitton" + # managedReaderUsers: + # - identity : "toto@orange.com" + # name: "toto" # readOnlyConfig specifies the read-only type Nifi config cluster wide, all theses # will be merged with node specified readOnly configurations, so it can be overwritten per node. readOnlyConfig: @@ -60,12 +60,12 @@ spec: # A comma separated list of allowed HTTP Host header values to consider when NiFi # is running securely and will be receiving requests to a different host[:port] than it is bound to. # https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#web-properties -# webProxyHosts: + # webProxyHosts: # Nifi security client auth needClientAuth: false # Indicates which of the configured authorizers in the authorizers.xml file to use # https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#authorizer-configuration -# authorizer: + # authorizer: # ZookeeperProperties configuration that will be applied to the node. zookeeperProperties: # Additionnals zookeeper.properties configuration that will override the one produced based @@ -100,10 +100,10 @@ spec: isNode: true # Docker image used by the operator to create the node associated # https://hub.docker.com/r/apache/nifi/ -# image: "apache/nifi:1.11.2" + # image: "apache/nifi:1.11.2" # nodeAffinity can be specified, operator populates this value if new pvc added later to node # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity -# nodeAffinity: + # nodeAffinity: # imagePullPolicy define the pull policy for NiFi cluster docker image imagePullPolicy: IfNotPresent # storageConfigs specifies the node related configs @@ -144,16 +144,16 @@ spec: memory: 1Gi # imagePullSecrets specifies the secret to use when using private registry # https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#localobjectreference-v1-core -# imagePullSecrets: + # imagePullSecrets: # nodeSelector can be specified, which set the pod to fit on a node # https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector -# nodeSelector: + # nodeSelector: # tolerations can be specified, which set the pod's tolerations # https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/#concepts -# tolerations: + # tolerations: # Additionnal annotation to attach to the pod associated # https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set -# nodeAnnotations: + # nodeAnnotations: # disruptionBudget defines the configuration for PodDisruptionBudget disruptionBudget: # create will enable the PodDisruptionBudget when set to true @@ -173,7 +173,7 @@ spec: overrideConfigs: | nifi.ui.banner.text=NiFiKop by Orange - Node 0 # node configuration -# nodeConfig: + # nodeConfig: - id: 2 # readOnlyConfig can be used to pass Nifi node config # which has type read-only these config changes will trigger rolling upgrade @@ -241,16 +241,16 @@ spec: containerPort: 9020 - name: "rsyslog" containerPort: 10001 - # sslSecrets contains information about ssl related kubernetes secrets if one of the - # listener setting type set to ssl these fields must be populated to -# sslSecrets: + # sslSecrets contains information about ssl related kubernetes secrets if one of the + # listener setting type set to ssl these fields must be populated to + # sslSecrets: # tlsSecretName should contain all ssl certs required by nifi including: caCert, caKey, clientCert, clientKey # serverCert, serverKey, peerCert, peerKey -# tlsSecretName: "test-nifikop" + # tlsSecretName: "test-nifikop" # create tells the installed cert manager to create the required certs keys -# create: true + # create: true # clusterScoped defines if the Issuer created is cluster or namespace scoped -# clusterScoped: false + # clusterScoped: false # issuerRef allow to use an existing issuer to act as CA : # https://cert-manager.io/docs/concepts/issuer/ # issuerRef: diff --git a/config/samples/nifi.orange.com_v1alpha1_nifidataflow.yaml b/config/samples/nifi_v1alpha1_nifidataflow.yaml similarity index 100% rename from config/samples/nifi.orange.com_v1alpha1_nifidataflow.yaml rename to config/samples/nifi_v1alpha1_nifidataflow.yaml diff --git a/config/samples/nifi.orange.com_v1alpha1_nifiparametercontext.yaml b/config/samples/nifi_v1alpha1_nifiparametercontext.yaml similarity index 95% rename from config/samples/nifi.orange.com_v1alpha1_nifiparametercontext.yaml rename to config/samples/nifi_v1alpha1_nifiparametercontext.yaml index 150941162..a2e7c1711 100644 --- a/config/samples/nifi.orange.com_v1alpha1_nifiparametercontext.yaml +++ b/config/samples/nifi_v1alpha1_nifiparametercontext.yaml @@ -16,7 +16,7 @@ spec: namespace: nifikop # a list of non-sensitive Parameters. parameters: - # the name of the Parameter. + # the name of the Parameter. - name: test # the value of the Parameter. value: toto diff --git a/config/samples/nifi.orange.com_v1alpha1_nifiregistryclient.yaml b/config/samples/nifi_v1alpha1_nifiregistryclient.yaml similarity index 100% rename from config/samples/nifi.orange.com_v1alpha1_nifiregistryclient.yaml rename to config/samples/nifi_v1alpha1_nifiregistryclient.yaml diff --git a/config/samples/nifi.orange.com_v1alpha1_nifiuser.yaml b/config/samples/nifi_v1alpha1_nifiuser.yaml similarity index 98% rename from config/samples/nifi.orange.com_v1alpha1_nifiuser.yaml rename to config/samples/nifi_v1alpha1_nifiuser.yaml index 1d3180d9c..339dc0827 100644 --- a/config/samples/nifi.orange.com_v1alpha1_nifiuser.yaml +++ b/config/samples/nifi_v1alpha1_nifiuser.yaml @@ -28,4 +28,4 @@ spec: # componentType: "process-groups" # # componentId is used if the type is "component", it's allow to define the id of the component on which is the # # access policy -# componentId: "" +# componentId: "" \ No newline at end of file diff --git a/config/samples/nifi.orange.com_v1alpha1_nifiusergroup.yaml b/config/samples/nifi_v1alpha1_nifiusergroup.yaml similarity index 90% rename from config/samples/nifi.orange.com_v1alpha1_nifiusergroup.yaml rename to config/samples/nifi_v1alpha1_nifiusergroup.yaml index bae599e1a..23bd8d994 100644 --- a/config/samples/nifi.orange.com_v1alpha1_nifiusergroup.yaml +++ b/config/samples/nifi_v1alpha1_nifiusergroup.yaml @@ -10,11 +10,11 @@ spec: # contains the list of reference to NifiUsers that are part to the group. usersRef: - name: nc-0-node.nc-headless.nifikop.svc.cluster.local -# namespace: nifikop + # namespace: nifikop - name: nc-controller.nifikop.mgt.cluster.local # defines the list of access policies that will be granted to the group. accessPolicies: - # defines the kind of access policy, could be "global" or "component". + # defines the kind of access policy, could be "global" or "component". - type: global # defines the kind of action that will be granted, could be "read" or "write" action: read @@ -26,5 +26,4 @@ spec: # componentType: "process-groups" # # componentId is used if the type is "component", it's allow to define the id of the component on which is the # # access policy -# componentId: "" - +# componentId: "" \ No newline at end of file diff --git a/config/samples/simplenificluster.yaml b/config/samples/simplenificluster.yaml index 4d454b806..78fd97a0d 100644 --- a/config/samples/simplenificluster.yaml +++ b/config/samples/simplenificluster.yaml @@ -5,9 +5,9 @@ metadata: spec: service: headlessEnabled: true - zkAddress: "zookeepercluster-client.zookeeper:2181" + zkAddress: "zookeeper.nifi:2181" zkPath: "/simplenifi" - clusterImage: "apache/nifi:1.12,1" + clusterImage: "apache/nifi:1.12.1" oneNifiNodePerNode: false nodeConfigGroups: default_group: @@ -25,11 +25,11 @@ spec: serviceAccountName: "default" resourcesRequirements: limits: - cpu: "2" - memory: 3Gi + cpu: "0.5" + memory: 2Gi requests: - cpu: "1" - memory: 1Gi + cpu: "0.5" + memory: 2Gi nodes: - id: 1 nodeConfigGroup: "default_group" diff --git a/config/scorecard/bases/config.yaml b/config/scorecard/bases/config.yaml new file mode 100644 index 000000000..c77047841 --- /dev/null +++ b/config/scorecard/bases/config.yaml @@ -0,0 +1,7 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: [] diff --git a/config/scorecard/kustomization.yaml b/config/scorecard/kustomization.yaml new file mode 100644 index 000000000..d73509ee7 --- /dev/null +++ b/config/scorecard/kustomization.yaml @@ -0,0 +1,16 @@ +resources: +- bases/config.yaml +patchesJson6902: +- path: patches/basic.config.yaml + target: + group: scorecard.operatorframework.io + version: v1alpha3 + kind: Configuration + name: config +- path: patches/olm.config.yaml + target: + group: scorecard.operatorframework.io + version: v1alpha3 + kind: Configuration + name: config +# +kubebuilder:scaffold:patchesJson6902 diff --git a/config/scorecard/patches/basic.config.yaml b/config/scorecard/patches/basic.config.yaml new file mode 100644 index 000000000..d43478617 --- /dev/null +++ b/config/scorecard/patches/basic.config.yaml @@ -0,0 +1,10 @@ +- op: add + path: /stages/0/tests/- + value: + entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: basic + test: basic-check-spec-test diff --git a/config/scorecard/patches/olm.config.yaml b/config/scorecard/patches/olm.config.yaml new file mode 100644 index 000000000..890bf0572 --- /dev/null +++ b/config/scorecard/patches/olm.config.yaml @@ -0,0 +1,50 @@ +- op: add + path: /stages/0/tests/- + value: + entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-bundle-validation-test +- op: add + path: /stages/0/tests/- + value: + entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-crds-have-validation-test +- op: add + path: /stages/0/tests/- + value: + entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-crds-have-resources-test +- op: add + path: /stages/0/tests/- + value: + entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-spec-descriptors-test +- op: add + path: /stages/0/tests/- + value: + entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.3.0 + labels: + suite: olm + test: olm-status-descriptors-test diff --git a/pkg/controller/common/controller_common.go b/controllers/controller_common.go similarity index 86% rename from pkg/controller/common/controller_common.go rename to controllers/controller_common.go index f63271d88..3649441a5 100644 --- a/pkg/controller/common/controller_common.go +++ b/controllers/controller_common.go @@ -12,19 +12,17 @@ // See the License for the specific language governing permissions and // limitations under the License.package apis -package common +package controllers import ( "fmt" "time" "emperror.dev/errors" - "github.com/go-logr/logr" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" - "github.com/Orange-OpenSource/nifikop/pkg/nificlient" + "github.com/go-logr/logr" ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/reconcile" ) @@ -33,10 +31,6 @@ import ( var ClusterRefLabel = "nifiCluster" -// newNifiFromCluster points to the function for retrieving nifi clients, -// use as var so it can be overwritten from unit tests -var newNifiFromCluster = nificlient.NewFromCluster - // requeueWithError is a convenience wrapper around logging an error message // separate from the stacktrace and then passing the error through to the controller // manager @@ -65,19 +59,6 @@ func ClusterLabelString(cluster *v1alpha1.NifiCluster) string { return fmt.Sprintf("%s.%s", cluster.Name, cluster.Namespace) } -// newNodeConnection is a convenience wrapper for creating a node connection -// and creating a safer close function -func NewNodeConnection(log logr.Logger, client client.Client, cluster *v1alpha1.NifiCluster) (node nificlient.NifiClient, err error) { - - // Get a nifi connection - log.Info(fmt.Sprintf("Retrieving Nifi client for %s/%s", cluster.Namespace, cluster.Name)) - node, err = newNifiFromCluster(client, cluster) - if err != nil { - return - } - return -} - // checkNodeConnectionError is a convenience wrapper for returning from common // node connection errors func CheckNodeConnectionError(logger logr.Logger, err error) (ctrl.Result, error) { @@ -163,7 +144,6 @@ func GetSecretRefNamespace(ns string, ref v1alpha1.SecretReference) string { return secretNamespace } - // GetUserRefNamespace returns the expected namespace for a Nifi user // referenced by a parameter context CR. It takes the namespace of the CR as the first // argument and the reference itself as the second. diff --git a/pkg/controller/common/controller_common_test.go b/controllers/controller_common_test.go similarity index 97% rename from pkg/controller/common/controller_common_test.go rename to controllers/controller_common_test.go index a39b5dd06..88434d314 100644 --- a/pkg/controller/common/controller_common_test.go +++ b/controllers/controller_common_test.go @@ -12,20 +12,20 @@ // See the License for the specific language governing permissions and // limitations under the License.package apis -package common +package controllers import ( "errors" "reflect" + ctrl "sigs.k8s.io/controller-runtime" "testing" "time" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("controller_testing") +var log = ctrl.Log.WithName("controller_testing") func TestRequeueWithError(t *testing.T) { _, err := RequeueWithError(log, "test", errors.New("test error")) diff --git a/controllers/nificluster_controller.go b/controllers/nificluster_controller.go new file mode 100644 index 000000000..8f8bd1e35 --- /dev/null +++ b/controllers/nificluster_controller.go @@ -0,0 +1,308 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "emperror.dev/errors" + "fmt" + "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" + "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" + "github.com/Orange-OpenSource/nifikop/pkg/pki" + "github.com/Orange-OpenSource/nifikop/pkg/resources" + "github.com/Orange-OpenSource/nifikop/pkg/resources/nifi" + "github.com/Orange-OpenSource/nifikop/pkg/util" + corev1 "k8s.io/api/core/v1" + policyv1beta1 "k8s.io/api/policy/v1beta1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + "time" + + "github.com/go-logr/logr" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" +) + +var clusterFinalizer = "finalizer.nificlusters.nifi.orange.com" +var clusterUsersFinalizer = "users.nificlusters.nifi.orange.com" + +// NifiClusterReconciler reconciles a NifiCluster object +type NifiClusterReconciler struct { + client.Client + DirectClient client.Reader + Log logr.Logger + Scheme *runtime.Scheme + Namespaces []string +} + +// +kubebuilder:rbac:groups="",resources=persistentvolumeclaims,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups="",resources=secrets,verbs=get;list;watch;create;update;delete;patch +// +kubebuilder:rbac:groups="",resources=services,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups="",resources=configmaps,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups="",resources=pods,verbs=get;list;watch;create;update;delete +// +kubebuilder:rbac:groups="",resources=nodes,verbs=get;list;watch +// +kubebuilder:rbac:groups="",resources=namespaces,verbs=get;list;watch +// +kubebuilder:rbac:groups="policy",resources=poddisruptionbudgets,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nificlusters,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nificlusters/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nificlusters/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NifiCluster object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile +func (r *NifiClusterReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = r.Log.WithValues("nificluster", req.NamespacedName) + + // Fetch the NifiCluster instance + instance := &v1alpha1.NifiCluster{} + err := r.Client.Get(ctx, req.NamespacedName, instance) + if err != nil { + if apierrors.IsNotFound(err) { + // Request object not found, could have been deleted after reconcile request. + // Owned objects are automatically garbage collected. For additional cleanup logic use finalizers. + // Return and don't requeue + return Reconciled() + } + // Error reading the object - requeue the request. + return RequeueWithError(r.Log, err.Error(), err) + } + + // Check if marked for deletion and run finalizers + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + return r.checkFinalizers(ctx, instance) + } + + // + if len(instance.Status.State) == 0 || instance.Status.State == v1alpha1.NifiClusterInitializing { + if err := k8sutil.UpdateCRStatus(r.Client, instance, v1alpha1.NifiClusterInitializing, r.Log); err != nil { + return RequeueWithError(r.Log, err.Error(), err) + } + for nId := range instance.Spec.Nodes { + if err := k8sutil.UpdateNodeStatus(r.Client, []string{fmt.Sprint(instance.Spec.Nodes[nId].Id)}, instance, v1alpha1.IsInitClusterNode, r.Log); err != nil { + return RequeueWithError(r.Log, err.Error(), err) + } + } + if err := k8sutil.UpdateCRStatus(r.Client, instance, v1alpha1.NifiClusterInitialized, r.Log); err != nil { + return RequeueWithError(r.Log, err.Error(), err) + } + } + + if instance.Status.State != v1alpha1.NifiClusterRollingUpgrading { + if err := k8sutil.UpdateCRStatus(r.Client, instance, v1alpha1.NifiClusterReconciling, r.Log); err != nil { + return RequeueWithError(r.Log, err.Error(), err) + } + } + + reconcilers := []resources.ComponentReconciler{ + nifi.New(r.Client, r.DirectClient, r.Scheme, instance), + } + + for _, rec := range reconcilers { + err = rec.Reconcile(r.Log) + if err != nil { + switch errors.Cause(err).(type) { + case errorfactory.NodesUnreachable: + r.Log.Info("Nodes unreachable, may still be starting up") + return reconcile.Result{ + RequeueAfter: time.Duration(15) * time.Second, + }, nil + case errorfactory.NodesNotReady: + r.Log.Info("Nodes not ready, may still be starting up") + return reconcile.Result{ + RequeueAfter: time.Duration(15) * time.Second, + }, nil + case errorfactory.ResourceNotReady: + r.Log.Info("A new resource was not found or may not be ready") + r.Log.Info(err.Error()) + return reconcile.Result{ + RequeueAfter: time.Duration(7) * time.Second, + }, nil + case errorfactory.ReconcileRollingUpgrade: + r.Log.Info("Rolling Upgrade in Progress") + return reconcile.Result{ + RequeueAfter: time.Duration(15) * time.Second, + }, nil + case errorfactory.NifiClusterNotReady: + return reconcile.Result{ + RequeueAfter: time.Duration(15) * time.Second, + }, nil + case errorfactory.NifiClusterTaskRunning: + return reconcile.Result{ + RequeueAfter: time.Duration(20) * time.Second, + }, nil + default: + return RequeueWithError(r.Log, err.Error(), err) + } + } + } + + r.Log.Info("ensuring finalizers on nificluster") + if instance, err = r.ensureFinalizers(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to ensure finalizers on nificluster instance", err) + } + + //Update rolling upgrade last successful state + if instance.Status.State == v1alpha1.NifiClusterRollingUpgrading { + if err := k8sutil.UpdateRollingUpgradeState(r.Client, instance, time.Now(), r.Log); err != nil { + return RequeueWithError(r.Log, err.Error(), err) + } + } + + if err := k8sutil.UpdateCRStatus(r.Client, instance, v1alpha1.NifiClusterRunning, r.Log); err != nil { + return RequeueWithError(r.Log, err.Error(), err) + } + + return Reconciled() +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NifiClusterReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&v1alpha1.NifiCluster{}). + Owns(&policyv1beta1.PodDisruptionBudget{}). + Owns(&corev1.Service{}). + Owns(&corev1.Pod{}). + Owns(&corev1.ConfigMap{}). + Owns(&corev1.PersistentVolumeClaim{}). + Complete(r) +} + +func (r *NifiClusterReconciler) checkFinalizers(ctx context.Context, + cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { + + r.Log.Info("NifiCluster is marked for deletion, checking for children") + + // If the main finalizer is gone then we've already finished up + if !util.StringSliceContains(cluster.GetFinalizers(), clusterFinalizer) { + return Reconciled() + } + + var err error + + var namespaces []string + if r.Namespaces == nil || len(r.Namespaces) == 0 { + // Fetch a list of all namespaces for DeleteAllOf requests + namespaces = make([]string, 0) + var namespaceList corev1.NamespaceList + if err := r.Client.List(ctx, &namespaceList); err != nil { + return RequeueWithError(r.Log, "failed to get namespace list", err) + } + for _, ns := range namespaceList.Items { + namespaces = append(namespaces, ns.Name) + } + } else { + // use configured namespaces + namespaces = r.Namespaces + } + + if cluster.Spec.ListenersConfig.SSLSecrets != nil { + // If we haven't deleted all nifiusers yet, iterate namespaces and delete all nifiusers + // with the matching label. + if util.StringSliceContains(cluster.GetFinalizers(), clusterUsersFinalizer) { + r.Log.Info(fmt.Sprintf("Sending delete nifiusers request to all namespaces for cluster %s/%s", cluster.Namespace, cluster.Name)) + for _, ns := range namespaces { + if err := r.Client.DeleteAllOf( + ctx, + &v1alpha1.NifiUser{}, + client.InNamespace(ns), + client.MatchingLabels{ClusterRefLabel: ClusterLabelString(cluster)}, + ); err != nil { + if client.IgnoreNotFound(err) != nil { + return RequeueWithError(r.Log, "failed to send delete request for children nifiusers", err) + } + r.Log.Info(fmt.Sprintf("No matching nifiusers in namespace: %s", ns)) + } + } + if cluster, err = r.removeFinalizer(ctx, cluster, clusterUsersFinalizer); err != nil { + return RequeueWithError(r.Log, "failed to remove users finalizer from nificluster", err) + } + } + + // Do any necessary PKI cleanup - a PKI backend should make sure any + // user finalizations are done before it does its final cleanup + r.Log.Info("Tearing down any PKI resources for the nificluster") + if err = pki.GetPKIManager(r.Client, cluster).FinalizePKI(ctx, r.Log); err != nil { + switch err.(type) { + case errorfactory.ResourceNotReady: + r.Log.Info("The PKI is not ready to be torn down") + return ctrl.Result{ + Requeue: true, + RequeueAfter: time.Duration(5) * time.Second, + }, nil + default: + return RequeueWithError(r.Log, "failed to finalize PKI", err) + } + } + + } + + r.Log.Info("Finalizing deletion of nificluster instance") + if _, err = r.removeFinalizer(ctx, cluster, clusterFinalizer); err != nil { + if client.IgnoreNotFound(err) == nil { + // We may have been a requeue from earlier with all conditions met - but with + // the state of the finalizer not yet reflected in the response we got. + return Reconciled() + } + return RequeueWithError(r.Log, "failed to remove main finalizer", err) + } + + return reconcile.Result{}, nil +} + +func (r *NifiClusterReconciler) removeFinalizer(ctx context.Context, cluster *v1alpha1.NifiCluster, + finalizer string) (updated *v1alpha1.NifiCluster, err error) { + + cluster.SetFinalizers(util.StringSliceRemove(cluster.GetFinalizers(), finalizer)) + return r.updateAndFetchLatest(ctx, cluster) +} + +func (r *NifiClusterReconciler) updateAndFetchLatest(ctx context.Context, + cluster *v1alpha1.NifiCluster) (*v1alpha1.NifiCluster, error) { + + typeMeta := cluster.TypeMeta + err := r.Client.Update(ctx, cluster) + if err != nil { + return nil, err + } + cluster.TypeMeta = typeMeta + return cluster, nil +} + +func (r *NifiClusterReconciler) ensureFinalizers(ctx context.Context, + cluster *v1alpha1.NifiCluster) (updated *v1alpha1.NifiCluster, err error) { + + finalizers := []string{clusterFinalizer} + if cluster.Spec.ListenersConfig.SSLSecrets != nil { + finalizers = append(finalizers, clusterUsersFinalizer) + } + for _, finalizer := range finalizers { + if util.StringSliceContains(cluster.GetFinalizers(), finalizer) { + continue + } + cluster.SetFinalizers(append(cluster.GetFinalizers(), finalizer)) + } + return r.updateAndFetchLatest(ctx, cluster) +} diff --git a/pkg/controller/nificlustertask/nificlustertask_controller.go b/controllers/nificlustertask_controller.go similarity index 70% rename from pkg/controller/nificlustertask/nificlustertask_controller.go rename to controllers/nificlustertask_controller.go index d8e05e1d1..22e457d2d 100644 --- a/pkg/controller/nificlustertask/nificlustertask_controller.go +++ b/controllers/nificlustertask_controller.go @@ -1,138 +1,79 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at -package nificlustertask + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers import ( "context" - "fmt" - "reflect" - "time" - "emperror.dev/errors" - v1alpha1 "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "fmt" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/scale" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" - "github.com/go-logr/logr" - apiErrors "k8s.io/apimachinery/pkg/api/errors" + apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" - ctrl "sigs.k8s.io/controller-runtime" + "reflect" "sigs.k8s.io/controller-runtime/pkg/event" "sigs.k8s.io/controller-runtime/pkg/predicate" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + "time" + "github.com/go-logr/logr" "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" -) - -var log = logf.Log.WithName("controller_nificlustertask") - -// Add creates a new NifiCluster Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager, namespaces []string) error { - return add(mgr, newReconciler(mgr)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileNifiClusterTask{Client: mgr.GetClient(), Scheme: mgr.GetScheme()} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - builder := ctrl.NewControllerManagedBy(mgr).For(&v1alpha1.NifiCluster{}).Named("nificlustertask-controller") - - // TODO : review event filter - err := builder.WithEventFilter( - predicate.Funcs{ - UpdateFunc: func(e event.UpdateEvent) bool { - object, err := meta.Accessor(e.ObjectNew) - if err != nil { - return false - } - if _, ok := object.(*v1alpha1.NifiCluster); ok { - old := e.ObjectOld.(*v1alpha1.NifiCluster) - new := e.ObjectNew.(*v1alpha1.NifiCluster) - for _, nodeState := range new.Status.NodesState { - if nodeState.GracefulActionState.State.IsRequiredState() || nodeState.GracefulActionState.State.IsRunningState() { - return true - } - } - //if reflect.DeepEqual(old.Status.NodesState, new.Status.NodesState) { - // return true - //} - if !reflect.DeepEqual(old.Status.NodesState, new.Status.NodesState) || - old.GetDeletionTimestamp() != new.GetDeletionTimestamp() || - old.GetGeneration() != new.GetGeneration() { - return true - } - return false - } - return true - }, - }).Complete(r) - if err != nil { - return err - } - - return nil -} - -// blank assignment to verify that ReconcileNifiClusterTask implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileNifiClusterTask{} + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" +) -// ReconcileNifiCluster reconciles a NifiCluster object -type ReconcileNifiClusterTask struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - Client client.Client +// NifiClusterTaskReconciler reconciles +type NifiClusterTaskReconciler struct { + client.Client + Log logr.Logger Scheme *runtime.Scheme } -// Reconcile reads that state of the cluster for a NifiCluster object and makes changes based on the state read -// and what is in the NifiCluster.Spec -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileNifiClusterTask) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling NifiCluster") - - ctx := context.Background() +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NifiUserGroup object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile +func (r *NifiClusterTaskReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = r.Log.WithValues("nificlustertask", req.NamespacedName) // Fetch the NifiCluster instance instance := &v1alpha1.NifiCluster{} - err := r.Client.Get(ctx, request.NamespacedName, instance) + err := r.Client.Get(ctx, req.NamespacedName, instance) if err != nil { - if apiErrors.IsNotFound(err) { + if apierrors.IsNotFound(err) { // Request object not found, could have been deleted after reconcile request. // Owned objects are automatically garbage collected. For additional cleanup logic use finalizers. // Return and don't requeue - return common.Reconciled() + return Reconciled() } // Error reading the object - requeue the request. - return common.RequeueWithError(reqLogger, err.Error(), err) + return RequeueWithError(r.Log, err.Error(), err) } - log.V(1).Info("Reconciling") + r.Log.V(1).Info("Reconciling") var nodesWithRunningNCTask []string @@ -143,7 +84,7 @@ func (r *ReconcileNifiClusterTask) Reconcile(request reconcile.Request) (reconci } if len(nodesWithRunningNCTask) > 0 { - err = r.handlePodRunningTask(instance, nodesWithRunningNCTask, log) + err = r.handlePodRunningTask(instance, nodesWithRunningNCTask, r.Log) } if err != nil { @@ -161,7 +102,7 @@ func (r *ReconcileNifiClusterTask) Reconcile(request reconcile.Request) (reconci RequeueAfter: time.Duration(20) * time.Second, }, nil default: - return common.RequeueWithError(log, err.Error(), err) + return RequeueWithError(r.Log, err.Error(), err) } } @@ -177,9 +118,9 @@ func (r *ReconcileNifiClusterTask) Reconcile(request reconcile.Request) (reconci } if len(nodesWithUpscaleRequired) > 0 { - err = r.handlePodAddCCTask(instance, nodesWithUpscaleRequired, log) + err = r.handlePodAddCCTask(instance, nodesWithUpscaleRequired) } else if len(nodesWithDownscaleRequired) > 0 { - err = r.handlePodDeleteNCTask(instance, nodesWithDownscaleRequired, log) + err = r.handlePodDeleteNCTask(instance, nodesWithDownscaleRequired) } if err != nil { @@ -197,7 +138,7 @@ func (r *ReconcileNifiClusterTask) Reconcile(request reconcile.Request) (reconci RequeueAfter: time.Duration(20) * time.Second, }, nil default: - return common.RequeueWithError(log, err.Error(), err) + return RequeueWithError(r.Log, err.Error(), err) } } @@ -210,22 +151,63 @@ func (r *ReconcileNifiClusterTask) Reconcile(request reconcile.Request) (reconci } if len(nodesWithDownscaleSucceeded) > 0 { - err = r.handleNodeRemoveStatus(instance, nodesWithDownscaleSucceeded, log) + err = r.handleNodeRemoveStatus(instance, nodesWithDownscaleSucceeded) } - return common.Reconciled() + return Reconciled() +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NifiClusterTaskReconciler) SetupWithManager(mgr ctrl.Manager) error { + builder := ctrl.NewControllerManagedBy(mgr). + For(&v1alpha1.NifiCluster{}) + + err := builder.WithEventFilter( + predicate.Funcs{ + UpdateFunc: func(e event.UpdateEvent) bool { + object, err := meta.Accessor(e.ObjectNew) + if err != nil { + return false + } + if _, ok := object.(*v1alpha1.NifiCluster); ok { + old := e.ObjectOld.(*v1alpha1.NifiCluster) + new := e.ObjectNew.(*v1alpha1.NifiCluster) + for _, nodeState := range new.Status.NodesState { + if nodeState.GracefulActionState.State.IsRequiredState() || nodeState.GracefulActionState.State.IsRunningState() { + return true + } + } + //if reflect.DeepEqual(old.Status.NodesState, new.Status.NodesState) { + // return true + //} + if !reflect.DeepEqual(old.Status.NodesState, new.Status.NodesState) || + old.GetDeletionTimestamp() != new.GetDeletionTimestamp() || + old.GetGeneration() != new.GetGeneration() { + return true + } + return false + } + return true + }, + }).Complete(r) + + if err != nil { + return err + } + + return nil } -func (r *ReconcileNifiClusterTask) handlePodAddCCTask(nifiCluster *v1alpha1.NifiCluster, nodeIds []string, log logr.Logger) error { +func (r *NifiClusterTaskReconciler) handlePodAddCCTask(nifiCluster *v1alpha1.NifiCluster, nodeIds []string) error { for _, nodeId := range nodeIds { actionStep, taskStartTime, scaleErr := scale.UpScaleCluster(nodeId, nifiCluster.Namespace, nifiCluster.Name) if scaleErr != nil { - log.Info("Nifi cluster communication error during upscaling node(s)", "nodeId(s)", nodeId) + r.Log.Info("Nifi cluster communication error during upscaling node(s)", "nodeId(s)", nodeId) return errorfactory.New(errorfactory.NifiClusterNotReady{}, scaleErr, fmt.Sprintf("Node id(s): %s", nodeId)) } statusErr := k8sutil.UpdateNodeStatus(r.Client, []string{nodeId}, nifiCluster, v1alpha1.GracefulActionState{ActionStep: actionStep, State: v1alpha1.GracefulUpscaleRunning, - TaskStarted: taskStartTime}, log) + TaskStarted: taskStartTime}, r.Log) if statusErr != nil { return errors.WrapIfWithDetails(statusErr, "could not update status for node", "id(s)", nodeId) } @@ -233,10 +215,10 @@ func (r *ReconcileNifiClusterTask) handlePodAddCCTask(nifiCluster *v1alpha1.Nifi return nil } -func (r *ReconcileNifiClusterTask) handlePodDeleteNCTask(nifiCluster *v1alpha1.NifiCluster, nodeIds []string, log logr.Logger) error { +func (r *NifiClusterTaskReconciler) handlePodDeleteNCTask(nifiCluster *v1alpha1.NifiCluster, nodeIds []string) error { for _, nodeId := range nodeIds { if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.ConnectNodeAction { - err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.ConnectStatus, nil, log) + err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.ConnectStatus, nil) if err != nil { return err } @@ -244,12 +226,12 @@ func (r *ReconcileNifiClusterTask) handlePodDeleteNCTask(nifiCluster *v1alpha1.N actionStep, taskStartTime, err := scale.DisconnectClusterNode(r.Client, nifiCluster, nodeId) if err != nil { - log.Info(fmt.Sprintf("nifi cluster communication error during downscaling node(s) id(s): %s", nodeId)) + r.Log.Info(fmt.Sprintf("nifi cluster communication error during downscaling node(s) id(s): %s", nodeId)) return errorfactory.New(errorfactory.NifiClusterNotReady{}, err, fmt.Sprintf("node(s) id(s): %s", nodeId)) } err = k8sutil.UpdateNodeStatus(r.Client, []string{nodeId}, nifiCluster, v1alpha1.GracefulActionState{ActionStep: actionStep, State: v1alpha1.GracefulDownscaleRunning, - TaskStarted: taskStartTime}, log) + TaskStarted: taskStartTime}, r.Log) if err != nil { return errors.WrapIfWithDetails(err, "could not update status for node(s)", "id(s)", nodeId) } @@ -259,12 +241,12 @@ func (r *ReconcileNifiClusterTask) handlePodDeleteNCTask(nifiCluster *v1alpha1.N } // TODO: Review logic to simplify it through generic method -func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.NifiCluster, nodeIds []string, log logr.Logger) error { +func (r *NifiClusterTaskReconciler) handlePodRunningTask(nifiCluster *v1alpha1.NifiCluster, nodeIds []string, log logr.Logger) error { for _, nodeId := range nodeIds { // Check if node finished to connect if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.ConnectNodeAction { - err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.ConnectStatus, nil, log) + err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.ConnectStatus, nil) if err != nil { return err } @@ -272,7 +254,7 @@ func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.Ni // Check if node finished to disconnect if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.DisconnectNodeAction { - err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.DisconnectStatus, nil, log) + err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.DisconnectStatus, nil) if err != nil { return err } @@ -282,7 +264,7 @@ func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.Ni if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.DisconnectStatus { actionStep, taskStartTime, err := scale.OffloadClusterNode(r.Client, nifiCluster, nodeId) if err != nil { - log.Info(fmt.Sprintf("nifi cluster communication error during removing node id: %s", nodeId)) + r.Log.Info(fmt.Sprintf("nifi cluster communication error during removing node id: %s", nodeId)) return errorfactory.New(errorfactory.NifiClusterNotReady{}, err, fmt.Sprintf("node id: %s", nodeId)) } err = k8sutil.UpdateNodeStatus(r.Client, []string{nodeId}, nifiCluster, @@ -295,7 +277,7 @@ func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.Ni // Check if node finished to offload data if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.OffloadNodeAction { - err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.OffloadStatus, nil, log) + err := r.checkNCActionStep(nodeId, nifiCluster, v1alpha1.OffloadStatus, nil) if err != nil { return err } @@ -310,7 +292,7 @@ func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.Ni if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.RemovePodStatus { actionStep, taskStartTime, err := scale.RemoveClusterNode(r.Client, nifiCluster, nodeId) if err != nil { - log.Info(fmt.Sprintf("nifi cluster communication error during removing node id: %s", nodeId)) + r.Log.Info(fmt.Sprintf("nifi cluster communication error during removing node id: %s", nodeId)) return errorfactory.New(errorfactory.NifiClusterNotReady{}, err, fmt.Sprintf("node id: %s", nodeId)) } err = k8sutil.UpdateNodeStatus(r.Client, []string{nodeId}, nifiCluster, @@ -324,7 +306,7 @@ func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.Ni if nifiCluster.Status.NodesState[nodeId].GracefulActionState.ActionStep == v1alpha1.RemoveNodeAction { succeedState := v1alpha1.GracefulDownscaleSucceeded err := r.checkNCActionStep(nodeId, - nifiCluster, v1alpha1.RemoveStatus, &succeedState, log) + nifiCluster, v1alpha1.RemoveStatus, &succeedState) if err != nil { return err } @@ -333,13 +315,13 @@ func (r *ReconcileNifiClusterTask) handlePodRunningTask(nifiCluster *v1alpha1.Ni return nil } -func (r *ReconcileNifiClusterTask) checkNCActionStep(nodeId string, nifiCluster *v1alpha1.NifiCluster, actionStep v1alpha1.ActionStep, state *v1alpha1.State, log logr.Logger) error { +func (r *NifiClusterTaskReconciler) checkNCActionStep(nodeId string, nifiCluster *v1alpha1.NifiCluster, actionStep v1alpha1.ActionStep, state *v1alpha1.State) error { nodeState := nifiCluster.Status.NodesState[nodeId] // Check Nifi cluster action status finished, err := scale.CheckIfNCActionStepFinished(nodeState.GracefulActionState.ActionStep, r.Client, nifiCluster, nodeId) if err != nil { - log.Info(fmt.Sprintf("Nifi cluster communication error checking running task: %s", nodeState.GracefulActionState.ActionStep)) + r.Log.Info(fmt.Sprintf("Nifi cluster communication error checking running task: %s", nodeState.GracefulActionState.ActionStep)) return errorfactory.New(errorfactory.NifiClusterNotReady{}, err, "nifi cluster communication error") } @@ -352,7 +334,7 @@ func (r *ReconcileNifiClusterTask) checkNCActionStep(nodeId string, nifiCluster v1alpha1.GracefulActionState{State: succeedState, TaskStarted: nodeState.GracefulActionState.TaskStarted, ActionStep: actionStep, - }, log) + }, r.Log) if err != nil { return errors.WrapIfWithDetails(err, "could not update status for node(s)", "id(s)", nodeId) } @@ -375,7 +357,7 @@ func (r *ReconcileNifiClusterTask) checkNCActionStep(nodeId string, nifiCluster return err } - log.Info(fmt.Sprintf("Rollback nifi cluster task: %s", nodeState.GracefulActionState.ActionStep)) + r.Log.Info(fmt.Sprintf("Rollback nifi cluster task: %s", nodeState.GracefulActionState.ActionStep)) actionStep, taskStartTime, err := scale.ConnectClusterNode(r.Client, nifiCluster, nodeId) @@ -393,7 +375,7 @@ func (r *ReconcileNifiClusterTask) checkNCActionStep(nodeId string, nifiCluster if err != nil { return err } - err = k8sutil.UpdateNodeStatus(r.Client, []string{nodeId}, nifiCluster, timedOutNodeNCState, log) + err = k8sutil.UpdateNodeStatus(r.Client, []string{nodeId}, nifiCluster, timedOutNodeNCState, r.Log) if err != nil { return errors.WrapIfWithDetails(err, "could not update status for node(s)", "id(s)", nodeId) } @@ -401,12 +383,12 @@ func (r *ReconcileNifiClusterTask) checkNCActionStep(nodeId string, nifiCluster } } // cc task still in progress - log.Info("Nifi cluster task is still running", "actionStep", actionStep) + r.Log.Info("Nifi cluster task is still running", "actionStep", actionStep) return errorfactory.New(errorfactory.NifiClusterTaskRunning{}, errors.New("Nifi cluster task is still running"), fmt.Sprintf("nc action step: %s", actionStep)) } // getCorrectRequiredCCState returns the correct Required CC state based on that we upscale or downscale -func (r *ReconcileNifiClusterTask) getCorrectRequiredNCState(ncState v1alpha1.State) (v1alpha1.State, error) { +func (r *NifiClusterTaskReconciler) getCorrectRequiredNCState(ncState v1alpha1.State) (v1alpha1.State, error) { if ncState.IsDownscale() { return v1alpha1.GracefulDownscaleRequired, nil } else if ncState.IsUpscale() { @@ -416,9 +398,9 @@ func (r *ReconcileNifiClusterTask) getCorrectRequiredNCState(ncState v1alpha1.St return ncState, errors.NewWithDetails("could not determine if task state is upscale or downscale", "ncState", ncState) } -func (r *ReconcileNifiClusterTask) handleNodeRemoveStatus(nifiCluster *v1alpha1.NifiCluster, nodeIds []string, log logr.Logger) error { +func (r *NifiClusterTaskReconciler) handleNodeRemoveStatus(nifiCluster *v1alpha1.NifiCluster, nodeIds []string) error { for _, nodeId := range nodeIds { - err := k8sutil.DeleteStatus(r.Client, nodeId, nifiCluster, log) + err := k8sutil.DeleteStatus(r.Client, nodeId, nifiCluster, r.Log) if err != nil { return errors.WrapIfWithDetails(err, "could not delete status for node", "id", nodeId) } diff --git a/controllers/nifidataflow_controller.go b/controllers/nifidataflow_controller.go new file mode 100644 index 000000000..e40dc2c8c --- /dev/null +++ b/controllers/nifidataflow_controller.go @@ -0,0 +1,360 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "emperror.dev/errors" + "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/dataflow" + "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" + "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" + "github.com/Orange-OpenSource/nifikop/pkg/util" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "reflect" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + "time" + + "github.com/go-logr/logr" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" +) + +var dataflowFinalizer = "finalizer.nifidataflows.nifi.orange.com" + +// NifiDataflowReconciler reconciles a NifiDataflow object +type NifiDataflowReconciler struct { + client.Client + Log logr.Logger + Scheme *runtime.Scheme +} + +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifidataflows,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifidataflows/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifidataflows/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NifiDataflow object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile +func (r *NifiDataflowReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = r.Log.WithValues("nifidataflow", req.NamespacedName) + + var err error + + // Fetch the NifiDataflow instance + instance := &v1alpha1.NifiDataflow{} + if err = r.Client.Get(ctx, req.NamespacedName, instance); err != nil { + if apierrors.IsNotFound(err) { + // Request object not found, could have been deleted after reconcile request. + return Reconciled() + } + // Error reading the object - requeue the request. + return RequeueWithError(r.Log, err.Error(), err) + } + + // Ensure finalizer for cleanup on deletion + if !util.StringSliceContains(instance.GetFinalizers(), dataflowFinalizer) { + r.Log.Info("Adding Finalizer for NifiDataflow") + instance.SetFinalizers(append(instance.GetFinalizers(), dataflowFinalizer)) + } + + // Push any changes + if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow", err) + } + + // Get the referenced NifiRegistryClient + var registryClient *v1alpha1.NifiRegistryClient + var registryClientNamespace string + if instance.Spec.RegistryClientRef != nil { + registryClientNamespace = + GetRegistryClientRefNamespace(instance.Namespace, *instance.Spec.RegistryClientRef) + + if registryClient, err = k8sutil.LookupNifiRegistryClient(r.Client, + instance.Spec.RegistryClientRef.Name, registryClientNamespace); err != nil { + + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Registry client is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced registry client", err) + } + } + + var parameterContext *v1alpha1.NifiParameterContext + var parameterContextNamespace string + if instance.Spec.ParameterContextRef != nil { + parameterContextNamespace = + GetParameterContextRefNamespace(instance.Namespace, *instance.Spec.ParameterContextRef) + + if parameterContext, err = k8sutil.LookupNifiParameterContext(r.Client, + instance.Spec.ParameterContextRef.Name, parameterContextNamespace); err != nil { + + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Parameter context is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced parameter-contest", err) + } + } + + // Check if cluster references are the same + clusterNamespace := GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) + if registryClient != nil && + (registryClientNamespace != clusterNamespace || + registryClient.Spec.ClusterRef.Name != instance.Spec.ClusterRef.Name || + (parameterContext != nil && + (parameterContextNamespace != clusterNamespace || + parameterContext.Spec.ClusterRef.Name != instance.Spec.ClusterRef.Name))) { + + return RequeueWithError( + r.Log, + "failed to lookup referenced cluster, due to inconsistency", + errors.New("inconsistent cluster references")) + } + + var cluster *v1alpha1.NifiCluster + if cluster, err = k8sutil.LookupNifiCluster(r.Client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Cluster is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced cluster", err) + } + + // Check if marked for deletion and if so run finalizers + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + return r.checkFinalizers(ctx, instance, cluster) + } + + if instance.Spec.GetRunOnce() && instance.Status.State == v1alpha1.DataflowStateRan { + return Reconciled() + } + + // Check if the dataflow already exist + existing, err := dataflow.DataflowExist(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure checking for existing dataflow", err) + } + + // Create dataflow if it doesn't already exist + if !existing { + + processGroupStatus, err := dataflow.CreateDataflow(r.Client, instance, cluster, registryClient) + if err != nil { + return RequeueWithError(r.Log, "failure creating dataflow", err) + } + + // Set dataflow status + instance.Status = *processGroupStatus + instance.Status.State = v1alpha1.DataflowStateCreated + + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow status", err) + } + + existing = true + } + + // In case where the flow is not sync + if instance.Status.State == v1alpha1.DataflowStateOutOfSync { + status, err := dataflow.SyncDataflow(r.Client, instance, cluster, registryClient, parameterContext) + if status != nil { + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow status", err) + } + } + if err != nil { + switch errors.Cause(err).(type) { + case errorfactory.NifiConnectionDropping, + errorfactory.NifiFlowUpdateRequestRunning, + errorfactory.NifiFlowDraining, + errorfactory.NifiFlowControllerServiceScheduling, + errorfactory.NifiFlowScheduling, errorfactory.NifiFlowSyncing: + return reconcile.Result{ + RequeueAfter: time.Duration(5) * time.Second, + }, nil + default: + return RequeueWithError(r.Log, "failed to sync NiFiDataflow", err) + } + } + + instance.Status.State = v1alpha1.DataflowStateInSync + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow status", err) + } + } + + // Check if the flow is out of sync + isOutOfSink, err := dataflow.IsOutOfSyncDataflow(r.Client, instance, cluster, registryClient, parameterContext) + if err != nil { + return RequeueWithError(r.Log, "failed to check NifiDataflow sync", err) + } + + if isOutOfSink { + instance.Status.State = v1alpha1.DataflowStateOutOfSync + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow status", err) + } + return Requeue() + } + + // Schedule the flow + if instance.Status.State == v1alpha1.DataflowStateCreated || + instance.Status.State == v1alpha1.DataflowStateStarting || + instance.Status.State == v1alpha1.DataflowStateInSync || + (!instance.Spec.GetRunOnce() && instance.Status.State == v1alpha1.DataflowStateRan) { + + instance.Status.State = v1alpha1.DataflowStateStarting + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow status", err) + } + + if err := dataflow.ScheduleDataflow(r.Client, instance, cluster); err != nil { + switch errors.Cause(err).(type) { + case errorfactory.NifiFlowControllerServiceScheduling, errorfactory.NifiFlowScheduling: + return RequeueAfter(time.Duration(5) * time.Second) + default: + return RequeueWithError(r.Log, "failed to run NifiDataflow", err) + } + } + + instance.Status.State = v1alpha1.DataflowStateRan + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow status", err) + } + } + + // Ensure NifiCluster label + if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { + return RequeueWithError(r.Log, "failed to ensure NifiCluster label on dataflow", err) + } + + // Push any changes + if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiDataflow", err) + } + + r.Log.Info("Ensured Dataflow") + + if instance.Spec.GetRunOnce() { + return Reconciled() + } + + return RequeueAfter(time.Duration(5) * time.Second) +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NifiDataflowReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&v1alpha1.NifiDataflow{}). + Complete(r) +} + +func (r *NifiDataflowReconciler) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, + flow *v1alpha1.NifiDataflow) (*v1alpha1.NifiDataflow, error) { + + labels := ApplyClusterRefLabel(cluster, flow.GetLabels()) + if !reflect.DeepEqual(labels, flow.GetLabels()) { + flow.SetLabels(labels) + return r.updateAndFetchLatest(ctx, flow) + } + return flow, nil +} + +func (r *NifiDataflowReconciler) updateAndFetchLatest(ctx context.Context, + flow *v1alpha1.NifiDataflow) (*v1alpha1.NifiDataflow, error) { + + typeMeta := flow.TypeMeta + err := r.Client.Update(ctx, flow) + if err != nil { + return nil, err + } + flow.TypeMeta = typeMeta + return flow, nil +} + +func (r *NifiDataflowReconciler) checkFinalizers(ctx context.Context, flow *v1alpha1.NifiDataflow, + cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { + + r.Log.Info("NiFi dataflow is marked for deletion") + var err error + if util.StringSliceContains(flow.GetFinalizers(), dataflowFinalizer) { + if err = r.finalizeNifiDataflow(flow, cluster); err != nil { + switch errors.Cause(err).(type) { + case errorfactory.NifiConnectionDropping, errorfactory.NifiFlowDraining: + return RequeueAfter(time.Duration(5) * time.Second) + default: + return RequeueWithError(r.Log, "failed to finalize NiFiDataflow", err) + } + } + if err = r.removeFinalizer(ctx, flow); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer from dataflow", err) + } + } + return Reconciled() +} + +func (r *NifiDataflowReconciler) removeFinalizer(ctx context.Context, flow *v1alpha1.NifiDataflow) error { + flow.SetFinalizers(util.StringSliceRemove(flow.GetFinalizers(), dataflowFinalizer)) + _, err := r.updateAndFetchLatest(ctx, flow) + return err +} + +func (r *NifiDataflowReconciler) finalizeNifiDataflow(flow *v1alpha1.NifiDataflow, cluster *v1alpha1.NifiCluster) error { + + exists, err := dataflow.DataflowExist(r.Client, flow, cluster) + if err != nil { + return err + } + + if exists { + if _, err = dataflow.RemoveDataflow(r.Client, flow, cluster); err != nil { + return err + } + r.Log.Info("Delete dataflow") + } + + return nil +} diff --git a/controllers/nifiparametercontext_controller.go b/controllers/nifiparametercontext_controller.go new file mode 100644 index 000000000..431725e1b --- /dev/null +++ b/controllers/nifiparametercontext_controller.go @@ -0,0 +1,244 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "emperror.dev/errors" + "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/parametercontext" + errorfactory "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" + "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" + "github.com/Orange-OpenSource/nifikop/pkg/util" + corev1 "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "reflect" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + "time" + + "github.com/go-logr/logr" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" +) + +var parameterContextFinalizer = "finalizer.nifiparametercontexts.nifi.orange.com" + +// NifiParameterContextReconciler reconciles a NifiParameterContext object +type NifiParameterContextReconciler struct { + client.Client + Log logr.Logger + Scheme *runtime.Scheme +} + +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiparametercontexts,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiparametercontexts/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiparametercontexts/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NifiParameterContext object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile +func (r *NifiParameterContextReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = r.Log.WithValues("nifiparametercontext", req.NamespacedName) + + var err error + + // Fetch the NifiParameterContext instance + instance := &v1alpha1.NifiParameterContext{} + if err = r.Client.Get(ctx, req.NamespacedName, instance); err != nil { + if apierrors.IsNotFound(err) { + // Request object not found, could have been deleted after reconcile request. + return Reconciled() + } + // Error reading the object - requeue the request. + return RequeueWithError(r.Log, err.Error(), err) + } + + // Get the referenced secrets + var parameterSecrets []*corev1.Secret + for _, parameterSecret := range instance.Spec.SecretRefs { + secretNamespace := GetSecretRefNamespace(instance.Namespace, parameterSecret) + var secret *corev1.Secret + if secret, err = k8sutil.LookupSecret(r.Client, parameterSecret.Name, secretNamespace); err != nil { + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Secret is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced secret", err) + } + parameterSecrets = append(parameterSecrets, secret) + } + + // Get the referenced NifiCluster + clusterNamespace := GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) + var cluster *v1alpha1.NifiCluster + if cluster, err = k8sutil.LookupNifiCluster(r.Client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Cluster is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced cluster", err) + } + + // Check if marked for deletion and if so run finalizers + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + return r.checkFinalizers(ctx, instance, parameterSecrets, cluster) + } + + // Check if the NiFi registry client already exist + exist, err := parametercontext.ExistParameterContext(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure checking for existing parameter context", err) + } + + if !exist { + // Create NiFi parameter context + status, err := parametercontext.CreateParameterContext(r.Client, instance, parameterSecrets, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure creating parameter context", err) + } + + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiParameterContext status", err) + } + } + + // Sync ParameterContext resource with NiFi side component + status, err := parametercontext.SyncParameterContext(r.Client, instance, parameterSecrets, cluster) + if status != nil { + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiParameterContext status", err) + } + } + if err != nil { + switch errors.Cause(err).(type) { + case errorfactory.NifiParameterContextUpdateRequestRunning: + return RequeueAfter(time.Duration(5) * time.Second) + default: + return RequeueWithError(r.Log, "failed to sync NifiParameterContext", err) + } + } + + // Ensure NifiCluster label + if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { + return RequeueWithError(r.Log, "failed to ensure NifiCluster label on parameter context", err) + } + + // Ensure finalizer for cleanup on deletion + if !util.StringSliceContains(instance.GetFinalizers(), parameterContextFinalizer) { + r.Log.Info("Adding Finalizer for NifiParameterContext") + instance.SetFinalizers(append(instance.GetFinalizers(), parameterContextFinalizer)) + } + + // Push any changes + if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiParameterContext", err) + } + + r.Log.Info("Ensured Parameter Context") + + return RequeueAfter(time.Duration(15) * time.Second) +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NifiParameterContextReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&v1alpha1.NifiParameterContext{}). + Complete(r) +} + +func (r *NifiParameterContextReconciler) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, + parameterContext *v1alpha1.NifiParameterContext) (*v1alpha1.NifiParameterContext, error) { + + labels := ApplyClusterRefLabel(cluster, parameterContext.GetLabels()) + if !reflect.DeepEqual(labels, parameterContext.GetLabels()) { + parameterContext.SetLabels(labels) + return r.updateAndFetchLatest(ctx, parameterContext) + } + return parameterContext, nil +} + +func (r *NifiParameterContextReconciler) updateAndFetchLatest(ctx context.Context, + parameterContext *v1alpha1.NifiParameterContext) (*v1alpha1.NifiParameterContext, error) { + + typeMeta := parameterContext.TypeMeta + err := r.Client.Update(ctx, parameterContext) + if err != nil { + return nil, err + } + parameterContext.TypeMeta = typeMeta + return parameterContext, nil +} + +func (r *NifiParameterContextReconciler) checkFinalizers( + ctx context.Context, + parameterContext *v1alpha1.NifiParameterContext, + parameterSecrets []*corev1.Secret, + cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { + + r.Log.Info("NiFi parameter context is marked for deletion") + var err error + if util.StringSliceContains(parameterContext.GetFinalizers(), parameterContextFinalizer) { + if err = r.finalizeNifiParameterContext(parameterContext, parameterSecrets, cluster); err != nil { + return RequeueWithError(r.Log, "failed to finalize parameter context", err) + } + if err = r.removeFinalizer(ctx, parameterContext); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer from parameter context", err) + } + } + return Reconciled() +} + +func (r *NifiParameterContextReconciler) removeFinalizer(ctx context.Context, flow *v1alpha1.NifiParameterContext) error { + flow.SetFinalizers(util.StringSliceRemove(flow.GetFinalizers(), parameterContextFinalizer)) + _, err := r.updateAndFetchLatest(ctx, flow) + return err +} + +func (r *NifiParameterContextReconciler) finalizeNifiParameterContext( + parameterContext *v1alpha1.NifiParameterContext, + parameterSecrets []*corev1.Secret, + cluster *v1alpha1.NifiCluster) error { + + if err := parametercontext.RemoveParameterContext(r.Client, parameterContext, parameterSecrets, cluster); err != nil { + return err + } + r.Log.Info("Delete Registry client") + + return nil +} diff --git a/controllers/nifiregistryclient_controller.go b/controllers/nifiregistryclient_controller.go new file mode 100644 index 000000000..b64d6cde4 --- /dev/null +++ b/controllers/nifiregistryclient_controller.go @@ -0,0 +1,209 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/registryclient" + "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" + "github.com/Orange-OpenSource/nifikop/pkg/util" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "reflect" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + "time" + + "github.com/go-logr/logr" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" +) + +var registryClientFinalizer = "finalizer.nifiregistryclients.nifi.orange.com" + +// NifiRegistryClientReconciler reconciles a NifiRegistryClient object +type NifiRegistryClientReconciler struct { + client.Client + Log logr.Logger + Scheme *runtime.Scheme +} + +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiregistryclients,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiregistryclients/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiregistryclients/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NifiRegistryClient object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile +func (r *NifiRegistryClientReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = r.Log.WithValues("nifiregistryclient", req.NamespacedName) + + var err error + + // Fetch the NifiRegistryClient instance + var instance = &v1alpha1.NifiRegistryClient{} + if err = r.Client.Get(ctx, req.NamespacedName, instance); err != nil { + if apierrors.IsNotFound(err) { + // Request object not found, could have been deleted after reconcile request. + return Reconciled() + } + // Error reading the object - requeue the request. + return RequeueWithError(r.Log, err.Error(), err) + } + + // Get the referenced NifiCluster + clusterNamespace := GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) + var cluster *v1alpha1.NifiCluster + if cluster, err = k8sutil.LookupNifiCluster(r.Client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Cluster is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced cluster", err) + } + + // Check if marked for deletion and if so run finalizers + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + return r.checkFinalizers(ctx, r.Log, instance, cluster) + } + + // Check if the NiFi registry client already exist + exist, err := registryclient.ExistRegistryClient(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure checking for existing registry client", err) + } + + if !exist { + // Create NiFi registry client + status, err := registryclient.CreateRegistryClient(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure creating registry client", err) + } + + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiRegistryClient status", err) + } + } + + // Sync RegistryClient resource with NiFi side component + status, err := registryclient.SyncRegistryClient(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failed to sync NifiRegistryClient", err) + } + + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiRegistryClient status", err) + } + + // Ensure NifiCluster label + if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { + return RequeueWithError(r.Log, "failed to ensure NifiCluster label on registry client", err) + } + + // Ensure finalizer for cleanup on deletion + if !util.StringSliceContains(instance.GetFinalizers(), registryClientFinalizer) { + r.Log.Info("Adding Finalizer for NifiRegistryClient") + instance.SetFinalizers(append(instance.GetFinalizers(), registryClientFinalizer)) + } + + // Push any changes + if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiRegistryClient", err) + } + + r.Log.Info("Ensured Registry Client") + + return RequeueAfter(time.Duration(15) * time.Second) +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NifiRegistryClientReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&v1alpha1.NifiRegistryClient{}). + Complete(r) +} + +func (r *NifiRegistryClientReconciler) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, + registryClient *v1alpha1.NifiRegistryClient) (*v1alpha1.NifiRegistryClient, error) { + + labels := ApplyClusterRefLabel(cluster, registryClient.GetLabels()) + if !reflect.DeepEqual(labels, registryClient.GetLabels()) { + registryClient.SetLabels(labels) + return r.updateAndFetchLatest(ctx, registryClient) + } + return registryClient, nil +} + +func (r *NifiRegistryClientReconciler) updateAndFetchLatest(ctx context.Context, + registryClient *v1alpha1.NifiRegistryClient) (*v1alpha1.NifiRegistryClient, error) { + + typeMeta := registryClient.TypeMeta + err := r.Client.Update(ctx, registryClient) + if err != nil { + return nil, err + } + registryClient.TypeMeta = typeMeta + return registryClient, nil +} + +func (r *NifiRegistryClientReconciler) checkFinalizers(ctx context.Context, reqLogger logr.Logger, + registryClient *v1alpha1.NifiRegistryClient, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { + + reqLogger.Info("NiFi registry client is marked for deletion") + var err error + if util.StringSliceContains(registryClient.GetFinalizers(), registryClientFinalizer) { + if err = r.finalizeNifiRegistryClient(reqLogger, registryClient, cluster); err != nil { + return RequeueWithError(reqLogger, "failed to finalize nifiregistryclient", err) + } + if err = r.removeFinalizer(ctx, registryClient); err != nil { + return RequeueWithError(reqLogger, "failed to remove finalizer from nifiregistryclient", err) + } + } + return Reconciled() +} + +func (r *NifiRegistryClientReconciler) removeFinalizer(ctx context.Context, registryClient *v1alpha1.NifiRegistryClient) error { + registryClient.SetFinalizers(util.StringSliceRemove(registryClient.GetFinalizers(), registryClientFinalizer)) + _, err := r.updateAndFetchLatest(ctx, registryClient) + return err +} + +func (r *NifiRegistryClientReconciler) finalizeNifiRegistryClient(reqLogger logr.Logger, registryClient *v1alpha1.NifiRegistryClient, + cluster *v1alpha1.NifiCluster) error { + + if err := registryclient.RemoveRegistryClient(r.Client, registryClient, cluster); err != nil { + return err + } + reqLogger.Info("Delete Registry client") + + return nil +} diff --git a/controllers/nifiuser_controller.go b/controllers/nifiuser_controller.go new file mode 100644 index 000000000..1d0c05b0b --- /dev/null +++ b/controllers/nifiuser_controller.go @@ -0,0 +1,293 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "emperror.dev/errors" + usercli "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/user" + "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" + "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" + "github.com/Orange-OpenSource/nifikop/pkg/pki" + "github.com/Orange-OpenSource/nifikop/pkg/util" + "github.com/go-logr/logr" + certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" + corev1 "k8s.io/api/core/v1" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "k8s.io/apimachinery/pkg/runtime" + "reflect" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + "time" + + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" +) + +var userFinalizer = "finalizer.nifiusers.nifi.orange.com" + +// NifiUserReconciler reconciles a NifiUser object +type NifiUserReconciler struct { + client.Client + Log logr.Logger + Scheme *runtime.Scheme +} + +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusers,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusers/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusers/finalizers,verbs=update +// +kubebuilder:rbac:groups=cert-manager.io,resources=certificates,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=cert-manager.io,resources=issuers,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=cert-manager.io,resources=clusterissuers,verbs=get;list;watch;create;update;patch;delete + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NifiUser object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile +func (r *NifiUserReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = r.Log.WithValues("nifiuser", req.NamespacedName) + + var err error + + // Fetch the NifiUser instance + instance := &v1alpha1.NifiUser{} + if err = r.Client.Get(ctx, req.NamespacedName, instance); err != nil { + if apierrors.IsNotFound(err) { + // Request object not found, could have been deleted after reconcile request. + return Reconciled() + } + // Error reading the object - requeue the request. + return RequeueWithError(r.Log, err.Error(), err) + } + + // Get the referenced NifiCluster + clusterNamespace := GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) + var cluster *v1alpha1.NifiCluster + if cluster, err = k8sutil.LookupNifiCluster(r.Client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Cluster is gone already, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer from NifiUser", err) + } + return Reconciled() + } + return RequeueWithError(r.Log, "failed to lookup referenced cluster", err) + } + // Avoid panic if the user wants to create a nifi user but the cluster is in plaintext mode + // TODO: refactor this and use webhook to validate if the cluster is eligible to create a nifi user + if cluster.Spec.ListenersConfig.SSLSecrets == nil { + return RequeueWithError(r.Log, "could not create Nifi user since cluster does not use ssl", errors.New("failed to create Nifi user")) + } + + pkiManager := pki.GetPKIManager(r.Client, cluster) + + if instance.Spec.GetCreateCert() { + + // Reconcile no matter what to get a user certificate instance for ACL management + // TODO (tinyzimmer): This can go wrong if the user made a mistake in their secret path + // using the vault backend, then tried to delete and fix it. Should probably + // have the PKIManager export a GetUserCertificate specifically for deletions + // that will allow the error to fall through if the certificate doesn't exist. + _, err := pkiManager.ReconcileUserCertificate(ctx, instance, r.Scheme) + if err != nil { + switch errors.Cause(err).(type) { + case errorfactory.ResourceNotReady: + r.Log.Info("generated secret not found, may not be ready") + return ctrl.Result{ + Requeue: true, + RequeueAfter: time.Duration(5) * time.Second, + }, nil + case errorfactory.FatalReconcileError: + // TODO: (tinyzimmer) - Sleep for longer for now to give user time to see the error + // But really we should catch these kinds of issues in a pre-admission hook in a future PR + // The user can fix while this is looping and it will pick it up next reconcile attempt + r.Log.Error(err, "Fatal error attempting to reconcile the user certificate. If using vault perhaps a permissions issue or improperly configured PKI?") + return ctrl.Result{ + Requeue: true, + RequeueAfter: time.Duration(15) * time.Second, + }, nil + case errorfactory.VaultAPIFailure: + // Same as above in terms of things that could be checked pre-flight on the cluster + r.Log.Error(err, "Vault API error attempting to reconcile the user certificate. If using vault perhaps a permissions issue or improperly configured PKI?") + return ctrl.Result{ + Requeue: true, + RequeueAfter: time.Duration(15) * time.Second, + }, nil + default: + return RequeueWithError(r.Log, "failed to reconcile user secret", err) + } + } + } + + // check if marked for deletion + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Nifi user is marked for deletion, revoking certificates") + if err = pkiManager.FinalizeUserCertificate(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to finalize user certificate", err) + } + return r.checkFinalizers(ctx, instance, cluster) + } + + // Check if the NiFi user already exist + exist, err := usercli.ExistUser(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure checking for existing registry client", err) + } + + if !exist { + var status *v1alpha1.NifiUserStatus + + status, err = usercli.FindUserByIdentity(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure finding user", err) + } + + if status == nil { + // Create NiFi registry client + status, err = usercli.CreateUser(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure creating user", err) + } + } + + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiUser status", err) + } + } + + // Sync user resource with NiFi side component + status, err := usercli.SyncUser(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failed to sync NifiUser", err) + } + + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiRegistryClient status", err) + } + + // ensure a NifiCluster label + if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { + return RequeueWithError(r.Log, "failed to ensure NifiCluster label on user", err) + } + + // ensure a finalizer for cleanup on deletion + if !util.StringSliceContains(instance.GetFinalizers(), userFinalizer) { + r.addFinalizer(instance) + if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiUser with finalizer", err) + } + } + + // Push any changes + if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiUser", err) + } + + r.Log.Info("Ensured user") + + return RequeueAfter(time.Duration(15) * time.Second) + + // set user status + //instance.Status = v1alpha1.NifiUserStatus{ + // State: v1alpha1.UserStateCreated, + //} + //if err := r.Client.Status().Update(ctx, instance); err != nil { + // return RequeueWithError(r.Log, "failed to update NifiUser status", err) + //} + + //return Reconciled() +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NifiUserReconciler) SetupWithManager(mgr ctrl.Manager, certManagerEnabled bool) error { + builder := ctrl.NewControllerManagedBy(mgr). + For(&v1alpha1.NifiUser{}). + Owns(&corev1.Secret{}) + + if certManagerEnabled { + builder.Owns(&certv1.Certificate{}) + } + + return builder.Complete(r) +} + +func (r *NifiUserReconciler) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, user *v1alpha1.NifiUser) (*v1alpha1.NifiUser, error) { + labels := ApplyClusterRefLabel(cluster, user.GetLabels()) + if !reflect.DeepEqual(labels, user.GetLabels()) { + user.SetLabels(labels) + return r.updateAndFetchLatest(ctx, user) + } + return user, nil +} + +func (r *NifiUserReconciler) updateAndFetchLatest(ctx context.Context, user *v1alpha1.NifiUser) (*v1alpha1.NifiUser, error) { + typeMeta := user.TypeMeta + err := r.Client.Update(ctx, user) + if err != nil { + return nil, err + } + user.TypeMeta = typeMeta + return user, nil +} + +func (r *NifiUserReconciler) checkFinalizers(ctx context.Context, user *v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { + r.Log.Info("NiFi user is marked for deletion") + var err error + if util.StringSliceContains(user.GetFinalizers(), userFinalizer) { + if err = r.finalizeNifiUser(user, cluster); err != nil { + return RequeueWithError(r.Log, "failed to finalize nifiuser", err) + } + // remove finalizer + if err = r.removeFinalizer(ctx, user); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer from NifiUser", err) + } + } + return Reconciled() +} + +func (r *NifiUserReconciler) removeFinalizer(ctx context.Context, user *v1alpha1.NifiUser) error { + user.SetFinalizers(util.StringSliceRemove(user.GetFinalizers(), userFinalizer)) + _, err := r.updateAndFetchLatest(ctx, user) + return err +} + +func (r *NifiUserReconciler) finalizeNifiUser(user *v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) error { + if k8sutil.IsMarkedForDeletion(cluster.ObjectMeta) { + r.Log.Info("Cluster is being deleted, skipping deletion") + return nil + } + + if err := usercli.RemoveUser(r.Client, user, cluster); err != nil { + return err + } + r.Log.Info("Delete user") + return nil +} + +func (r *NifiUserReconciler) addFinalizer(user *v1alpha1.NifiUser) { + r.Log.Info("Adding Finalizer for the NifiUser") + user.SetFinalizers(append(user.GetFinalizers(), userFinalizer)) + return +} diff --git a/controllers/nifiusergroup_controller.go b/controllers/nifiusergroup_controller.go new file mode 100644 index 000000000..065fbe849 --- /dev/null +++ b/controllers/nifiusergroup_controller.go @@ -0,0 +1,245 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "context" + "emperror.dev/errors" + "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/usergroup" + "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" + "github.com/Orange-OpenSource/nifikop/pkg/util" + apierrors "k8s.io/apimachinery/pkg/api/errors" + "reflect" + "sigs.k8s.io/controller-runtime/pkg/reconcile" + "time" + + "github.com/go-logr/logr" + "k8s.io/apimachinery/pkg/runtime" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" +) + +var userGroupFinalizer = "finalizer.nifiusergroups.nifi.orange.com" + +// NifiUserGroupReconciler reconciles a NifiUserGroup object +type NifiUserGroupReconciler struct { + client.Client + Log logr.Logger + Scheme *runtime.Scheme +} + +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusergroups,verbs=get;list;watch;create;update;patch;delete +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusergroups/status,verbs=get;update;patch +// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusergroups/finalizers,verbs=update + +// Reconcile is part of the main kubernetes reconciliation loop which aims to +// move the current state of the cluster closer to the desired state. +// TODO(user): Modify the Reconcile function to compare the state specified by +// the NifiUserGroup object against the actual cluster state, and then +// perform operations to make the cluster state reflect the state specified by +// the user. +// +// For more details, check Reconcile and its Result here: +// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.7.0/pkg/reconcile +func (r *NifiUserGroupReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) { + _ = r.Log.WithValues("nifiusergroup", req.NamespacedName) + + var err error + + // Fetch the NifiUserGroup instance + instance := &v1alpha1.NifiUserGroup{} + if err = r.Client.Get(ctx, req.NamespacedName, instance); err != nil { + if apierrors.IsNotFound(err) { + // Request object not found, could have been deleted after reconcile request. + return Reconciled() + } + // Error reading the object - requeue the request. + return RequeueWithError(r.Log, err.Error(), err) + } + + var users []*v1alpha1.NifiUser + + for _, userRef := range instance.Spec.UsersRef { + var user *v1alpha1.NifiUser + userNamespace := GetUserRefNamespace(instance.Namespace, userRef) + + if user, err = k8sutil.LookupNifiUser(r.Client, userRef.Name, userNamespace); err != nil { + + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("User is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced user", err) + } + // Check if cluster references are the same + clusterNamespace := GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) + if user != nil && (userNamespace != clusterNamespace || user.Spec.ClusterRef.Name != instance.Spec.ClusterRef.Name) { + return RequeueWithError( + r.Log, + "failed to lookup referenced cluster, due to inconsistency", + errors.New("inconsistent cluster references")) + } + + users = append(users, user) + } + + // Get the referenced NifiCluster + clusterNamespace := GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) + var cluster *v1alpha1.NifiCluster + if cluster, err = k8sutil.LookupNifiCluster(r.Client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { + // This shouldn't trigger anymore, but leaving it here as a safetybelt + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + r.Log.Info("Cluster is already gone, there is nothing we can do") + if err = r.removeFinalizer(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer", err) + } + return Reconciled() + } + + // the cluster does not exist - should have been caught pre-flight + return RequeueWithError(r.Log, "failed to lookup referenced cluster", err) + } + + // Check if marked for deletion and if so run finalizers + if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { + return r.checkFinalizers(ctx, instance, users, cluster) + } + + // Check if the NiFi user group already exist + exist, err := usergroup.ExistUserGroup(r.Client, instance, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure checking for existing user group", err) + } + + if !exist { + // Create NiFi user group + status, err := usergroup.CreateUserGroup(r.Client, instance, users, cluster) + if err != nil { + return RequeueWithError(r.Log, "failure creating user group", err) + } + + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiUserGroup status", err) + } + } + + // Sync UserGroup resource with NiFi side component + status, err := usergroup.SyncUserGroup(r.Client, instance, users, cluster) + if err != nil { + return RequeueWithError(r.Log, "failed to sync NifiUserGroup", err) + } + + instance.Status = *status + if err := r.Client.Status().Update(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiUserGroup status", err) + } + + // Ensure NifiCluster label + if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { + return RequeueWithError(r.Log, "failed to ensure NifiCluster label on user group", err) + } + + // Ensure finalizer for cleanup on deletion + if !util.StringSliceContains(instance.GetFinalizers(), userGroupFinalizer) { + r.Log.Info("Adding Finalizer for NifiUserGroup") + instance.SetFinalizers(append(instance.GetFinalizers(), userGroupFinalizer)) + } + + // Push any changes + if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { + return RequeueWithError(r.Log, "failed to update NifiUserGroup", err) + } + + r.Log.Info("Ensured User Group") + + return RequeueAfter(time.Duration(15) * time.Second) +} + +// SetupWithManager sets up the controller with the Manager. +func (r *NifiUserGroupReconciler) SetupWithManager(mgr ctrl.Manager) error { + return ctrl.NewControllerManagedBy(mgr). + For(&v1alpha1.NifiUserGroup{}). + Complete(r) +} + +func (r *NifiUserGroupReconciler) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, + userGroup *v1alpha1.NifiUserGroup) (*v1alpha1.NifiUserGroup, error) { + + labels := ApplyClusterRefLabel(cluster, userGroup.GetLabels()) + if !reflect.DeepEqual(labels, userGroup.GetLabels()) { + userGroup.SetLabels(labels) + return r.updateAndFetchLatest(ctx, userGroup) + } + return userGroup, nil +} + +func (r *NifiUserGroupReconciler) updateAndFetchLatest(ctx context.Context, + userGroup *v1alpha1.NifiUserGroup) (*v1alpha1.NifiUserGroup, error) { + + typeMeta := userGroup.TypeMeta + err := r.Client.Update(ctx, userGroup) + if err != nil { + return nil, err + } + userGroup.TypeMeta = typeMeta + return userGroup, nil +} + +func (r *NifiUserGroupReconciler) checkFinalizers(ctx context.Context, userGroup *v1alpha1.NifiUserGroup, + users []*v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { + + r.Log.Info("NiFi user group is marked for deletion") + var err error + if util.StringSliceContains(userGroup.GetFinalizers(), userGroupFinalizer) { + if err = r.finalizeNifiNifiUserGroup(userGroup, users, cluster); err != nil { + return RequeueWithError(r.Log, "failed to finalize nifiusergroup", err) + } + if err = r.removeFinalizer(ctx, userGroup); err != nil { + return RequeueWithError(r.Log, "failed to remove finalizer from kafkatopic", err) + } + } + return Reconciled() +} + +func (r *NifiUserGroupReconciler) removeFinalizer(ctx context.Context, userGroup *v1alpha1.NifiUserGroup) error { + userGroup.SetFinalizers(util.StringSliceRemove(userGroup.GetFinalizers(), userGroupFinalizer)) + _, err := r.updateAndFetchLatest(ctx, userGroup) + return err +} + +func (r *NifiUserGroupReconciler) finalizeNifiNifiUserGroup( + userGroup *v1alpha1.NifiUserGroup, + users []*v1alpha1.NifiUser, + cluster *v1alpha1.NifiCluster) error { + + if err := usergroup.RemoveUserGroup(r.Client, userGroup, users, cluster); err != nil { + return err + } + + r.Log.Info("Delete Registry client") + + return nil +} diff --git a/controllers/suite_test.go b/controllers/suite_test.go new file mode 100644 index 000000000..74e8b3b0d --- /dev/null +++ b/controllers/suite_test.go @@ -0,0 +1,97 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package controllers + +import ( + "path/filepath" + "testing" + + . "github.com/onsi/ginkgo" + . "github.com/onsi/gomega" + "k8s.io/client-go/kubernetes/scheme" + "k8s.io/client-go/rest" + "sigs.k8s.io/controller-runtime/pkg/client" + "sigs.k8s.io/controller-runtime/pkg/envtest" + "sigs.k8s.io/controller-runtime/pkg/envtest/printer" + logf "sigs.k8s.io/controller-runtime/pkg/log" + "sigs.k8s.io/controller-runtime/pkg/log/zap" + + nifiv1alpha1 "github.com/Orange-OpenSource/nifikop/api/v1alpha1" + // +kubebuilder:scaffold:imports +) + +// These tests use Ginkgo (BDD-style Go testing framework). Refer to +// http://onsi.github.io/ginkgo/ to learn more about Ginkgo. + +var cfg *rest.Config +var k8sClient client.Client +var testEnv *envtest.Environment + +func TestAPIs(t *testing.T) { + RegisterFailHandler(Fail) + + RunSpecsWithDefaultAndCustomReporters(t, + "Controller Suite", + []Reporter{printer.NewlineReporter{}}) +} + +var _ = BeforeSuite(func() { + logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true))) + + By("bootstrapping test environment") + testEnv = &envtest.Environment{ + CRDDirectoryPaths: []string{filepath.Join("..", "config", "crd", "bases")}, + } + + cfg, err := testEnv.Start() + Expect(err).NotTo(HaveOccurred()) + Expect(cfg).NotTo(BeNil()) + + err = nifiv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + err = nifiv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + err = nifiv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + err = nifiv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + err = nifiv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + err = nifiv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + err = nifiv1alpha1.AddToScheme(scheme.Scheme) + Expect(err).NotTo(HaveOccurred()) + + // +kubebuilder:scaffold:scheme + + k8sClient, err = client.New(cfg, client.Options{Scheme: scheme.Scheme}) + Expect(err).NotTo(HaveOccurred()) + Expect(k8sClient).NotTo(BeNil()) + +}, 60) + +var _ = AfterSuite(func() { + By("tearing down the test environment") + err := testEnv.Stop() + Expect(err).NotTo(HaveOccurred()) +}) diff --git a/deploy/crds/v1beta1/nifi.orange.com_nificlusters_crd.yaml b/deploy/crds/v1beta1/nifi.orange.com_nificlusters_crd.yaml deleted file mode 100644 index 1f34e5a81..000000000 --- a/deploy/crds/v1beta1/nifi.orange.com_nificlusters_crd.yaml +++ /dev/null @@ -1,2496 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: nificlusters.nifi.orange.com -spec: - group: nifi.orange.com - names: - kind: NifiCluster - listKind: NifiClusterList - plural: nificlusters - singular: nificluster - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: NifiCluster is the Schema for the nificlusters API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NifiClusterSpec defines the desired state of NifiCluster - properties: - clusterImage: - description: clusterImage can specify the whole NiFi cluster image in - one place - type: string - disruptionBudget: - description: Defines the configuration for PodDisruptionBudget - properties: - budget: - description: The budget to set for the PDB, can either be static - number or a percentage - pattern: ^[0-9]+$|^[0-9]{1,2}%$|^100%$ - type: string - create: - description: If set to true, will create a podDisruptionBudget - type: boolean - type: object - initContainerImage: - description: initContainerImage can override the default image used - into the init container to check if ZoooKeeper server is reachable. - type: string - initContainers: - description: initContainers defines additional initContainers configurations - items: - description: A single application container that you want to run within - a pod. - properties: - args: - description: 'Arguments to the entrypoint. The docker image''s - CMD is used if this is not provided. Variable references $(VAR_NAME) - are expanded using the container''s environment. If a variable - cannot be resolved, the reference in the input string will be - unchanged. The $(VAR_NAME) syntax can be escaped with a double - $$, ie: $$(VAR_NAME). Escaped references will never be expanded, - regardless of whether the variable exists or not. Cannot be - updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - command: - description: 'Entrypoint array. Not executed within a shell. The - docker image''s ENTRYPOINT is used if this is not provided. - Variable references $(VAR_NAME) are expanded using the container''s - environment. If a variable cannot be resolved, the reference - in the input string will be unchanged. The $(VAR_NAME) syntax - can be escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable exists - or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell' - items: - type: string - type: array - env: - description: List of environment variables to set in the container. - Cannot be updated. - items: - description: EnvVar represents an environment variable present - in a Container. - properties: - name: - description: Name of the environment variable. Must be a - C_IDENTIFIER. - type: string - value: - description: 'Variable references $(VAR_NAME) are expanded - using the previous defined environment variables in the - container and any service environment variables. If a - variable cannot be resolved, the reference in the input - string will be unchanged. The $(VAR_NAME) syntax can be - escaped with a double $$, ie: $$(VAR_NAME). Escaped references - will never be expanded, regardless of whether the variable - exists or not. Defaults to "".' - type: string - valueFrom: - description: Source for the environment variable's value. - Cannot be used if value is not empty. - properties: - configMapKeyRef: - description: Selects a key of a ConfigMap. - properties: - key: - description: The key to select. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the ConfigMap or its - key must be defined - type: boolean - required: - - key - type: object - fieldRef: - description: 'Selects a field of the pod: supports metadata.name, - metadata.namespace, metadata.labels, metadata.annotations, - spec.nodeName, spec.serviceAccountName, status.hostIP, - status.podIP, status.podIPs.' - properties: - apiVersion: - description: Version of the schema the FieldPath - is written in terms of, defaults to "v1". - type: string - fieldPath: - description: Path of the field to select in the - specified API version. - type: string - required: - - fieldPath - type: object - resourceFieldRef: - description: 'Selects a resource of the container: only - resources limits and requests (limits.cpu, limits.memory, - limits.ephemeral-storage, requests.cpu, requests.memory - and requests.ephemeral-storage) are currently supported.' - properties: - containerName: - description: 'Container name: required for volumes, - optional for env vars' - type: string - divisor: - anyOf: - - type: integer - - type: string - description: Specifies the output format of the - exposed resources, defaults to "1" - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - resource: - description: 'Required: resource to select' - type: string - required: - - resource - type: object - secretKeyRef: - description: Selects a key of a secret in the pod's - namespace - properties: - key: - description: The key of the secret to select from. Must - be a valid secret key. - type: string - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, - uid?' - type: string - optional: - description: Specify whether the Secret or its key - must be defined - type: boolean - required: - - key - type: object - type: object - required: - - name - type: object - type: array - envFrom: - description: List of sources to populate environment variables - in the container. The keys defined within a source must be a - C_IDENTIFIER. All invalid keys will be reported as an event - when the container is starting. When a key exists in multiple - sources, the value associated with the last source will take - precedence. Values defined by an Env with a duplicate key will - take precedence. Cannot be updated. - items: - description: EnvFromSource represents the source of a set of - ConfigMaps - properties: - configMapRef: - description: The ConfigMap to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the ConfigMap must be defined - type: boolean - type: object - prefix: - description: An optional identifier to prepend to each key - in the ConfigMap. Must be a C_IDENTIFIER. - type: string - secretRef: - description: The Secret to select from - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - optional: - description: Specify whether the Secret must be defined - type: boolean - type: object - type: object - type: array - image: - description: 'Docker image name. More info: https://kubernetes.io/docs/concepts/containers/images - This field is optional to allow higher level config management - to default or override container images in workload controllers - like Deployments and StatefulSets.' - type: string - imagePullPolicy: - description: 'Image pull policy. One of Always, Never, IfNotPresent. - Defaults to Always if :latest tag is specified, or IfNotPresent - otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images' - type: string - lifecycle: - description: Actions that the management system should take in - response to container lifecycle events. Cannot be updated. - properties: - postStart: - description: 'PostStart is called immediately after a container - is created. If the handler fails, the container is terminated - and restarted according to its restart policy. Other management - of the container blocks until the hook completes. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - preStop: - description: 'PreStop is called immediately before a container - is terminated due to an API request or management event - such as liveness/startup probe failure, preemption, resource - contention, etc. The handler is not called if the container - crashes or exits. The reason for termination is passed to - the handler. The Pod''s termination grace period countdown - begins before the PreStop hooked is executed. Regardless - of the outcome of the handler, the container will eventually - terminate within the Pod''s termination grace period. Other - management of the container blocks until the hook completes - or until the termination grace period is reached. More info: - https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks' - properties: - exec: - description: One and only one of the following should - be specified. Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute - inside the container, the working directory for - the command is root ('/') in the container's filesystem. - The command is simply exec'd, it is not run inside - a shell, so traditional shell instructions ('|', - etc) won't work. To use a shell, you need to explicitly - call out to that shell. Exit status of 0 is treated - as live/healthy and non-zero is unhealthy. - items: - type: string - type: array - type: object - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to - the pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. - HTTP allows repeated headers. - items: - description: HTTPHeader describes a custom header - to be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - tcpSocket: - description: 'TCPSocket specifies an action involving - a TCP port. TCP hooks not yet supported TODO: implement - a realistic TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access - on the container. Number must be in the range 1 - to 65535. Name must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - type: object - type: object - livenessProbe: - description: 'Periodic probe of container liveness. Container - will be restarted if the probe fails. Cannot be updated. More - info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - name: - description: Name of the container specified as a DNS_LABEL. Each - container in a pod must have a unique name (DNS_LABEL). Cannot - be updated. - type: string - ports: - description: List of ports to expose from the container. Exposing - a port here gives the system additional information about the - network connections a container uses, but is primarily informational. - Not specifying a port here DOES NOT prevent that port from being - exposed. Any port which is listening on the default "0.0.0.0" - address inside a container will be accessible from the network. - Cannot be updated. - items: - description: ContainerPort represents a network port in a single - container. - properties: - containerPort: - description: Number of port to expose on the pod's IP address. - This must be a valid port number, 0 < x < 65536. - format: int32 - type: integer - hostIP: - description: What host IP to bind the external port to. - type: string - hostPort: - description: Number of port to expose on the host. If specified, - this must be a valid port number, 0 < x < 65536. If HostNetwork - is specified, this must match ContainerPort. Most containers - do not need this. - format: int32 - type: integer - name: - description: If specified, this must be an IANA_SVC_NAME - and unique within the pod. Each named port in a pod must - have a unique name. Name for the port that can be referred - to by services. - type: string - protocol: - description: Protocol for port. Must be UDP, TCP, or SCTP. - Defaults to "TCP". - type: string - required: - - containerPort - type: object - type: array - x-kubernetes-list-map-keys: - - containerPort - - protocol - x-kubernetes-list-type: map - readinessProbe: - description: 'Periodic probe of container service readiness. Container - will be removed from service endpoints if the probe fails. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - resources: - description: 'Compute Resources required by this container. Cannot - be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - securityContext: - description: 'Security options the pod should run with. More info: - https://kubernetes.io/docs/concepts/policy/security-context/ - More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/' - properties: - allowPrivilegeEscalation: - description: 'AllowPrivilegeEscalation controls whether a - process can gain more privileges than its parent process. - This bool directly controls if the no_new_privs flag will - be set on the container process. AllowPrivilegeEscalation - is true always when the container is: 1) run as Privileged - 2) has CAP_SYS_ADMIN' - type: boolean - capabilities: - description: The capabilities to add/drop when running containers. - Defaults to the default set of capabilities granted by the - container runtime. - properties: - add: - description: Added capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - drop: - description: Removed capabilities - items: - description: Capability represent POSIX capabilities - type - type: string - type: array - type: object - privileged: - description: Run container in privileged mode. Processes in - privileged containers are essentially equivalent to root - on the host. Defaults to false. - type: boolean - procMount: - description: procMount denotes the type of proc mount to use - for the containers. The default is DefaultProcMount which - uses the container runtime defaults for readonly paths and - masked paths. This requires the ProcMountType feature flag - to be enabled. - type: string - readOnlyRootFilesystem: - description: Whether this container has a read-only root filesystem. - Default is false. - type: boolean - runAsGroup: - description: The GID to run the entrypoint of the container - process. Uses runtime default if unset. May also be set - in PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - format: int64 - type: integer - runAsNonRoot: - description: Indicates that the container must run as a non-root - user. If true, the Kubelet will validate the image at runtime - to ensure that it does not run as UID 0 (root) and fail - to start the container if it does. If unset or false, no - such validation will be performed. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - type: boolean - runAsUser: - description: The UID to run the entrypoint of the container - process. Defaults to user specified in image metadata if - unspecified. May also be set in PodSecurityContext. If - set in both SecurityContext and PodSecurityContext, the - value specified in SecurityContext takes precedence. - format: int64 - type: integer - seLinuxOptions: - description: The SELinux context to be applied to the container. - If unspecified, the container runtime will allocate a random - SELinux context for each container. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - properties: - level: - description: Level is SELinux level label that applies - to the container. - type: string - role: - description: Role is a SELinux role label that applies - to the container. - type: string - type: - description: Type is a SELinux type label that applies - to the container. - type: string - user: - description: User is a SELinux user label that applies - to the container. - type: string - type: object - windowsOptions: - description: The Windows specific settings applied to all - containers. If unspecified, the options from the PodSecurityContext - will be used. If set in both SecurityContext and PodSecurityContext, - the value specified in SecurityContext takes precedence. - properties: - gmsaCredentialSpec: - description: GMSACredentialSpec is where the GMSA admission - webhook (https://github.com/kubernetes-sigs/windows-gmsa) - inlines the contents of the GMSA credential spec named - by the GMSACredentialSpecName field. - type: string - gmsaCredentialSpecName: - description: GMSACredentialSpecName is the name of the - GMSA credential spec to use. - type: string - runAsUserName: - description: The UserName in Windows to run the entrypoint - of the container process. Defaults to the user specified - in image metadata if unspecified. May also be set in - PodSecurityContext. If set in both SecurityContext and - PodSecurityContext, the value specified in SecurityContext - takes precedence. - type: string - type: object - type: object - startupProbe: - description: 'StartupProbe indicates that the Pod has successfully - initialized. If specified, no other probes are executed until - this completes successfully. If this probe fails, the Pod will - be restarted, just as if the livenessProbe failed. This can - be used to provide different probe parameters at the beginning - of a Pod''s lifecycle, when it might take a long time to load - data or warm a cache, than during steady-state operation. This - cannot be updated. This is a beta feature enabled by the StartupProbe - feature flag. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - properties: - exec: - description: One and only one of the following should be specified. - Exec specifies the action to take. - properties: - command: - description: Command is the command line to execute inside - the container, the working directory for the command is - root ('/') in the container's filesystem. The command - is simply exec'd, it is not run inside a shell, so traditional - shell instructions ('|', etc) won't work. To use a shell, - you need to explicitly call out to that shell. Exit - status of 0 is treated as live/healthy and non-zero - is unhealthy. - items: - type: string - type: array - type: object - failureThreshold: - description: Minimum consecutive failures for the probe to - be considered failed after having succeeded. Defaults to - 3. Minimum value is 1. - format: int32 - type: integer - httpGet: - description: HTTPGet specifies the http request to perform. - properties: - host: - description: Host name to connect to, defaults to the - pod IP. You probably want to set "Host" in httpHeaders - instead. - type: string - httpHeaders: - description: Custom headers to set in the request. HTTP - allows repeated headers. - items: - description: HTTPHeader describes a custom header to - be used in HTTP probes - properties: - name: - description: The header field name - type: string - value: - description: The header field value - type: string - required: - - name - - value - type: object - type: array - path: - description: Path to access on the HTTP server. - type: string - port: - anyOf: - - type: integer - - type: string - description: Name or number of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - scheme: - description: Scheme to use for connecting to the host. - Defaults to HTTP. - type: string - required: - - port - type: object - initialDelaySeconds: - description: 'Number of seconds after the container has started - before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - periodSeconds: - description: How often (in seconds) to perform the probe. - Default to 10 seconds. Minimum value is 1. - format: int32 - type: integer - successThreshold: - description: Minimum consecutive successes for the probe to - be considered successful after having failed. Defaults to - 1. Must be 1 for liveness and startup. Minimum value is - 1. - format: int32 - type: integer - tcpSocket: - description: 'TCPSocket specifies an action involving a TCP - port. TCP hooks not yet supported TODO: implement a realistic - TCP lifecycle hook' - properties: - host: - description: 'Optional: Host name to connect to, defaults - to the pod IP.' - type: string - port: - anyOf: - - type: integer - - type: string - description: Number or name of the port to access on the - container. Number must be in the range 1 to 65535. Name - must be an IANA_SVC_NAME. - x-kubernetes-int-or-string: true - required: - - port - type: object - timeoutSeconds: - description: 'Number of seconds after which the probe times - out. Defaults to 1 second. Minimum value is 1. More info: - https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes' - format: int32 - type: integer - type: object - stdin: - description: Whether this container should allocate a buffer for - stdin in the container runtime. If this is not set, reads from - stdin in the container will always result in EOF. Default is - false. - type: boolean - stdinOnce: - description: Whether the container runtime should close the stdin - channel after it has been opened by a single attach. When stdin - is true the stdin stream will remain open across multiple attach - sessions. If stdinOnce is set to true, stdin is opened on container - start, is empty until the first client attaches to stdin, and - then remains open and accepts data until the client disconnects, - at which time stdin is closed and remains closed until the container - is restarted. If this flag is false, a container processes that - reads from stdin will never receive an EOF. Default is false - type: boolean - terminationMessagePath: - description: 'Optional: Path at which the file to which the container''s - termination message will be written is mounted into the container''s - filesystem. Message written is intended to be brief final status, - such as an assertion failure message. Will be truncated by the - node if greater than 4096 bytes. The total message length across - all containers will be limited to 12kb. Defaults to /dev/termination-log. - Cannot be updated.' - type: string - terminationMessagePolicy: - description: Indicate how the termination message should be populated. - File will use the contents of terminationMessagePath to populate - the container status message on both success and failure. FallbackToLogsOnError - will use the last chunk of container log output if the termination - message file is empty and the container exited with an error. - The log output is limited to 2048 bytes or 80 lines, whichever - is smaller. Defaults to File. Cannot be updated. - type: string - tty: - description: Whether this container should allocate a TTY for - itself, also requires 'stdin' to be true. Default is false. - type: boolean - volumeDevices: - description: volumeDevices is the list of block devices to be - used by the container. - items: - description: volumeDevice describes a mapping of a raw block - device within a container. - properties: - devicePath: - description: devicePath is the path inside of the container - that the device will be mapped to. - type: string - name: - description: name must match the name of a persistentVolumeClaim - in the pod - type: string - required: - - devicePath - - name - type: object - type: array - volumeMounts: - description: Pod volumes to mount into the container's filesystem. - Cannot be updated. - items: - description: VolumeMount describes a mounting of a Volume within - a container. - properties: - mountPath: - description: Path within the container at which the volume - should be mounted. Must not contain ':'. - type: string - mountPropagation: - description: mountPropagation determines how mounts are - propagated from the host to container and the other way - around. When not set, MountPropagationNone is used. This - field is beta in 1.10. - type: string - name: - description: This must match the Name of a Volume. - type: string - readOnly: - description: Mounted read-only if true, read-write otherwise - (false or unspecified). Defaults to false. - type: boolean - subPath: - description: Path within the volume from which the container's - volume should be mounted. Defaults to "" (volume's root). - type: string - subPathExpr: - description: Expanded path within the volume from which - the container's volume should be mounted. Behaves similarly - to SubPath but environment variable references $(VAR_NAME) - are expanded using the container's environment. Defaults - to "" (volume's root). SubPathExpr and SubPath are mutually - exclusive. - type: string - required: - - mountPath - - name - type: object - type: array - workingDir: - description: Container's working directory. If not specified, - the container runtime's default will be used, which might be - configured in the container image. Cannot be updated. - type: string - required: - - name - type: object - type: array - ldapConfiguration: - description: LdapConfiguration specifies the configuration if you want - to use LDAP - properties: - enabled: - description: If set to true, we will enable ldap usage into nifi.properties - configuration. - type: boolean - searchBase: - description: Base DN for searching for users (i.e. CN=Users,DC=example,DC=com). - type: string - searchFilter: - description: Filter for searching for users against the 'User Search - Base'. (i.e. sAMAccountName={0}). The user specified name is inserted - into '{0}'. - type: string - url: - description: Space-separated list of URLs of the LDAP servers (i.e. - ldap://:). - type: string - type: object - listenersConfig: - description: "TODO : add vault VaultConfig \tVaultConfig `json:\"vaultConfig,omitempty\"` - listenerConfig specifies nifi's listener specifig configs" - properties: - clusterDomain: - description: clusterDomain allow to override the default cluster - domain which is "cluster.local" - type: string - internalListeners: - description: 'externalListeners specifies settings required to access - nifi externally TODO: enable externalListener configuration ExternalListeners - []ExternalListenerConfig `json:"externalListeners,omitempty"` - internalListeners specifies settings required to access nifi internally' - items: - description: InternalListenerConfig defines the internal listener - config for Nifi - properties: - containerPort: - description: The container port. - format: int32 - type: integer - name: - description: An identifier for the port which will be configured. - type: string - type: - description: (Optional field) Type allow to specify if we - are in a specific nifi listener it's allowing to define - some required information such as Cluster Port, Http Port, - Https Port or S2S port - enum: - - cluster - - http - - https - - s2s - type: string - required: - - containerPort - - name - type: object - type: array - sslSecrets: - description: sslSecrets contains information about ssl related kubernetes - secrets if one of the listener setting type set to ssl these fields - must be populated to - properties: - clusterScoped: - description: clusterScoped defines if the Issuer created is - cluster or namespace scoped - type: boolean - create: - description: create tells the installed cert manager to create - the required certs keys - type: boolean - issuerRef: - description: 'issuerRef allow to use an existing issuer to act - as CA : https://cert-manager.io/docs/concepts/issuer/' - properties: - group: - type: string - kind: - type: string - name: - type: string - required: - - name - type: object - pkiBackend: - description: 'TODO : add vault' - enum: - - cert-manager - - vault - type: string - tlsSecretName: - description: 'tlsSecretName should contain all ssl certs required - by nifi including: caCert, caKey, clientCert, clientKey serverCert, - serverKey, peerCert, peerKey' - type: string - required: - - tlsSecretName - type: object - useExternalDNS: - description: 'useExternalDNS allow to manage externalDNS usage by - limiting the DNS names associated to each nodes and load balancer - : -node-...' - type: boolean - required: - - internalListeners - type: object - managedAdminUsers: - description: managedAdminUsers contains the list of users that will - be added to the managed admin group (with all rights) - items: - properties: - identity: - description: identity field is use to define the user identity - on NiFi cluster side, it use full when the user's name doesn't - suite with Kubernetes resource name. - type: string - name: - description: name field is use to name the NifiUser resource, - if not identity is provided it will be used to name the user - on NiFi cluster side. - type: string - required: - - name - type: object - type: array - managedReaderUsers: - description: managedReaderUsers contains the list of users that will - be added to the managed reader group (with all view rights) - items: - properties: - identity: - description: identity field is use to define the user identity - on NiFi cluster side, it use full when the user's name doesn't - suite with Kubernetes resource name. - type: string - name: - description: name field is use to name the NifiUser resource, - if not identity is provided it will be used to name the user - on NiFi cluster side. - type: string - required: - - name - type: object - type: array - nifiClusterTaskSpec: - description: NifiClusterTaskSpec specifies the configuration of the - nifi cluster Tasks - properties: - retryDurationMinutes: - description: RetryDurationMinutes describes the amount of time the - Operator waits for the task - type: integer - required: - - retryDurationMinutes - type: object - nodeConfigGroups: - additionalProperties: - description: NodeConfig defines the node configuration - properties: - image: - description: ' Docker image used by the operator to create the - node associated https://hub.docker.com/r/apache/nifi/' - type: string - imagePullPolicy: - description: imagePullPolicy define the pull policy for NiFi cluster - docker image - type: string - imagePullSecrets: - description: imagePullSecrets specifies the secret to use when - using private registry https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#localobjectreference-v1-core - items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - type: array - isNode: - description: Set this to true if the instance is a node in a cluster. - https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#basic-cluster-setup - type: boolean - nifiAnnotations: - additionalProperties: - type: string - description: Additionnal annotation to attach to the pod associated - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set - type: object - nodeAffinity: - description: nodeAffinity can be specified, operator populates - this value if new pvc added later to node - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods to - nodes that satisfy the affinity expressions specified by - this field, but it may choose a node that violates one or - more of the expressions. The node that is most preferred - is the one with the greatest sum of weights, i.e. for each - node that meets all of the scheduling requirements (resource - request, requiredDuringScheduling affinity expressions, - etc.), compute a sum by iterating through the elements of - this field and adding "weight" to the sum if the node matches - the corresponding matchExpressions; the node(s) with the - highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects (i.e. - is also a no-op). - properties: - preference: - description: A node selector term, associated with the - corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the corresponding - nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by this - field are not met at scheduling time, the pod will not be - scheduled onto the node. If the affinity requirements specified - by this field cease to be met at some point during pod execution - (e.g. due to an update), the system may or may not try to - eventually evict the pod from its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term matches - no objects. The requirements of them are ANDed. The - TopologySelectorTerm type implements a subset of the - NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists, DoesNotExist. Gt, and - Lt. - type: string - values: - description: An array of string values. If - the operator is In or NotIn, the values - array must be non-empty. If the operator - is Exists or DoesNotExist, the values array - must be empty. If the operator is Gt or - Lt, the values array must have a single - element, which will be interpreted as an - integer. This array is replaced during a - strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - nodeSelector: - additionalProperties: - type: string - description: nodeSelector can be specified, which set the pod - to fit on a node https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector - type: object - provenanceStorage: - description: provenanceStorage allow to specify the maximum amount - of data provenance information to store at a time https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#write-ahead-provenance-repository-properties - type: string - resourcesRequirements: - description: resourceRequirements works exactly like Container - resources, the user can specify the limit and the requests through - this property https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of compute - resources required. If Requests is omitted for a container, - it defaults to Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - runAsUser: - description: RunAsUser define the id of the user to run in the - Nifi image - format: int64 - minimum: 1 - type: integer - serviceAccountName: - description: serviceAccountName specifies the serviceAccount used - for this specific node - type: string - storageConfigs: - description: storageConfigs specifies the node related configs - items: - description: StorageConfig defines the node storage configuration - properties: - mountPath: - description: Path where the volume will be mount into the - main nifi container inside the pod. - type: string - name: - description: Name of the storage config, used to name PV - to reuse into sidecars for example. - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - pvcSpec: - description: Kubernetes PVC spec - properties: - accessModes: - description: 'AccessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'This field can be used to specify either: - * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot - - Beta) * An existing PVC (PersistentVolumeClaim) - * An existing custom resource/object that implements - data population (Alpha) In order to use VolumeSnapshot - object types, the appropriate feature gate must be - enabled (VolumeSnapshotDataSource or AnyVolumeDataSource) - If the provisioner or an external controller can support - the specified data source, it will create a new volume - based on the contents of the specified data source. - If the specified data source is not supported, the - volume will not be created and the failure will be - reported as an event. In the future, we plan to support - more data source types and the behavior of the provisioner - may change.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API group. - For any other third-party types, APIGroup is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - resources: - description: 'Resources represents the minimum resources - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount - of compute resources required. If Requests is - omitted for a container, it defaults to Limits - if that is explicitly specified, otherwise to - an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - selector: - description: A label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are ANDed. - items: - description: A label selector requirement is a - selector that contains values, a key, and an - operator that relates the key and values. - properties: - key: - description: key is the label key that the - selector applies to. - type: string - operator: - description: operator represents a key's relationship - to a set of values. Valid operators are - In, NotIn, Exists and DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. If the - operator is Exists or DoesNotExist, the - values array must be empty. This array is - replaced during a strategic merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is "In", - and the values array contains only "value". The - requirements are ANDed. - type: object - type: object - storageClassName: - description: 'Name of the StorageClass required by the - claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem is implied - when not included in claim spec. - type: string - volumeName: - description: VolumeName is the binding reference to - the PersistentVolume backing this claim. - type: string - type: object - required: - - mountPath - - name - - pvcSpec - type: object - type: array - tolerations: - description: tolerations can be specified, which set the pod's - tolerations https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/#concepts - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, allowed - values are NoSchedule, PreferNoSchedule and NoExecute. - type: string - key: - description: Key is the taint key that the toleration applies - to. Empty means match all taint keys. If the key is empty, - operator must be Exists; this combination means to match - all values and all keys. - type: string - operator: - description: Operator represents a key's relationship to - the value. Valid operators are Exists and Equal. Defaults - to Equal. Exists is equivalent to wildcard for value, - so that a pod can tolerate all taints of a particular - category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period of - time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the taint - forever (do not evict). Zero and negative values will - be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration matches - to. If the operator is Exists, the value should be empty, - otherwise just a regular string. - type: string - type: object - type: array - type: object - description: nodeConfigGroups specifies multiple node configs with unique - name - type: object - nodes: - description: all node requires an image, unique id, and storageConfigs - settings - items: - description: Node defines the nifi node basic configuration - properties: - id: - description: Unique Node id - format: int32 - type: integer - nodeConfig: - description: node configuration - properties: - image: - description: ' Docker image used by the operator to create - the node associated https://hub.docker.com/r/apache/nifi/' - type: string - imagePullPolicy: - description: imagePullPolicy define the pull policy for NiFi - cluster docker image - type: string - imagePullSecrets: - description: imagePullSecrets specifies the secret to use - when using private registry https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.11/#localobjectreference-v1-core - items: - description: LocalObjectReference contains enough information - to let you locate the referenced object inside the same - namespace. - properties: - name: - description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - TODO: Add other useful fields. apiVersion, kind, uid?' - type: string - type: object - type: array - isNode: - description: Set this to true if the instance is a node in - a cluster. https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#basic-cluster-setup - type: boolean - nifiAnnotations: - additionalProperties: - type: string - description: Additionnal annotation to attach to the pod associated - https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/#syntax-and-character-set - type: object - nodeAffinity: - description: nodeAffinity can be specified, operator populates - this value if new pvc added later to node - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: The scheduler will prefer to schedule pods - to nodes that satisfy the affinity expressions specified - by this field, but it may choose a node that violates - one or more of the expressions. The node that is most - preferred is the one with the greatest sum of weights, - i.e. for each node that meets all of the scheduling - requirements (resource request, requiredDuringScheduling - affinity expressions, etc.), compute a sum by iterating - through the elements of this field and adding "weight" - to the sum if the node matches the corresponding matchExpressions; - the node(s) with the highest sum are the most preferred. - items: - description: An empty preferred scheduling term matches - all objects with implicit weight 0 (i.e. it's a no-op). - A null preferred scheduling term matches no objects - (i.e. is also a no-op). - properties: - preference: - description: A node selector term, associated with - the corresponding weight. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - weight: - description: Weight associated with matching the - corresponding nodeSelectorTerm, in the range 1-100. - format: int32 - type: integer - required: - - preference - - weight - type: object - type: array - requiredDuringSchedulingIgnoredDuringExecution: - description: If the affinity requirements specified by - this field are not met at scheduling time, the pod will - not be scheduled onto the node. If the affinity requirements - specified by this field cease to be met at some point - during pod execution (e.g. due to an update), the system - may or may not try to eventually evict the pod from - its node. - properties: - nodeSelectorTerms: - description: Required. A list of node selector terms. - The terms are ORed. - items: - description: A null or empty node selector term - matches no objects. The requirements of them are - ANDed. The TopologySelectorTerm type implements - a subset of the NodeSelectorTerm. - properties: - matchExpressions: - description: A list of node selector requirements - by node's labels. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchFields: - description: A list of node selector requirements - by node's fields. - items: - description: A node selector requirement is - a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: The label key that the selector - applies to. - type: string - operator: - description: Represents a key's relationship - to a set of values. Valid operators - are In, NotIn, Exists, DoesNotExist. - Gt, and Lt. - type: string - values: - description: An array of string values. - If the operator is In or NotIn, the - values array must be non-empty. If the - operator is Exists or DoesNotExist, - the values array must be empty. If the - operator is Gt or Lt, the values array - must have a single element, which will - be interpreted as an integer. This array - is replaced during a strategic merge - patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - type: object - type: array - required: - - nodeSelectorTerms - type: object - type: object - nodeSelector: - additionalProperties: - type: string - description: nodeSelector can be specified, which set the - pod to fit on a node https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector - type: object - provenanceStorage: - description: provenanceStorage allow to specify the maximum - amount of data provenance information to store at a time - https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#write-ahead-provenance-repository-properties - type: string - resourcesRequirements: - description: resourceRequirements works exactly like Container - resources, the user can specify the limit and the requests - through this property https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/ - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount of compute - resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum amount of - compute resources required. If Requests is omitted for - a container, it defaults to Limits if that is explicitly - specified, otherwise to an implementation-defined value. - More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - runAsUser: - description: RunAsUser define the id of the user to run in - the Nifi image - format: int64 - minimum: 1 - type: integer - serviceAccountName: - description: serviceAccountName specifies the serviceAccount - used for this specific node - type: string - storageConfigs: - description: storageConfigs specifies the node related configs - items: - description: StorageConfig defines the node storage configuration - properties: - mountPath: - description: Path where the volume will be mount into - the main nifi container inside the pod. - type: string - name: - description: Name of the storage config, used to name - PV to reuse into sidecars for example. - pattern: '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*' - type: string - pvcSpec: - description: Kubernetes PVC spec - properties: - accessModes: - description: 'AccessModes contains the desired access - modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1' - items: - type: string - type: array - dataSource: - description: 'This field can be used to specify - either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot - - Beta) * An existing PVC (PersistentVolumeClaim) - * An existing custom resource/object that implements - data population (Alpha) In order to use VolumeSnapshot - object types, the appropriate feature gate must - be enabled (VolumeSnapshotDataSource or AnyVolumeDataSource) - If the provisioner or an external controller can - support the specified data source, it will create - a new volume based on the contents of the specified - data source. If the specified data source is not - supported, the volume will not be created and - the failure will be reported as an event. In the - future, we plan to support more data source types - and the behavior of the provisioner may change.' - properties: - apiGroup: - description: APIGroup is the group for the resource - being referenced. If APIGroup is not specified, - the specified Kind must be in the core API - group. For any other third-party types, APIGroup - is required. - type: string - kind: - description: Kind is the type of resource being - referenced - type: string - name: - description: Name is the name of resource being - referenced - type: string - required: - - kind - - name - type: object - resources: - description: 'Resources represents the minimum resources - the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources' - properties: - limits: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Limits describes the maximum amount - of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - requests: - additionalProperties: - anyOf: - - type: integer - - type: string - pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$ - x-kubernetes-int-or-string: true - description: 'Requests describes the minimum - amount of compute resources required. If Requests - is omitted for a container, it defaults to - Limits if that is explicitly specified, otherwise - to an implementation-defined value. More info: - https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/' - type: object - type: object - selector: - description: A label query over volumes to consider - for binding. - properties: - matchExpressions: - description: matchExpressions is a list of label - selector requirements. The requirements are - ANDed. - items: - description: A label selector requirement - is a selector that contains values, a key, - and an operator that relates the key and - values. - properties: - key: - description: key is the label key that - the selector applies to. - type: string - operator: - description: operator represents a key's - relationship to a set of values. Valid - operators are In, NotIn, Exists and - DoesNotExist. - type: string - values: - description: values is an array of string - values. If the operator is In or NotIn, - the values array must be non-empty. - If the operator is Exists or DoesNotExist, - the values array must be empty. This - array is replaced during a strategic - merge patch. - items: - type: string - type: array - required: - - key - - operator - type: object - type: array - matchLabels: - additionalProperties: - type: string - description: matchLabels is a map of {key,value} - pairs. A single {key,value} in the matchLabels - map is equivalent to an element of matchExpressions, - whose key field is "key", the operator is - "In", and the values array contains only "value". - The requirements are ANDed. - type: object - type: object - storageClassName: - description: 'Name of the StorageClass required - by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1' - type: string - volumeMode: - description: volumeMode defines what type of volume - is required by the claim. Value of Filesystem - is implied when not included in claim spec. - type: string - volumeName: - description: VolumeName is the binding reference - to the PersistentVolume backing this claim. - type: string - type: object - required: - - mountPath - - name - - pvcSpec - type: object - type: array - tolerations: - description: tolerations can be specified, which set the pod's - tolerations https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/#concepts - items: - description: The pod this Toleration is attached to tolerates - any taint that matches the triple using - the matching operator . - properties: - effect: - description: Effect indicates the taint effect to match. - Empty means match all taint effects. When specified, - allowed values are NoSchedule, PreferNoSchedule and - NoExecute. - type: string - key: - description: Key is the taint key that the toleration - applies to. Empty means match all taint keys. If the - key is empty, operator must be Exists; this combination - means to match all values and all keys. - type: string - operator: - description: Operator represents a key's relationship - to the value. Valid operators are Exists and Equal. - Defaults to Equal. Exists is equivalent to wildcard - for value, so that a pod can tolerate all taints of - a particular category. - type: string - tolerationSeconds: - description: TolerationSeconds represents the period - of time the toleration (which must be of effect NoExecute, - otherwise this field is ignored) tolerates the taint. - By default, it is not set, which means tolerate the - taint forever (do not evict). Zero and negative values - will be treated as 0 (evict immediately) by the system. - format: int64 - type: integer - value: - description: Value is the taint value the toleration - matches to. If the operator is Exists, the value should - be empty, otherwise just a regular string. - type: string - type: object - type: array - type: object - nodeConfigGroup: - description: nodeConfigGroup can be used to ease the node configuration, - if set only the id is required - type: string - readOnlyConfig: - description: readOnlyConfig can be used to pass Nifi node config - https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html - which has type read-only these config changes will trigger rolling - upgrade - properties: - bootstrapProperties: - description: BootstrapProperties configuration that will be - applied to the node. - properties: - nifiJvmMemory: - description: JVM memory settings - type: string - overrideConfigs: - description: Additionnals bootstrap.properties configuration - that will override the one produced based on template - and configurations. - type: string - type: object - nifiProperties: - description: NifiProperties configuration that will be applied - to the node. - properties: - authorizer: - description: Indicates which of the configured authorizers - in the authorizers.xml file to use https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#authorizer-configuration - type: string - needClientAuth: - description: Nifi security client auth - type: boolean - overrideConfigs: - description: Additionnals nifi.properties configuration - that will override the one produced based on template - and configurations. - type: string - webProxyHosts: - description: A comma separated list of allowed HTTP Host - header values to consider when NiFi is running securely - and will be receiving requests to a different host[:port] - than it is bound to. https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#web-properties - items: - type: string - type: array - type: object - zookeeperProperties: - description: ZookeeperProperties configuration that will be - applied to the node. - properties: - overrideConfigs: - description: Additionnals zookeeper.properties configuration - that will override the one produced based on template - and configurations. - type: string - type: object - type: object - required: - - id - type: object - type: array - oneNifiNodePerNode: - description: oneNifiNodePerNode if set to true every nifi node is started - on a new node, if there is not enough node to do that it will stay - in pending state. If set to false the operator also tries to schedule - the nifi node to a unique node but if the node number is insufficient - the nifi node will be scheduled to a node where a nifi node is already - running. - type: boolean - pod: - description: Pod defines the policy for pods owned by NiFiKop operator. - properties: - annotations: - additionalProperties: - type: string - description: Annotations specifies the annotations to attach to - pods the operator creates - type: object - type: object - propagateLabels: - description: propage - type: boolean - readOnlyConfig: - description: readOnlyConfig specifies the read-only type Nifi config - cluster wide, all theses will be merged with node specified readOnly - configurations, so it can be overwritten per node. - properties: - bootstrapProperties: - description: BootstrapProperties configuration that will be applied - to the node. - properties: - nifiJvmMemory: - description: JVM memory settings - type: string - overrideConfigs: - description: Additionnals bootstrap.properties configuration - that will override the one produced based on template and - configurations. - type: string - type: object - nifiProperties: - description: NifiProperties configuration that will be applied to - the node. - properties: - authorizer: - description: Indicates which of the configured authorizers in - the authorizers.xml file to use https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#authorizer-configuration - type: string - needClientAuth: - description: Nifi security client auth - type: boolean - overrideConfigs: - description: Additionnals nifi.properties configuration that - will override the one produced based on template and configurations. - type: string - webProxyHosts: - description: A comma separated list of allowed HTTP Host header - values to consider when NiFi is running securely and will - be receiving requests to a different host[:port] than it is - bound to. https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#web-properties - items: - type: string - type: array - type: object - zookeeperProperties: - description: ZookeeperProperties configuration that will be applied - to the node. - properties: - overrideConfigs: - description: Additionnals zookeeper.properties configuration - that will override the one produced based on template and - configurations. - type: string - type: object - type: object - service: - description: Service defines the policy for services owned by NiFiKop - operator. - properties: - annotations: - additionalProperties: - type: string - description: Annotations specifies the annotations to attach to - services the operator creates - type: object - headlessEnabled: - description: HeadlessEnabled specifies if the cluster should use - headlessService for Nifi or individual services using service - per nodes may come an handy case of service mesh. - type: boolean - required: - - headlessEnabled - type: object - zkAddress: - description: 'zKAddress specifies the ZooKeeper connection string in - the form hostname:port where host and port are those of a Zookeeper - server. TODO: rework for nice zookeeper connect string =' - type: string - zkPath: - description: zKPath specifies the Zookeeper chroot path as part of its - Zookeeper connection string which puts its data under same path in - the global ZooKeeper namespace. - type: string - required: - - listenersConfig - - nodes - - oneNifiNodePerNode - - zkAddress - type: object - status: - description: NifiClusterStatus defines the observed state of NifiCluster - properties: - nodesState: - additionalProperties: - description: NifiState holds information about nifi state - properties: - configurationState: - description: ConfigurationState holds info about the config - type: string - gracefulActionState: - description: GracefulActionState holds info about nifi cluster - action status - properties: - TaskStarted: - description: TaskStarted hold the time when the execution - started - type: string - actionState: - description: ActionState holds the information about Action - state - type: string - actionStep: - description: ActionStep holds info about the action step ran - type: string - errorMessage: - description: ErrorMessage holds the information what happened - with Nifi Cluster - type: string - required: - - actionState - - errorMessage - type: object - initClusterNode: - description: InitClusterNode contains if this nodes was part of - the initial cluster - type: boolean - required: - - configurationState - - gracefulActionState - - initClusterNode - type: object - description: Store the state of each nifi node - type: object - rollingUpgradeStatus: - description: RollingUpgradeStatus defines status of rolling upgrade - properties: - errorCount: - type: integer - lastSuccess: - type: string - required: - - errorCount - - lastSuccess - type: object - rootProcessGroupId: - description: RootProcessGroupId contains the uuid of the root process - group for this cluster - type: string - state: - description: ClusterState holds info about the cluster state - type: string - required: - - state - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/deploy/crds/v1beta1/nifi.orange.com_nifidataflows_crd.yaml b/deploy/crds/v1beta1/nifi.orange.com_nifidataflows_crd.yaml deleted file mode 100644 index c4dafe8e5..000000000 --- a/deploy/crds/v1beta1/nifi.orange.com_nifidataflows_crd.yaml +++ /dev/null @@ -1,250 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: nifidataflows.nifi.orange.com -spec: - group: nifi.orange.com - names: - kind: NifiDataflow - listKind: NifiDataflowList - plural: nifidataflows - singular: nifidataflow - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Nifi Dataflow is the Schema for the nifi dataflow API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NifiDataflowSpec defines the desired state of NifiDataflow - properties: - bucketId: - description: the UUID of the Bucket containing the flow. - type: string - clusterRef: - description: contains the reference to the NifiCluster with the one - the dataflow is linked. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - flowId: - description: the UUID of the flow to run. - type: string - flowVersion: - description: the version of the flow to run, if not present or equals - to -1, then the latest version of flow will be used. - format: int32 - type: integer - parameterContextRef: - description: contains the reference to the ParameterContext with the - one the dataflow is linked. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - parentProcessGroupID: - description: the UUID of the parent process group where you want to - deploy your dataflow, if not set deploy at root level. - type: string - registryClientRef: - description: contains the reference to the NifiRegistry with the one - the dataflow is linked. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - runOnce: - description: if the flow will be ran once or continuously checked - type: boolean - skipInvalidComponent: - description: whether the flow is considered as ran if some components - are still invalid or not. - type: boolean - skipInvalidControllerService: - description: whether the flow is considered as ran if some controller - services are still invalid or not. - type: boolean - updateStrategy: - description: 'describes the way the operator will deal with data when - a dataflow will be updated : drop or drain' - enum: - - drop - - drain - type: string - required: - - bucketId - - flowId - - updateStrategy - type: object - status: - description: NifiDataflowStatus defines the observed state of NifiDataflow - properties: - latestDropRequest: - description: the latest queue drop request sent. - properties: - connectionId: - description: the connection id. - type: string - current: - description: the count and size of flow files currently queued. - type: string - currentCount: - description: the number of flow files currently queued. - format: int32 - type: integer - currentSize: - description: the size of flow files currently queued in bytes. - format: int64 - type: integer - dropped: - description: the count and size of flow files that have been dropped - thus far. - type: string - droppedCount: - description: the number of flow files that have been dropped thus - far. - format: int32 - type: integer - droppedSize: - description: the size of flow files currently queued in bytes. - format: int64 - type: integer - failureReason: - description: an explication of why the request failed, or null if - this request has not failed. - type: string - finished: - description: whether the request has finished. - type: boolean - id: - description: the id for this drop request. - type: string - lastUpdated: - description: the last time this request was updated. - type: string - original: - description: the count and size of flow files to be dropped as a - result of this request. - type: string - originalCount: - description: the number of flow files to be dropped as a result - of this request. - format: int32 - type: integer - originalSize: - description: the size of flow files to be dropped as a result of - this request in bytes. - format: int64 - type: integer - percentCompleted: - description: the percentage complete of the request, between 0 and - 100. - format: int32 - type: integer - state: - description: the state of the request - type: string - uri: - description: the uri for this request. - type: string - required: - - connectionId - - current - - currentCount - - currentSize - - dropped - - droppedCount - - droppedSize - - failureReason - - finished - - id - - lastUpdated - - original - - originalCount - - originalSize - - percentCompleted - - state - - uri - type: object - latestUpdateRequest: - description: the latest version update request sent. - properties: - complete: - description: whether or not this request has completed. - type: boolean - failureReason: - description: an explication of why the request failed, or null if - this request has not failed. - type: string - id: - description: the id of the update request. - type: string - lastUpdated: - description: the last time this request was updated. - type: string - percentCompleted: - description: the percentage complete of the request, between 0 and - 100. - format: int32 - type: integer - state: - description: the state of the request - type: string - type: - description: defines the type of versioned flow update request. - type: string - uri: - description: the uri for this request. - type: string - required: - - complete - - failureReason - - id - - lastUpdated - - percentCompleted - - state - - type - - uri - type: object - processGroupID: - description: process Group ID - type: string - state: - description: the dataflow current state. - type: string - required: - - processGroupID - - state - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/deploy/crds/v1beta1/nifi.orange.com_nifiparametercontexts_crd.yaml b/deploy/crds/v1beta1/nifi.orange.com_nifiparametercontexts_crd.yaml deleted file mode 100644 index cc58bf258..000000000 --- a/deploy/crds/v1beta1/nifi.orange.com_nifiparametercontexts_crd.yaml +++ /dev/null @@ -1,145 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: nifiparametercontexts.nifi.orange.com -spec: - group: nifi.orange.com - names: - kind: NifiParameterContext - listKind: NifiParameterContextList - plural: nifiparametercontexts - singular: nifiparametercontext - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: NifiParameterContext is the Schema for the nifi parameter context - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NifiParameterContextSpec defines the desired state of NifiParameterContext - properties: - clusterRef: - description: contains the reference to the NifiCluster with the one - the user is linked. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - description: - description: the Description of the Parameter Context. - type: string - parameters: - description: a list of non-sensitive Parameters. - items: - properties: - description: - description: the description of the Parameter. - type: string - name: - description: the name of the Parameter. - type: string - value: - description: the value of the Parameter. - type: string - required: - - name - type: object - type: array - secretRefs: - description: a list of secret containing sensitive parameters (the key - will name of the parameter). - items: - description: SecretReference states a reference to a secret for parameter - context provisioning - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - clusterRef - - parameters - type: object - status: - description: NifiParameterContextStatus defines the observed state of NifiParameterContext - properties: - id: - description: the nifi parameter context id. - type: string - latestUpdateRequest: - description: the latest update request. - properties: - complete: - description: whether or not this request has completed. - type: boolean - failureReason: - description: an explication of why the request failed, or null if - this request has not failed. - type: string - id: - description: the id of the update request. - type: string - lastUpdated: - description: the last time this request was updated. - type: string - percentCompleted: - description: the percentage complete of the request, between 0 and - 100. - format: int32 - type: integer - state: - description: the state of the request. - type: string - submissionTime: - description: the timestamp of when the request was submitted This - property is read only. - type: string - uri: - description: the uri for this request. - type: string - required: - - complete - - failureReason - - id - - lastUpdated - - percentCompleted - - state - - submissionTime - - uri - type: object - version: - description: the last nifi parameter context revision version catched. - format: int64 - type: integer - required: - - id - - version - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/deploy/crds/v1beta1/nifi.orange.com_nifiregistryclients_crd.yaml b/deploy/crds/v1beta1/nifi.orange.com_nifiregistryclients_crd.yaml deleted file mode 100644 index f550ececa..000000000 --- a/deploy/crds/v1beta1/nifi.orange.com_nifiregistryclients_crd.yaml +++ /dev/null @@ -1,76 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: nifiregistryclients.nifi.orange.com -spec: - group: nifi.orange.com - names: - kind: NifiRegistryClient - listKind: NifiRegistryClientList - plural: nifiregistryclients - singular: nifiregistryclient - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Nifi Registry Client is the Schema for the nifi registry client - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NifiRegistryClientSpec defines the desired state of NifiRegistryClient - properties: - clusterRef: - description: Contains the reference to the NifiCluster with the one - the registry client is linked. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - description: - description: The Description of the Registry client. - type: string - uri: - description: The URI of the NiFi registry that should be used for pulling - the flow. - type: string - required: - - clusterRef - - uri - type: object - status: - description: NifiRegistryClientStatus defines the observed state of NifiRegistryClient - properties: - id: - description: The nifi registry client's id - type: string - version: - description: The last nifi registry client revision version catched - format: int64 - type: integer - required: - - id - - version - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/deploy/crds/v1beta1/nifi.orange.com_nifiusergroups_crd.yaml b/deploy/crds/v1beta1/nifi.orange.com_nifiusergroups_crd.yaml deleted file mode 100644 index fd4e1ea44..000000000 --- a/deploy/crds/v1beta1/nifi.orange.com_nifiusergroups_crd.yaml +++ /dev/null @@ -1,140 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: nifiusergroups.nifi.orange.com -spec: - group: nifi.orange.com - names: - kind: NifiUserGroup - listKind: NifiUserGroupList - plural: nifiusergroups - singular: nifiusergroup - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Nifi Registry Client is the Schema for the nifi registry client - API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NifiUserGroupSpec defines the desired state of NifiUserGroup - properties: - accessPolicies: - description: accessPolicies defines the list of access policies that - will be granted to the group. - items: - properties: - action: - description: action defines the kind of action that will be granted, - could be "read" or "write" - enum: - - read - - write - type: string - componentId: - description: componentId is used if the type is "component", it's - allow to define the id of the component on which is the access - policy - type: string - componentType: - description: componentType is used if the type is "component", - it's allow to define the kind of component on which is the access - policy - type: string - resource: - description: 'resource defines the kind of resource targeted by - this access policies, please refer to the following page : https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#access-policies' - enum: - - /system - - /flow - - /controller - - /parameter-context - - /provenance - - /restricted-components - - /policies - - /tenants - - /site-to-site - - /proxy - - /counters - - / - - /operation - - /provenance-data - - /data - - /policies - - /data-transfer - type: string - type: - description: type defines the kind of access policy, could be - "global" or "component". - enum: - - global - - component - type: string - required: - - action - - resource - - type - type: object - type: array - clusterRef: - description: clusterRef contains the reference to the NifiCluster with - the one the registry client is linked. - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - usersRef: - description: userRef contains the list of reference to NifiUsers that - are part to the group. - items: - description: UserReference states a reference to a user for user group - provisioning - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - type: array - required: - - clusterRef - type: object - status: - description: NifiUserGroupStatus defines the observed state of NifiUserGroup - properties: - id: - description: The nifi usergroup's node id - type: string - version: - description: The last nifi usergroup's node revision version catched - format: int64 - type: integer - required: - - id - - version - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/deploy/crds/v1beta1/nifi.orange.com_nifiusers_crd.yaml b/deploy/crds/v1beta1/nifi.orange.com_nifiusers_crd.yaml deleted file mode 100644 index ca65ec76a..000000000 --- a/deploy/crds/v1beta1/nifi.orange.com_nifiusers_crd.yaml +++ /dev/null @@ -1,145 +0,0 @@ -apiVersion: apiextensions.k8s.io/v1beta1 -kind: CustomResourceDefinition -metadata: - name: nifiusers.nifi.orange.com -spec: - group: nifi.orange.com - names: - kind: NifiUser - listKind: NifiUserList - plural: nifiusers - singular: nifiuser - scope: Namespaced - subresources: - status: {} - validation: - openAPIV3Schema: - description: Nifi User is the Schema for the nifi users API - properties: - apiVersion: - description: 'APIVersion defines the versioned schema of this representation - of an object. Servers should convert recognized schemas to the latest - internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' - type: string - kind: - description: 'Kind is a string value representing the REST resource this - object represents. Servers may infer this from the endpoint the client - submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' - type: string - metadata: - type: object - spec: - description: NifiUserSpec defines the desired state of NifiUser - properties: - accessPolicies: - description: accessPolicies defines the list of access policies that - will be granted to the group. - items: - properties: - action: - description: action defines the kind of action that will be granted, - could be "read" or "write" - enum: - - read - - write - type: string - componentId: - description: componentId is used if the type is "component", it's - allow to define the id of the component on which is the access - policy - type: string - componentType: - description: componentType is used if the type is "component", - it's allow to define the kind of component on which is the access - policy - type: string - resource: - description: 'resource defines the kind of resource targeted by - this access policies, please refer to the following page : https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#access-policies' - enum: - - /system - - /flow - - /controller - - /parameter-context - - /provenance - - /restricted-components - - /policies - - /tenants - - /site-to-site - - /proxy - - /counters - - / - - /operation - - /provenance-data - - /data - - /policies - - /data-transfer - type: string - type: - description: type defines the kind of access policy, could be - "global" or "component". - enum: - - global - - component - type: string - required: - - action - - resource - - type - type: object - type: array - clusterRef: - description: contains the reference to the NifiCluster with the one - the user is linked - properties: - name: - type: string - namespace: - type: string - required: - - name - type: object - createCert: - description: Whether or not a certificate will be created for this user. - type: boolean - dnsNames: - description: List of DNSNames that the user will used to request the - NifiCluster (allowing to create the right certificates associated) - items: - type: string - type: array - identity: - description: identity field is used to define the user identity on NiFi - cluster side, when the user's name doesn't suit with Kubernetes resource - name. - type: string - includeJKS: - description: Whether or not the the operator also include a Java keystore - format (JKS) with you secret - type: boolean - secretName: - description: Name of the secret where all cert resources will be stored - type: string - required: - - clusterRef - type: object - status: - description: NifiUserStatus defines the observed state of NifiUser - properties: - id: - description: The nifi user's node id - type: string - version: - description: The last nifi user's node revision version catched - format: int64 - type: integer - required: - - id - - version - type: object - type: object - version: v1alpha1 - versions: - - name: v1alpha1 - served: true - storage: true diff --git a/deploy/operator.yaml b/deploy/operator.yaml deleted file mode 100644 index daa89eab3..000000000 --- a/deploy/operator.yaml +++ /dev/null @@ -1,33 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nifikop -spec: - replicas: 1 - selector: - matchLabels: - name: nifikop - template: - metadata: - labels: - name: nifikop - spec: - serviceAccountName: nifikop - containers: - - name: nifikop - # Replace this with the built image name - image: orangeopensource/nifikop:0.4.2-alpha - command: - - nifikop - imagePullPolicy: Always - env: - - name: WATCH_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: OPERATOR_NAME - value: "nifikop" diff --git a/deploy/role.yaml b/deploy/role.yaml deleted file mode 100644 index cd302a6d4..000000000 --- a/deploy/role.yaml +++ /dev/null @@ -1,80 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - creationTimestamp: null - name: nifikop -rules: -- apiGroups: - - "" - resources: - - pods - - services - - services/finalizers - - endpoints - - persistentvolumeclaims - - events - - configmaps - - secrets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - apps - resources: - - deployments - - daemonsets - - replicasets - - statefulsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch -- apiGroups: - - monitoring.coreos.com - resources: - - servicemonitors - verbs: - - get - - create -- apiGroups: - - apps - resourceNames: - - nifikop - resources: - - deployments/finalizers - verbs: - - update -- apiGroups: - - "" - resources: - - pods - verbs: - - get -- apiGroups: - - apps - resources: - - replicasets - - deployments - verbs: - - get -- apiGroups: - - nifi.orange.com - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch diff --git a/deploy/service_account.yaml b/deploy/service_account.yaml deleted file mode 100644 index 3eac38ec1..000000000 --- a/deploy/service_account.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: nifikop diff --git a/docker/build-image/Dockerfile b/docker/build-image/Dockerfile deleted file mode 100644 index 4f44c7889..000000000 --- a/docker/build-image/Dockerfile +++ /dev/null @@ -1,112 +0,0 @@ -# Copyright 2020 Orange SA -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License.package apis - -#https://github.com/CircleCI-Public/circleci-dockerfiles/blob/master/golang/images/1.12.4/Dockerfile -FROM golang:1.14 - -# Make Apt non-interactive -RUN echo 'APT::Get::Assume-Yes "true";' > /etc/apt/apt.conf.d/90circleci \ - && echo 'DPkg::Options "--force-confnew";' >> /etc/apt/apt.conf.d/90circleci - -ENV DEBIAN_FRONTEND=noninteractive - -# Debian Jessie is EOL'd and original repos don't work. -# Switch to the archive mirror until we can get people to -# switch to Stretch. -RUN if grep -q Debian /etc/os-release && grep -q jessie /etc/os-release; then \ - rm /etc/apt/sources.list \ - && echo "deb http://archive.debian.org/debian/ jessie main" >> /etc/apt/sources.list \ - && echo "deb http://security.debian.org/debian-security jessie/updates main" >> /etc/apt/sources.list \ - ; fi - -# Make sure PATH includes ~/.local/bin -# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839155 -RUN echo 'PATH="$HOME/.local/bin:$PATH"' >> /etc/profile.d/user-local-path.sh - -# man directory is missing in some base images -# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199 -RUN apt-get update \ - && mkdir -p /usr/share/man/man1 \ - && apt-get install -y \ - git apt \ - locales sudo openssh-client ca-certificates tar gzip \ - net-tools netcat unzip zip bzip2 gnupg curl wget - -# Set timezone to UTC by default -RUN ln -sf /usr/share/zoneinfo/Etc/UTC /etc/localtime - -# Use unicode -RUN locale-gen C.UTF-8 || true -ENV LANG=C.UTF-8 - -# Install jq -RUN JQ_URL="https://circle-downloads.s3.amazonaws.com/circleci-images/cache/linux-amd64/jq-latest" \ - && curl --silent --show-error --location --fail --retry 3 --output /usr/bin/jq $JQ_URL \ - && chmod +x /usr/bin/jq \ - && jq --version - -# Install Docker -RUN set -ex \ - && export DOCKER_VERSION=$(curl --silent --fail --retry 3 https://download.docker.com/linux/static/stable/x86_64/ | grep -o -e 'docker-[.0-9]*\.tgz' | sort -r | head -n 1) \ - && DOCKER_URL="https://download.docker.com/linux/static/stable/x86_64/${DOCKER_VERSION}" \ - && echo Docker URL: $DOCKER_URL \ - && curl --silent --show-error --location --fail --retry 3 --output /tmp/docker.tgz "${DOCKER_URL}" \ - && ls -lha /tmp/docker.tgz \ - && tar -xz -C /tmp -f /tmp/docker.tgz \ - && mv /tmp/docker/* /usr/bin \ - && rm -rf /tmp/docker /tmp/docker.tgz \ - && which docker \ - && (docker version || true) - -RUN groupadd --gid 3434 circleci \ - && useradd --uid 3434 --gid circleci --shell /bin/bash --create-home circleci \ - && echo 'circleci ALL=NOPASSWD: ALL' >> /etc/sudoers.d/50-circleci \ - && echo 'Defaults env_keep += "DEBIAN_FRONTEND"' >> /etc/sudoers.d/env_keep - -RUN curl https://raw.githubusercontent.com/golang/dep/master/install.sh | INSTALL_DIRECTORY=/usr/local/bin sh -RUN curl -sSL https://github.com/gotestyourself/gotestsum/releases/download/v0.3.4/gotestsum_0.3.4_linux_amd64.tar.gz | \ - tar -xz -C /usr/local/bin gotestsum -RUN go get -u golang.org/x/lint/golint - -# Install kubectl cli -RUN curl -L https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/amd64/kubectl -o /usr/local/bin/kubectl \ - && chmod +x /usr/local/bin/kubectl - -# Install helm client -RUN curl -L https://storage.googleapis.com/kubernetes-helm/helm-v2.12.2-linux-amd64.tar.gz -o helm.tar.gz \ - && tar zxf helm.tar.gz \ - && mv linux-amd64/helm /usr/local/bin \ - && rm -rf helm.tar.gz linux-amd64 - -# Install Operator SDK -ARG OPERATOR_SDK_VERSION -RUN mkdir -p $GOPATH/src/github.com/operator-framework \ - && mkdir -p $GOPATH/src/github.com/Orange-OpenSource/nifikop \ - && go get -u github.com/operator-framework/operator-sdk || true \ -# && go get -d github.com/erdrix/operator-sdk || true \ -# && mv $GOPATH/src/github.com/erdrix/operator-sdk $GOPATH/src/github.com/operator-framework/operator-sdk \ - && cd $GOPATH/src/github.com/operator-framework/operator-sdk \ - && git checkout $OPERATOR_SDK_VERSION \ - && make tidy \ - && make install \ - && make clean && rm -rf vendor && rm -rf .git \ - && go clean \ - && rm -rf /root/.cache \ - && rm -rf /go/pkg/dep/sources/ - -WORKDIR /go/nifikop - -ENV PATH $GOPATH/bin:/usr/local/go/bin:$PATH - -CMD ["/bin/sh"] diff --git a/go.mod b/go.mod index 7a9e9cc9c..b7d65c22b 100644 --- a/go.mod +++ b/go.mod @@ -1,36 +1,28 @@ module github.com/Orange-OpenSource/nifikop -go 1.14 +go 1.15 require ( emperror.dev/errors v0.4.2 github.com/antihax/optional v1.0.0 - github.com/banzaicloud/k8s-objectmatcher v1.3.3 + github.com/banzaicloud/k8s-objectmatcher v1.4.1 github.com/erdrix/nigoapi v0.0.0-20200824133217-ce90b74151a2 - github.com/go-logr/logr v0.1.0 - github.com/go-openapi/spec v0.19.4 - github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e // indirect - github.com/imdario/mergo v0.3.8 - github.com/jarcoal/httpmock v1.0.4 + github.com/go-logr/logr v0.3.0 + github.com/imdario/mergo v0.3.10 + github.com/jarcoal/httpmock v1.0.6 github.com/jetstack/cert-manager v0.15.1 - github.com/operator-framework/operator-sdk v0.18.1 + github.com/onsi/ginkgo v1.14.1 + github.com/onsi/gomega v1.10.2 github.com/pavel-v-chernykh/keystore-go v2.1.0+incompatible - github.com/sirupsen/logrus v1.5.0 - github.com/spf13/pflag v1.0.5 - github.com/stretchr/testify v1.5.1 - golang.org/x/net v0.0.0-20200421231249-e086a090c8fd // indirect - k8s.io/api v0.18.2 - k8s.io/apimachinery v0.18.2 - k8s.io/client-go v12.0.0+incompatible - k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c - sigs.k8s.io/controller-runtime v0.6.0 + github.com/stretchr/testify v1.6.1 + golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae // indirect + golang.org/x/tools v0.0.0-20201014231627-1610a49f37af // indirect + google.golang.org/protobuf v1.25.0 // indirect + k8s.io/api v0.19.4 + k8s.io/apiextensions-apiserver v0.19.4 // indirect + k8s.io/apimachinery v0.19.4 + k8s.io/client-go v0.19.4 + sigs.k8s.io/controller-runtime v0.7.0 ) -replace ( - github.com/Azure/go-autorest => github.com/Azure/go-autorest v13.3.2+incompatible // Required by OLM - k8s.io/api => k8s.io/api v0.18.2 - k8s.io/apimachinery => k8s.io/apimachinery v0.18.2 - k8s.io/client-go => k8s.io/client-go v0.18.2 // Required by prometheus-operator -) - -replace github.com/docker/docker => github.com/moby/moby v0.7.3-0.20190826074503-38ab9da00309 // Required by Helm +//replace github.com/Azure/go-autorest => github.com/Azure/go-autorest v13.3.2+incompatible // Required by OLM diff --git a/go.sum b/go.sum index a95c0a909..c0f843efe 100644 --- a/go.sum +++ b/go.sum @@ -1,56 +1,36 @@ -bazil.org/fuse v0.0.0-20160811212531-371fbbdaa898/go.mod h1:Xbm+BRKSBEpa4q4hTSxohYNQpsxXPbPry4JJWOB3LB8= cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw= -cloud.google.com/go v0.37.4/go.mod h1:NHPJ89PdicEuT9hdPXMROBD91xc5uRDxsMtSB16k7hw= -cloud.google.com/go v0.38.0 h1:ROfEUZz+Gh5pa62DJWXSaonyu3StP6EA6lPEXPI6mCo= cloud.google.com/go v0.38.0/go.mod h1:990N+gfupTy94rShfmMCWGDn0LpTmnzTp2qbd1dvSRU= cloud.google.com/go v0.44.1/go.mod h1:iSa0KzasP4Uvy3f1mN/7PiObzGgflwredwwASm/v6AU= cloud.google.com/go v0.44.2/go.mod h1:60680Gw3Yr4ikxnPRS/oxxkBccT6SA1yMk63TGekxKY= cloud.google.com/go v0.45.1/go.mod h1:RpBamKRgapWJb87xiFSdk4g1CME7QZg3uwTez+TSTjc= cloud.google.com/go v0.46.3/go.mod h1:a6bKKbmY7er1mI7TEI4lsAkts/mkhTSZK8w33B4RAg0= -cloud.google.com/go v0.49.0 h1:CH+lkubJzcPYB1Ggupcq0+k8Ni2ILdG2lYjDIgavDBQ= -cloud.google.com/go v0.49.0/go.mod h1:hGvAdzcWNbyuxS3nWhD7H2cIJxjRRTRLQVB0bdputVY= +cloud.google.com/go v0.51.0 h1:PvKAVQWCtlGUSlZkGW3QLelKaWq7KYv/MW1EboG8bfM= +cloud.google.com/go v0.51.0/go.mod h1:hWtGJ6gnXH+KgDv+V0zFGDvpi07n3z8ZNj3T1RW0Gcw= cloud.google.com/go/bigquery v1.0.1/go.mod h1:i/xbL2UlR5RvWAURpBYZTtm/cXjCha9lbfbpx4poX+o= -cloud.google.com/go/bigquery v1.3.0/go.mod h1:PjpwJnslEMmckchkHFfq+HTD2DmtT67aNFKH1/VBDHE= cloud.google.com/go/datastore v1.0.0/go.mod h1:LXYbyblFSglQ5pkeyhO+Qmw7ukd3C+pD7TKLgZqpHYE= cloud.google.com/go/pubsub v1.0.1/go.mod h1:R0Gpsv3s54REJCy4fxDixWD93lHJMoZTyQ2kNxGRt3I= cloud.google.com/go/storage v1.0.0/go.mod h1:IhtSnM/ZTZV8YYJWCY8RULGVqBDmpoyjwiyrjsg+URw= -cloud.google.com/go/storage v1.3.0/go.mod h1:9IAwXhoyBJ7z9LcAwkj0/7NnPzYaPeZxxVp3zm+5IqA= -contrib.go.opencensus.io/exporter/ocagent v0.6.0/go.mod h1:zmKjrJcdo0aYcVS7bmEeSEBLPA9YJp5bjrofdU3pIXs= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= emperror.dev/errors v0.4.2 h1:snD5ODyv4c9DOBBZh645dy/TziVHZivuFtRRMZP8zK8= emperror.dev/errors v0.4.2/go.mod h1:cA5SMsyzo+KXq997DKGK+lTV1DGx5TXLQUNtYe9p2p0= -github.com/Azure/azure-pipeline-go v0.2.1/go.mod h1:UGSo8XybXnIGZ3epmeBw7Jdz+HiUVpqIlpz/HKHylF4= -github.com/Azure/azure-pipeline-go v0.2.2/go.mod h1:4rQ/NZncSvGqNkkOsNpOU1tgoNuIlp9AfUH5G1tvCHc= -github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v23.2.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= github.com/Azure/azure-sdk-for-go v32.5.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go v36.1.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-storage-blob-go v0.8.0/go.mod h1:lPI3aLPpuLTeUwh1sViKXFxwl2B6teiRqI0deQUvsw0= github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= -github.com/Azure/go-autorest v13.3.2+incompatible h1:VxzPyuhtnlBOzc4IWCZHqpyH2d+QMLQEuy3wREyY4oc= -github.com/Azure/go-autorest v13.3.2+incompatible/go.mod h1:r+4oMnoxhatjLLJ6zxSWATqVooLgysK6ZNox3g/xq24= -github.com/Azure/go-autorest/autorest v0.9.0 h1:MRvx8gncNaXJqOoLmhNjUAKh33JJF8LyxPhomEtOsjs= github.com/Azure/go-autorest/autorest v0.9.0/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest v0.9.3-0.20191028180845-3492b2aff503 h1:uUhdsDMg2GbFLF5GfQPtLMWd5vdDZSfqvqQp3waafxQ= -github.com/Azure/go-autorest/autorest v0.9.3-0.20191028180845-3492b2aff503/go.mod h1:xyHB1BMZT0cuDHU7I0+g046+BFDTQ8rEZB0s4Yfa6bI= -github.com/Azure/go-autorest/autorest/adal v0.5.0 h1:q2gDruN08/guU9vAjuPWff0+QIrpH6ediguzdAzXAUU= +github.com/Azure/go-autorest/autorest v0.9.6 h1:5YWtOnckcudzIw8lPPBcWOnmIFWMtHci1ZWAZulMSx0= +github.com/Azure/go-autorest/autorest v0.9.6/go.mod h1:/FALq9T/kS7b5J5qsQ+RSTUdAmGFqi0vUdVNNx8q630= github.com/Azure/go-autorest/autorest/adal v0.5.0/go.mod h1:8Z9fGy2MpX0PvDjB1pEgQTmVqjGhiHBW7RJJEciWzS0= -github.com/Azure/go-autorest/autorest/adal v0.8.1-0.20191028180845-3492b2aff503 h1:Hxqlh1uAA8aGpa1dFhDNhll7U/rkWtG8ZItFvRMr7l0= -github.com/Azure/go-autorest/autorest/adal v0.8.1-0.20191028180845-3492b2aff503/go.mod h1:Z6vX6WXXuyieHAXwMj0S6HY6e6wcHn37qQMBQlvY3lc= -github.com/Azure/go-autorest/autorest/date v0.1.0 h1:YGrhWfrgtFs84+h0o46rJrlmsZtyZRg470CqAXTZaGM= +github.com/Azure/go-autorest/autorest/adal v0.8.2 h1:O1X4oexUxnZCaEUGsvMnr8ZGj8HI37tNezwY4npRqA0= +github.com/Azure/go-autorest/autorest/adal v0.8.2/go.mod h1:ZjhuQClTqx435SRJ2iMlOxPYt3d2C/T/7TiQCVZSn3Q= github.com/Azure/go-autorest/autorest/date v0.1.0/go.mod h1:plvfp3oPSKwf2DNjlBjWF/7vwR+cUD/ELuzDCXwHUVA= github.com/Azure/go-autorest/autorest/date v0.2.0 h1:yW+Zlqf26583pE43KhfnhFcdmSWlm5Ew6bxipnr/tbM= github.com/Azure/go-autorest/autorest/date v0.2.0/go.mod h1:vcORJHLJEh643/Ioh9+vPmf1Ij9AEBM5FuBIXLmIy0g= github.com/Azure/go-autorest/autorest/mocks v0.1.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= -github.com/Azure/go-autorest/autorest/mocks v0.2.0 h1:Ww5g4zThfD/6cLb4z6xxgeyDa7QDkizMkJKe0ysZXp0= github.com/Azure/go-autorest/autorest/mocks v0.2.0/go.mod h1:OTyCOPRA2IgIlWxVYxBee2F5Gr4kF2zd2J5cFRaIDN0= github.com/Azure/go-autorest/autorest/mocks v0.3.0 h1:qJumjCaCudz+OcqE9/XtEPfvtOjOmKaui4EOpFI6zZc= github.com/Azure/go-autorest/autorest/mocks v0.3.0/go.mod h1:a8FDP3DYzQ4RYfVAxAN3SVSiiO77gL2j2ronKKP0syM= github.com/Azure/go-autorest/autorest/to v0.3.0/go.mod h1:MgwOyqaIuKdG4TL/2ywSsIWKAfJfgHDo8ObuUk3t5sA= -github.com/Azure/go-autorest/autorest/to v0.3.1-0.20191028180845-3492b2aff503/go.mod h1:MgwOyqaIuKdG4TL/2ywSsIWKAfJfgHDo8ObuUk3t5sA= github.com/Azure/go-autorest/autorest/validation v0.2.0/go.mod h1:3EEqHnBxQGHXRYq3HT1WyXAvT7LLY3tl70hw6tQIbjI= -github.com/Azure/go-autorest/autorest/validation v0.2.1-0.20191028180845-3492b2aff503/go.mod h1:3EEqHnBxQGHXRYq3HT1WyXAvT7LLY3tl70hw6tQIbjI= github.com/Azure/go-autorest/logger v0.1.0 h1:ruG4BSDXONFRrZZJ2GUXDiUyVpayPmb1GnWeHDdaNKY= github.com/Azure/go-autorest/logger v0.1.0/go.mod h1:oExouG+K6PryycPJfVSxi/koC6LSNgds39diKLz7Vrc= github.com/Azure/go-autorest/tracing v0.5.0 h1:TRn4WjSnkcSy5AEG3pnbtFSwNtwzjr4VYyQflFE619k= @@ -58,33 +38,14 @@ github.com/Azure/go-autorest/tracing v0.5.0/go.mod h1:r/s2XiOKccPW3HrqB+W0TQzfbt github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo= -github.com/DATA-DOG/go-sqlmock v1.4.1/go.mod h1:f/Ixk793poVmq4qj/V1dPUg2JEAKC73Q5eFN3EC/SaM= -github.com/DataDog/datadog-go v3.2.0+incompatible/go.mod h1:LButxg5PwREeZtORoXG3tL4fMGNddJ+vMq1mwgfaqoQ= github.com/MakeNowJust/heredoc v0.0.0-20170808103936-bb23615498cd/go.mod h1:64YHyfSL2R96J44Nlwm39UHepQbyR5q10x7iYa1ks2E= -github.com/Masterminds/goutils v1.1.0/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= -github.com/Masterminds/semver/v3 v3.1.0/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs= -github.com/Masterminds/sprig/v3 v3.1.0/go.mod h1:ONGMf7UfYGAbMXCZmQLy8x3lCDIPrEZE/rU8pmrbihA= -github.com/Masterminds/squirrel v1.2.0/go.mod h1:yaPeOnPG5ZRwL9oKdTsO/prlkPbXWZlRVMQ/gGlzIuA= -github.com/Masterminds/vcs v1.13.1/go.mod h1:N09YCmOQr6RLxC6UNHzuVwAdodYbbnycGHSmwVJjcKA= -github.com/Microsoft/go-winio v0.4.11/go.mod h1:VhR8bwka0BXejwEJY73c50VrPtXAaKcyvVC4A4RozmA= -github.com/Microsoft/go-winio v0.4.15-0.20190919025122-fc70bd9a86b5/go.mod h1:tTuCMEN+UleMWgg9dVx4Hu52b1bJo+59jBh3ajtinzw= -github.com/Microsoft/hcsshim v0.8.7/go.mod h1:OHd7sQqRFrYd3RmSgbgji+ctCwkbq2wbEYNSzOYtcBQ= -github.com/Microsoft/hcsshim v0.8.9/go.mod h1:5692vkUqntj1idxauYlpoINNKeqCiG6Sg38RRsjT5y8= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= -github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= -github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5/go.mod h1:lmUJ/7eu/Q8D7ML55dXQrVaamCz2vxCfdQBasLZfHKk= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= -github.com/OneOfOne/xxhash v1.2.6/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q= github.com/PuerkitoBio/purell v1.0.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/purell v1.1.0/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= -github.com/PuerkitoBio/purell v1.1.1 h1:WEQqlqaGbrPkxLJWfBwQmfEAE1Z7ONdDLqrN38tNFfI= github.com/PuerkitoBio/purell v1.1.1/go.mod h1:c11w/QuzBsJSee3cPx9rAFu61PvFxuPbtSwDGJws/X0= github.com/PuerkitoBio/urlesc v0.0.0-20160726150825-5bd2802263f2/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 h1:d+Bc7a5rLufV/sSk/8dngufqelfh6jnri85riMAaF/M= github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578/go.mod h1:uGdkoq3SwY9Y+13GIhn11/XLaGBb4BfwItxLd5jeuXE= -github.com/Shopify/logrus-bugsnag v0.0.0-20171204204709-577dee27f20d/go.mod h1:HI8ITrYtUY+O+ZhtlqUnD8+KwNPOyugEhfP9fdUIaEQ= -github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= -github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= github.com/Venafi/vcert v0.0.0-20200310111556-eba67a23943f/go.mod h1:9EegQjmRoMqVT/ydgd54mJj5rTd7ym0qMgEfhnPsce0= github.com/agnivade/levenshtein v1.0.1/go.mod h1:CURSv5d9Uaml+FovSIICkLbAUZ9S4RqaHDIsdSBg7lM= github.com/airbrake/gobrake v3.6.1+incompatible/go.mod h1:wM4gu3Cn0W0K7GUuVWnlXZU11AGBXMILnrdOU8Kn00o= @@ -92,90 +53,44 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc= github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= -github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/aliyun/aliyun-oss-go-sdk v2.0.4+incompatible/go.mod h1:T/Aws4fEfogEE9v+HPhhw+CntffsBHJ8nXQCwKr0/g8= github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8= -github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6 h1:uZuxRZCz65cG1o6K/xUqImNcYKtmk9ylqaH0itMSvzA= -github.com/antihax/optional v0.0.0-20180407024304-ca021399b1a6/go.mod h1:V8iCPQYkqmusNa815XgQio277wI47sdRh1dUOLdyC6Q= github.com/antihax/optional v1.0.0 h1:xK2lYat7ZLaVVcIuj82J8kIro4V6kDe0AUDFboUCwcg= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= -github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ= -github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o= github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY= -github.com/armon/go-metrics v0.3.0/go.mod h1:zXjbSimjXTd7vOpY8B0/2LpvNvDoXBuplAD+gJD3GYs= github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= -github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI= -github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8= github.com/asaskevich/govalidator v0.0.0-20180720115003-f9ffefc3facf/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= -github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= -github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/aws/aws-sdk-go v1.17.7/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.24.1/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/aws/aws-sdk-go v1.25.48/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= -github.com/baiyubin/aliyun-sts-go-sdk v0.0.0-20180326062324-cfa1a18b161f/go.mod h1:AuiFmCCPBSrqvVMvuqFuk0qogytodnVFVSN5CeJB8Gc= github.com/banzaicloud/k8s-objectmatcher v1.3.3 h1:Bqiaa1v4PgWfVNfDHnCABm02U4cWQrRDZ8EVWzYCqNk= github.com/banzaicloud/k8s-objectmatcher v1.3.3/go.mod h1:j+N22VwgVfa0ajVtNxOz2G72aSOL21lpB7qV2GDrr/I= -github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= +github.com/banzaicloud/k8s-objectmatcher v1.4.1 h1:/HaUqQzTa5E+pLqG9qelRKUdrzU1Nl2BYPHDut7e1oU= +github.com/banzaicloud/k8s-objectmatcher v1.4.1/go.mod h1:j+N22VwgVfa0ajVtNxOz2G72aSOL21lpB7qV2GDrr/I= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= -github.com/bitly/go-hostpool v0.0.0-20171023180738-a3a6125de932/go.mod h1:NOuUCSz6Q9T7+igc/hlvDOUdtWKryOrtFyIVABv/p7k= github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= -github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= -github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869/go.mod h1:Ekp36dRnpXw/yCqJaO+ZrUyxD+3VXMFFr56k5XYrpB4= -github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA= -github.com/brancz/gojsontoyaml v0.0.0-20191212081931-bf2969bbd742/go.mod h1:IyUJYN1gvWjtLF5ZuygmxbnsAyP3aJS6cHzIuZY50B0= -github.com/brancz/kube-rbac-proxy v0.5.0/go.mod h1:cL2VjiIFGS90Cjh5ZZ8+It6tMcBt8rwvuw2J6Mamnl0= -github.com/bshuster-repo/logrus-logstash-hook v0.4.1/go.mod h1:zsTqEiSzDgAa/8GZR7E1qaXrhYNDKBYy5/dWPTIflbk= -github.com/bugsnag/bugsnag-go v0.0.0-20141110184014-b1d153021fcd/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= github.com/bugsnag/bugsnag-go v1.4.0/go.mod h1:2oa8nejYd4cQ/b0hMIopN0lCRxU0bueqREvZLWFrtK8= -github.com/bugsnag/osext v0.0.0-20130617224835-0dd3f918b21b/go.mod h1:obH5gd0BsqsP2LwDJ9aOkm/6J86V6lyAXCoQWGw3K50= -github.com/bugsnag/panicwrap v0.0.0-20151223152923-e2c28503fcd0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= github.com/bugsnag/panicwrap v1.2.0/go.mod h1:D/8v3kj0zr8ZAKg1AQ6crr+5VwKN5eIywRkfhyM/+dE= -github.com/campoy/embedmd v1.0.0/go.mod h1:oxyr9RCiSXg0M3VJ3ks0UGfp98BpSSGr0kpiX3MzVl8= -github.com/cenkalti/backoff v0.0.0-20181003080854-62661b46c409/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/certifi/gocertifi v0.0.0-20190105021004-abcd57078448/go.mod h1:GJKEexRPVJrBSOjoqN5VNOIKJ5Q3RViH6eu3puDRwx4= -github.com/cespare/xxhash v0.0.0-20181017004759-096ff4a8a059/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= -github.com/cespare/xxhash/v2 v2.1.0 h1:yTUvW7Vhb89inJ+8irsUqiWjh8iT6sQPZiQzI6ReGkA= -github.com/cespare/xxhash/v2 v2.1.0/go.mod h1:dgIUBU3pDso/gPgZ1osOZ0iQf77oPR28Tjxl5dIMyVM= github.com/cespare/xxhash/v2 v2.1.1 h1:6MnRN8NT7+YBpUIWxHtefFZOKTAPgGjpQSxqLNn0+qY= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v0.0.0-20160711120539-c6fed771bfd5/go.mod h1:/iP1qXHoty45bqomnu2LM+VVyAEdWN+vtSHGlQgyxbw= -github.com/circonus-labs/circonus-gometrics v2.3.1+incompatible/go.mod h1:nmEj6Dob7S7YxXgwXpfOuvO54S+tGdZdw9fuRZt25Ag= -github.com/circonus-labs/circonusllhist v0.1.3/go.mod h1:kMXHVDlOchFAehlya5ePtbp5jckzBHf4XRpQvBOLI+I= +github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= +github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw= github.com/cloudflare/cloudflare-go v0.8.5/go.mod h1:8KhU6K+zHUEWOSU++mEQYf7D9UZOcQcibUoSm6vCUz4= -github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ= -github.com/cockroachdb/cockroach-go v0.0.0-20181001143604-e0a95dfd547c/go.mod h1:XGLbWH/ujMcbPbhZq52Nv6UrCghb1yGn//133kEsvDk= github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8= -github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI= -github.com/containerd/cgroups v0.0.0-20190919134610-bf292b21730f/go.mod h1:OApqhQ4XNSNC13gXIwDjhOQxjWa/NxkwZXJ1EvqT0ko= -github.com/containerd/console v0.0.0-20180822173158-c12b1e7919c1/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= -github.com/containerd/containerd v1.2.7/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-beta.2.0.20190828155532-0293cbd26c69/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20200107194136-26c1120b8d41/go.mod h1:Dq467ZllaHgAtVp4p1xUQWBrFXR9s/wyoTpG8zOJGkY= -github.com/containerd/continuity v0.0.0-20200413184840-d3ef23f19fbb/go.mod h1:Dq467ZllaHgAtVp4p1xUQWBrFXR9s/wyoTpG8zOJGkY= -github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= -github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= -github.com/containerd/ttrpc v1.0.1/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y= -github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= -github.com/coreos/bbolt v1.3.1-coreos.6/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= -github.com/coreos/etcd v3.3.15+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -185,204 +100,124 @@ github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7 github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180108230652-97fdf19511ea/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= -github.com/coreos/prometheus-operator v0.38.1-0.20200424145508-7e176fda06cc h1:nMbUjGuF7UzVluucix/vsy4973BNdEiT/aX6kFtskKM= -github.com/coreos/prometheus-operator v0.38.1-0.20200424145508-7e176fda06cc/go.mod h1:erio69w1R/aC14D5nfvAXSlE8FT8jt2Hnavc50Dp33A= github.com/cpu/goacmedns v0.0.0-20180701200144-565ecf2a84df/go.mod h1:sesf/pNnCYwUevQEQfEwY0Y3DydlQWSGZbaMElOWxok= github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= -github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= -github.com/cznic/b v0.0.0-20180115125044-35e9bbe41f07/go.mod h1:URriBxXwVq5ijiJ12C7iIZqlA69nTlI+LgI6/pwftG8= -github.com/cznic/fileutil v0.0.0-20180108211300-6a051e75936f/go.mod h1:8S58EK26zhXSxzv7NQFpnliaOQsmDUxvoQO3rt154Vg= -github.com/cznic/golex v0.0.0-20170803123110-4ab7c5e190e4/go.mod h1:+bmmJDNmKlhWNG+gwWCkaBoTy39Fs+bzRxVBzoTQbIc= -github.com/cznic/internal v0.0.0-20180608152220-f44710a21d00/go.mod h1:olo7eAdKwJdXxb55TKGLiJ6xt1H0/tiiRCWKVLmtjY4= -github.com/cznic/lldb v1.1.0/go.mod h1:FIZVUmYUVhPwRiPzL8nD/mpFcJ/G7SSXjjXYG4uRI3A= -github.com/cznic/mathutil v0.0.0-20180504122225-ca4c9f2c1369/go.mod h1:e6NPNENfs9mPDVNRekM7lKScauxd5kXTr1Mfyig6TDM= -github.com/cznic/ql v1.2.0/go.mod h1:FbpzhyZrqr0PVlK6ury+PoW3T0ODUV22OeWIxcaOrSE= -github.com/cznic/sortutil v0.0.0-20150617083342-4c7342852e65/go.mod h1:q2w6Bg5jeox1B+QkJ6Wp/+Vn0G/bo3f1uY7Fn3vivIQ= -github.com/cznic/strutil v0.0.0-20171016134553-529a34b1c186/go.mod h1:AHHPPPXTw0h6pVabbcbyGRK1DckRn7r/STdZEeIDzZc= -github.com/cznic/zappy v0.0.0-20160723133515-2533cb5b45cc/go.mod h1:Y1SNZ4dRUOKXshKUbwUapqNncRrho4mkjQebgEHZLj8= github.com/davecgh/go-spew v0.0.0-20151105211317-5215b55f46b2/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/daviddengcn/go-colortext v0.0.0-20160507010035-511bcaf42ccd/go.mod h1:dv4zxwHi5C/8AeI+4gX4dCWOIvNi7I6JCSX0HvlKPgE= -github.com/deislabs/oras v0.8.1/go.mod h1:Mx0rMSbBNaNfY9hjpccEnxkOqJL6KGjtxNHPLC4G4As= -github.com/denisenkom/go-mssqldb v0.0.0-20190515213511-eb9f6a1743f3/go.mod h1:zAg7JM8CkOJ43xKXIj7eRO9kmWm/TW578qo+oDO6tuM= -github.com/denisenkom/go-mssqldb v0.0.0-20191001013358-cfbb681360f0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU= -github.com/denverdino/aliyungo v0.0.0-20190125010748-a747050bb1ba/go.mod h1:dV8lFg6daOBZbT6/BDGIz6Y3WFGn8juu6G+CQ6LHtl0= -github.com/dgrijalva/jwt-go v0.0.0-20170104182250-a601269ab70c/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dgryski/go-sip13 v0.0.0-20190329191031-25c5027a8c7b/go.mod h1:vAd38F8PWV+bWy6jNmig1y/TA+kYO4g3RSRF0IAv0no= -github.com/dhui/dktest v0.3.0/go.mod h1:cyzIUfGsBEbZ6BT7tnXqAShHSXCZhSNmFl70sZ7c1yc= github.com/digitalocean/godo v1.29.0/go.mod h1:iJnN9rVu6K5LioLxLimlq0uRI+y/eAQjROUmeU/r0hY= -github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= -github.com/docker/cli v0.0.0-20200130152716-5d0cf8839492/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= -github.com/docker/distribution v0.0.0-20191216044856-a8371794149d/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= -github.com/docker/distribution v2.7.0+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= -github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= -github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= -github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= +github.com/docker/docker v0.7.3-0.20190327010347-be7ac8be2ae0/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/go-units v0.3.3/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= github.com/docker/go-units v0.4.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libtrust v0.0.0-20150114040149-fa567046d9b1/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= github.com/docker/spdystream v0.0.0-20160310174837-449fdfce4d96/go.mod h1:Qh8CwZgvJUkLughtfhJv5dyTYa91l1fOUCrgjqmcifM= github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE= github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk= -github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs= -github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU= -github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I= -github.com/edsrzf/mmap-go v0.0.0-20170320065105-0bce6a688712/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= -github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= -github.com/elastic/go-sysinfo v1.0.1/go.mod h1:O/D5m1VpYLwGjCYzEt63g3Z1uO3jXfwyzzjiW90t8cY= -github.com/elastic/go-sysinfo v1.1.1/go.mod h1:i1ZYdU10oLNfRzq4vq62BEwD2fH8KaWh6eh0ikPT9F0= -github.com/elastic/go-windows v1.0.0/go.mod h1:TsU0Nrp7/y3+VwE82FoZF8gC/XFg/Elz6CcloAxnPgU= -github.com/elastic/go-windows v1.0.1/go.mod h1:FoVvqWSun28vaDQPbj2Elfc0JahhPB7WQEGa3c814Ss= +github.com/elazarl/goproxy v0.0.0-20170405201442-c4fc26588b6e/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153/go.mod h1:/Zj4wYkgs4iZTTu3o/KG3Itv/qCCa8VVMlb3i9OVuzc= github.com/emicklei/go-restful v0.0.0-20170410110728-ff4f55a20633/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/emicklei/go-restful v2.9.5+incompatible h1:spTtZBk5DYEvbxMVutUuTyh1Ao2r4iyvLdACqsl/Ljk= github.com/emicklei/go-restful v2.9.5+incompatible/go.mod h1:otzb+WCGbkyDHkqmQmT5YD2WR4BBwUdeQoFo8l/7tVs= -github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= github.com/erdrix/nigoapi v0.0.0-20200824133217-ce90b74151a2 h1:WJ1tS9+ENB2z+sVgpt2pAOZbLIFxFLFzK87RL0uvx00= github.com/erdrix/nigoapi v0.0.0-20200824133217-ce90b74151a2/go.mod h1:owY+8fs8YXnST3ENM+ulVllYjTbzGaqKA+Y7HHJ0lZA= -github.com/evanphx/json-patch v4.1.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch v4.2.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch v4.5.0+incompatible h1:ouOWdg56aJriqS0huScTkVXPC5IcNrDCXZ6OoTAWu7M= github.com/evanphx/json-patch v4.5.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= +github.com/evanphx/json-patch v4.9.0+incompatible h1:kLcOMZeuLAJvL2BPWLMIj5oaZQobrkAqrL+WFZwQses= +github.com/evanphx/json-patch v4.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4= -github.com/facette/natsort v0.0.0-20181210072756-2cd4dd1e2dcb/go.mod h1:bH6Xx7IW64qjjJq8M2u4dxNaBiDfKK+z/3eGDpXEQhc= github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc= github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4= -github.com/fatih/structs v1.1.0 h1:Q7juDM0QtcnhCpeyLGQKyg4TOIghuNXrkL32pHAUMxo= github.com/fatih/structs v1.1.0/go.mod h1:9NiDSp5zOcgEDl+j00MP/WkGVPOlPRLejGD8Ga6PJ7M= -github.com/fatih/structtag v1.1.0/go.mod h1:mBJUNpUnHmRKrKlQQlmCrh5PuhftFbNv8Ys4/aAZl94= -github.com/fortytw2/leaktest v1.3.0/go.mod h1:jDsjWgpAGjm2CA7WthBh/CdZYEPF31XHquHwclZch5g= -github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/fsouza/fake-gcs-server v1.7.0/go.mod h1:5XIRs4YvwNbNoz+1JF8j6KLAyDh7RHGAyAK3EP2EsNk= -github.com/garyburd/redigo v0.0.0-20150301180006-535138d7bcd7/go.mod h1:NR3MbYisc3/PwhQ00EMzDiPmrwpPxAn5GI05/YaO1SY= +github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= +github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/getsentry/raven-go v0.2.0/go.mod h1:KungGk8q33+aIAZUIVWZDr2OfAEBsO49PX4NzFV5kcQ= github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= -github.com/go-bindata/go-bindata/v3 v3.1.3/go.mod h1:1/zrpXsLD8YDIbhZRqXzm1Ghc7NhEvIN9+Z6R5/xH4I= -github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= -github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= +github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= github.com/go-ldap/ldap v3.0.2+incompatible/go.mod h1:qfd9rJvER9Q0/D/Sqn1DfHRoBp40uXYvFoEVrNEPqRc= github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk= -github.com/go-logr/logr v0.1.0 h1:M1Tv3VzNlEHg6uyACnRdtrploV2P7wZqH8BoQMtz0cg= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= +github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= +github.com/go-logr/logr v0.3.0 h1:q4c+kbcR0d5rSurhBR8dIgieOaYpXtsdTYfx22Cu6rs= +github.com/go-logr/logr v0.3.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= github.com/go-logr/zapr v0.1.0/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= -github.com/go-logr/zapr v0.1.1 h1:qXBXPDdNncunGs7XeEpsJt8wCjYBygluzfdLO0G5baE= github.com/go-logr/zapr v0.1.1/go.mod h1:tabnROwaDl0UNxkVeFRbY8bwB37GwRv0P8lg6aAiEnk= +github.com/go-logr/zapr v0.2.0 h1:v6Ji8yBW77pva6NkJKQdHLAJKrIJKRHz0RXwPqCHSR4= +github.com/go-logr/zapr v0.2.0/go.mod h1:qhKdvif7YF5GI9NWEpyxTSSBdGmzkNguibrdCNVPunU= github.com/go-openapi/analysis v0.0.0-20180825180245-b006789cd277/go.mod h1:k70tL6pCuVxPJOHXQ+wIac1FUrvNkHolPie/cLEU6hI= github.com/go-openapi/analysis v0.17.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= -github.com/go-openapi/analysis v0.17.2/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= github.com/go-openapi/analysis v0.18.0/go.mod h1:IowGgpVeD0vNm45So8nr+IcQ3pxVtpRoBWb8PVZO0ik= github.com/go-openapi/analysis v0.19.2/go.mod h1:3P1osvZa9jKjb8ed2TPng3f0i/UY9snX6gxi44djMjk= github.com/go-openapi/analysis v0.19.5/go.mod h1:hkEAkxagaIvIP7VTn8ygJNkd4kAYON2rCu0v0ObL0AU= github.com/go-openapi/errors v0.17.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= -github.com/go-openapi/errors v0.17.2/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= github.com/go-openapi/errors v0.18.0/go.mod h1:LcZQpmvG4wyF5j4IhA73wkLFQg+QJXOQHVjmcZxhka0= github.com/go-openapi/errors v0.19.2/go.mod h1:qX0BLWsyaKfvhluLejVpVNwNRdXZhEbTA4kxxpKBC94= github.com/go-openapi/jsonpointer v0.0.0-20160704185906-46af16f9f7b1/go.mod h1:+35s3my2LFTysnkMfxsJBAMHj/DoqoB9knIWoYG/Vk0= github.com/go-openapi/jsonpointer v0.17.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= -github.com/go-openapi/jsonpointer v0.17.2/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= github.com/go-openapi/jsonpointer v0.18.0/go.mod h1:cOnomiV+CVVwFLk0A/MExoFMjwdsUdVpsRhURCKh+3M= github.com/go-openapi/jsonpointer v0.19.2/go.mod h1:3akKfEdA7DF1sugOqz1dVQHBcuDBPKZGEoHC/NkiQRg= -github.com/go-openapi/jsonpointer v0.19.3 h1:gihV7YNZK1iK6Tgwwsxo2rJbD1GTbdm72325Bq8FI3w= github.com/go-openapi/jsonpointer v0.19.3/go.mod h1:Pl9vOtqEWErmShwVjC8pYs9cog34VGT37dQOVbmoatg= github.com/go-openapi/jsonreference v0.0.0-20160704190145-13c6e3589ad9/go.mod h1:W3Z9FmVs9qj+KR4zFKmDPGiLdk1D9Rlm7cyMvf57TTg= github.com/go-openapi/jsonreference v0.17.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= -github.com/go-openapi/jsonreference v0.17.2/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= github.com/go-openapi/jsonreference v0.18.0/go.mod h1:g4xxGn04lDIRh0GJb5QlpE3HfopLOL6uZrK/VgnsK9I= github.com/go-openapi/jsonreference v0.19.2/go.mod h1:jMjeRr2HHw6nAVajTXJ4eiUwohSTlpa0o73RUL1owJc= -github.com/go-openapi/jsonreference v0.19.3 h1:5cxNfTy0UVC3X8JL5ymxzyoUZmo8iZb+jeTWn7tUa8o= github.com/go-openapi/jsonreference v0.19.3/go.mod h1:rjx6GuL8TTa9VaixXglHmQmIL98+wF9xc8zWvFonSJ8= github.com/go-openapi/loads v0.17.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= -github.com/go-openapi/loads v0.17.2/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= github.com/go-openapi/loads v0.18.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= github.com/go-openapi/loads v0.19.0/go.mod h1:72tmFy5wsWx89uEVddd0RjRWPZm92WRLhf7AC+0+OOU= github.com/go-openapi/loads v0.19.2/go.mod h1:QAskZPMX5V0C2gvfkGZzJlINuP7Hx/4+ix5jWFxsNPs= github.com/go-openapi/loads v0.19.4/go.mod h1:zZVHonKd8DXyxyw4yfnVjPzBjIQcLt0CCsn0N0ZrQsk= github.com/go-openapi/runtime v0.0.0-20180920151709-4f900dc2ade9/go.mod h1:6v9a6LTXWQCdL8k1AO3cvqx5OtZY/Y9wKTgaoP6YRfA= -github.com/go-openapi/runtime v0.18.0/go.mod h1:uI6pHuxWYTy94zZxgcwJkUWa9wbIlhteGfloI10GD4U= github.com/go-openapi/runtime v0.19.0/go.mod h1:OwNfisksmmaZse4+gpV3Ne9AyMOlP1lt4sK4FXt0O64= github.com/go-openapi/runtime v0.19.4/go.mod h1:X277bwSUBxVlCYR3r7xgZZGKVvBd/29gLDlFGtJ8NL4= github.com/go-openapi/spec v0.0.0-20160808142527-6aced65f8501/go.mod h1:J8+jY1nAiCcj+friV/PDoE1/3eeccG9LYBs0tYvLOWc= github.com/go-openapi/spec v0.17.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= -github.com/go-openapi/spec v0.17.2/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= github.com/go-openapi/spec v0.18.0/go.mod h1:XkF/MOi14NmjsfZ8VtAKf8pIlbZzyoTvZsdfssdxcBI= github.com/go-openapi/spec v0.19.2/go.mod h1:sCxk3jxKgioEJikev4fgkNmwS+3kuYdJtcsZsD5zxMY= github.com/go-openapi/spec v0.19.3/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= -github.com/go-openapi/spec v0.19.4 h1:ixzUSnHTd6hCemgtAJgluaTSGYpLNpJY4mA2DIkdOAo= -github.com/go-openapi/spec v0.19.4/go.mod h1:FpwSN1ksY1eteniUU7X0N/BgJ7a4WvBFVA8Lj9mJglo= github.com/go-openapi/strfmt v0.17.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= -github.com/go-openapi/strfmt v0.17.2/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= github.com/go-openapi/strfmt v0.18.0/go.mod h1:P82hnJI0CXkErkXi8IKjPbNBM6lV6+5pLP5l494TcyU= github.com/go-openapi/strfmt v0.19.0/go.mod h1:+uW+93UVvGGq2qGaZxdDeJqSAqBqBdl+ZPMF/cC8nDY= -github.com/go-openapi/strfmt v0.19.2/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= github.com/go-openapi/strfmt v0.19.3/go.mod h1:0yX7dbo8mKIvc3XSKp7MNfxw4JytCfCD6+bY1AVL9LU= github.com/go-openapi/swag v0.0.0-20160704191624-1d0bd113de87/go.mod h1:DXUve3Dpr1UfpPtxFw+EFuQ41HhCWZfha5jSVRG7C7I= github.com/go-openapi/swag v0.17.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= -github.com/go-openapi/swag v0.17.2/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= github.com/go-openapi/swag v0.18.0/go.mod h1:AByQ+nYG6gQg71GINrmuDXCPWdL640yX49/kXLo40Tg= github.com/go-openapi/swag v0.19.2/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/swag v0.19.5 h1:lTz6Ys4CmqqCQmZPBlbQENR1/GucA2bzYTE12Pw4tFY= github.com/go-openapi/swag v0.19.5/go.mod h1:POnQmlKehdgb5mhVOsnJFsivZCEZ/vjK9gh66Z9tfKk= -github.com/go-openapi/validate v0.17.2/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= github.com/go-openapi/validate v0.18.0/go.mod h1:Uh4HdOzKt19xGIGm1qHf/ofbX1YQ4Y+MYsct2VUrAJ4= github.com/go-openapi/validate v0.19.2/go.mod h1:1tRCw7m3jtI8eNWEEliiAqUIcBztB2KDnRCRMUi7GTA= github.com/go-openapi/validate v0.19.5/go.mod h1:8DJv2CVJQ6kGNpFW6eV9N3JviE1C85nY1c2z52x1Gk4= -github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= -github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA= -github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= -github.com/gobuffalo/envy v1.6.5/go.mod h1:N+GkhhZ/93bGZc6ZKhJLP6+m+tCNPKwgSpH9kaifseQ= -github.com/gobuffalo/envy v1.7.0/go.mod h1:n7DRkBerg/aorDM8kbduw5dN3oXGswK5liaSCx4T5NI= -github.com/gobuffalo/envy v1.7.1/go.mod h1:FurDp9+EDPE4aIUS3ZLyD+7/9fpx7YRt/ukY6jIHf0w= -github.com/gobuffalo/flect v0.1.5/go.mod h1:W3K3X9ksuZfir8f/LrfVtWmCDQFfayuylOJ7sz/Fj80= github.com/gobuffalo/flect v0.2.0/go.mod h1:W3K3X9ksuZfir8f/LrfVtWmCDQFfayuylOJ7sz/Fj80= -github.com/gobuffalo/flect v0.2.1/go.mod h1:vmkQwuZYhN5Pc4ljYQZzP+1sq+NEkK+lh20jmEmX3jc= -github.com/gobuffalo/logger v1.0.1/go.mod h1:2zbswyIUa45I+c+FLXuWl9zSWEiVuthsk8ze5s8JvPs= -github.com/gobuffalo/packd v0.3.0/go.mod h1:zC7QkmNkYVGKPw4tHpBQ+ml7W/3tIebgeo1b36chA3Q= -github.com/gobuffalo/packr/v2 v2.7.1/go.mod h1:qYEvAazPaVxy7Y7KR0W8qYEE+RymX74kETFqjFoFlOc= -github.com/gobwas/glob v0.2.3/go.mod h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8= -github.com/gocql/gocql v0.0.0-20190301043612-f6df8288f9b4/go.mod h1:4Fw1eo5iaEhDUs8XyuhSVCVy52Jq3L+/3GJgYkwc+/0= -github.com/godbus/dbus v0.0.0-20190422162347-ade71ed3457e/go.mod h1:bBOAhwG1umN6/6ZUMtDFBMQR8jRg9O75tm9K00oMsK4= -github.com/gofrs/flock v0.7.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU= github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= -github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/gogo/protobuf v1.2.2-0.20190730201129-28a6bbf47e48/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= github.com/gogo/protobuf v1.3.1 h1:DqDEcV5aeaTmdFBePNpYsp3FlcVH/2ISVVM9Qf8PSls= github.com/gogo/protobuf v1.3.1/go.mod h1:SlYgWuQ5SjCEi6WLHjHCa1yvBfUnHcTbrrZtXPKa29o= -github.com/golang-migrate/migrate/v4 v4.6.2/go.mod h1:JYi6reN3+Z734VZ0akNuyOJNcrg45ZL7LDBMW3WGJL0= -github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20191027212112-611e8accdfc9 h1:uHTyIjqVhYRhLbJ8nIiOJHkEZZ+5YoOsAbD3sk82NiE= -github.com/golang/groupcache v0.0.0-20191027212112-611e8accdfc9/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e h1:1r7pUrabqp18hOBcwBwiTsbnFeTZHV9eER/QT5JVZxY= -github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7 h1:5ZkaAPbicIKTF2I64qf5Fh8Aa83Q/dnOafMYV0OMwjA= +github.com/golang/groupcache v0.0.0-20191227052852-215e87163ea7/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.2.0/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y= @@ -390,13 +225,17 @@ github.com/golang/protobuf v0.0.0-20161109072736-4bd1920723d7/go.mod h1:6lQm79b+ github.com/golang/protobuf v1.0.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.5 h1:F768QJ1E9tib+q5Sc8MkdJi1RxLTbRcTf8LJV56aRls= +github.com/golang/protobuf v1.3.3/go.mod h1:vzj43D7+SQXF/4pzW/hwtAqwc6iTitCiVSaWz5lYuqw= github.com/golang/protobuf v1.3.5/go.mod h1:6O5/vntMXwX2lRkT1hjjk0nAC1IDOTvTlVgjlRvqsdk= -github.com/golang/snappy v0.0.0-20170215233205-553a64147049/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4= +github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= +github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= +github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= +github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= +github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= +github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8= +github.com/golang/protobuf v1.4.2 h1:+Z5KGCizgyZCbGh1KZqA0fcLLkwbsjIzS4aV2v7wJX0= +github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/golangplus/bytes v0.0.0-20160111154220-45c989fe5450/go.mod h1:Bk6SMAONeMXrxql8uvOKuAZSu8aM5RUGv+1C6IJaEho= github.com/golangplus/fmt v0.0.0-20150411045040-2a5d6d7d2995/go.mod h1:lJgMEyOkYFkPcDKwRXegd+iM6E7matEszMG5HhwytU8= @@ -405,244 +244,138 @@ github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Z github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.3.1 h1:Xye71clBPdm5HgqGwUkwhbynsUJZhDbS20FvLhQ2izg= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/google/go-cmp v0.4.0 h1:xsAVV57WRhGj6kEIi8ReJzQlHHqcBYCElAvkovg3B/4= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-github v17.0.0+incompatible/go.mod h1:zLgOLi98H3fifZn+44m+umXrS52loVEgC2AApnigrVQ= +github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/go-cmp v0.5.2 h1:X2ev0eStA3AbceY54o37/0PQ/UWqKEiiO2dKL5OPaFM= +github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/google/go-querystring v1.0.0/go.mod h1:odCYkC5MyYFN7vkCjXpyrEuKhc/BUO6wN/zVPAxq5ck= github.com/google/gofuzz v0.0.0-20161122191042-44d81051d367/go.mod h1:HP5RmnzzSNb993RKQDq4+1A4ia9nllfqcQFTQJedwGI= -github.com/google/gofuzz v1.0.0 h1:A8PeW59pxE9IoFRqBp37U+mSNaQoZ46F1f0f863XSXw= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.1.0 h1:Hsa8mG0dQ46ij8Sl2AYJDUv1oA9/d6Vk+3LG99Oe02g= github.com/google/gofuzz v1.1.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs= github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= -github.com/google/pprof v0.0.0-20190723021845-34ac40c74b70/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc= +github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM= github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI= -github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ= github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/google/uuid v1.1.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/google/uuid v1.1.1 h1:Gkbcsh/GbpXz7lPftLA3P6TYMwjCLYm83jiFQZF/3gY= github.com/google/uuid v1.1.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/googleapis/gax-go v2.0.2+incompatible/go.mod h1:SFVmujtThgffbyetf+mdk2eWhX2bMyUtNHzFKcPA9HY= github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+vpHVxEJEs9eg= github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= github.com/googleapis/gnostic v0.1.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY= -github.com/googleapis/gnostic v0.3.1 h1:WeAefnSUHlBb0iJKwxFDZdbfGwkd7xRNuV+IpXMJhYk= github.com/googleapis/gnostic v0.3.1/go.mod h1:on+2t9HRStVgn95RSsFWFz+6Q0Snyqv1awfrALZdbtU= +github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg= +github.com/googleapis/gnostic v0.5.1 h1:A8Yhf6EtqTv9RMsU6MQTyrtV1TjWlR6xU9BsZIwuTCM= +github.com/googleapis/gnostic v0.5.1/go.mod h1:6U4PtQXGIEt/Z3h5MAT7FNofLnw9vXk2cUuW7uA/OeU= github.com/goph/emperror v0.17.2 h1:yLapQcmEsO0ipe9p5TaN22djm3OFV/TfM/fcYP0/J18= github.com/goph/emperror v0.17.2/go.mod h1:+ZbQ+fUNO/6FNiUo0ujtMjhgad9Xa6fQL9KhH4LNHic= github.com/gophercloud/gophercloud v0.1.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= -github.com/gophercloud/gophercloud v0.2.0 h1:lD2Bce2xBAMNNcFZ0dObTpXkGLlVIb33RPVUNVpw6ic= -github.com/gophercloud/gophercloud v0.2.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= -github.com/gophercloud/gophercloud v0.3.0/go.mod h1:vxM41WHh5uqHVBMZHzuwNOHh8XEoIEcSTewFxm1c5g8= -github.com/gophercloud/gophercloud v0.6.0 h1:Xb2lcqZtml1XjgYZxbeayEemq7ASbeTp09m36gQFpEU= -github.com/gophercloud/gophercloud v0.6.0/go.mod h1:GICNByuaEBibcjmjvI7QvYJSZEbGkcYwAR7EZK2WMqM= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gopherjs/gopherjs v0.0.0-20191106031601-ce3c9ade29de/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg= -github.com/gorilla/handlers v0.0.0-20150720190736-60c7bfde3e33/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ= github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.1/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= -github.com/gorilla/mux v1.7.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs= github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ= -github.com/gosuri/uitable v0.0.4/go.mod h1:tKR86bXuXPZazfOTG1FIzvjIdXzd0mo4Vtn16vt0PJo= github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA= -github.com/grpc-ecosystem/go-grpc-middleware v0.0.0-20190222133341-cfaf5686ec79/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.0.0/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs= -github.com/grpc-ecosystem/go-grpc-middleware v1.1.0/go.mod h1:f5nM7jw/oeRSadq3xCzHAvxcr8HZnzsqU6ILg/0NiiE= github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk= -github.com/grpc-ecosystem/grpc-gateway v1.3.0/go.mod h1:RSKVYQBd5MCa4OVpNdGskqpgL2+G+NZTnrVHpWWfpdw= github.com/grpc-ecosystem/grpc-gateway v1.9.0/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.9.4/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY= -github.com/grpc-ecosystem/grpc-gateway v1.12.1/go.mod h1:8XEsbTttt/W+VvjtQhLACqCisSPWTxCZ7sBRjU6iH9c= -github.com/grpc-ecosystem/grpc-health-probe v0.2.1-0.20181220223928-2bf0a5b182db/go.mod h1:uBKkC2RbarFsvS5jMJHpVhTLvGlGQj9JJwkaePE3FWI= -github.com/hailocab/go-hostpool v0.0.0-20160125115350-e80d13ce29ed/go.mod h1:tMWxXQ9wFIaZeTI9F+hmhFiGpFmhOHzyShyFUhRm0H4= -github.com/hashicorp/consul/api v1.1.0/go.mod h1:VmuI/Lkw1nC05EYQWNKwWGbkg+FbDBtguAZLlVdkD9Q= -github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE= -github.com/hashicorp/consul/sdk v0.1.1/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8= -github.com/hashicorp/errwrap v0.0.0-20141028054710-7554cd9344ce/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= -github.com/hashicorp/go-cleanhttp v0.5.1 h1:dH3aiDG9Jvb5r5+bYHsikaOUIpcM0xvgMXVoDkXMzJM= github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-hclog v0.0.0-20180709165350-ff2cf002a8dd/go.mod h1:9bjs9uLqI8l75knNv3lV1kA55veR+WUPSiKIWcQHudI= github.com/hashicorp/go-hclog v0.8.0/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ= github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-immutable-radix v1.1.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60= -github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-msgpack v0.5.5/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM= -github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1:JMRHfdO9jKNzS/+BTlxCjKNQHg/jZAft8U7LloJvN7I= -github.com/hashicorp/go-multierror v1.0.0 h1:iVjPR7a6H0tWELX5NxNe7bYopibicUzc7uPribsnS6o= github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= github.com/hashicorp/go-plugin v1.0.1/go.mod h1:++UyYGoz3o5w9ZzAdZxtQKrWWP+iqPBn3cQptSMzBuY= -github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= github.com/hashicorp/go-retryablehttp v0.5.4/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= -github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU= github.com/hashicorp/go-rootcerts v1.0.1/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= -github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= github.com/hashicorp/go-sockaddr v1.0.2/go.mod h1:rB4wwRAUzs07qva3c5SdrY/NEtAUjGlgmH/UkBUC97A= -github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= -github.com/hashicorp/go-uuid v1.0.1 h1:fv1ep09latC32wFoVwnqcnKJGnMSdBanPczbHAYm1BE= github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hashicorp/go-version v1.1.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA= -github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90= github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= -github.com/hashicorp/golang-lru v0.5.3 h1:YPkqC67at8FYaadspW/6uE0COsBxS2656RLEr8Bppgk= -github.com/hashicorp/golang-lru v0.5.3/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= -github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4= +github.com/hashicorp/golang-lru v0.5.4 h1:YDjusn29QI/Das2iO9M0BHnIbxPeyuCHsjMW+lJfyTc= +github.com/hashicorp/golang-lru v0.5.4/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4= github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= -github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64= -github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ= -github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/memberlist v0.1.4/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/memberlist v0.1.5/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I= -github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc= -github.com/hashicorp/serf v0.8.5/go.mod h1:UpNcs7fFbpKIyZaUuSW6EPiH+eZC7OuyFD+wc1oal+k= github.com/hashicorp/vault/api v1.0.4/go.mod h1:gDcqh3WGcR1cpF5AJz/B1UFheUEneMoIospckxBxk6Q= github.com/hashicorp/vault/sdk v0.1.13/go.mod h1:B+hVj7TpuQY1Y/GPbCpffmgd+tSEwvhkWnjtSYCaS2M= github.com/hashicorp/yamux v0.0.0-20180604194846-3520598351bb/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= github.com/hashicorp/yamux v0.0.0-20181012175058-2f1d1f20f75d/go.mod h1:+NfK9FKeTrX5uv1uIXGdwYDTeHna2qgaIlx54MXqjAM= github.com/howeyc/gopass v0.0.0-20170109162249-bf9dde6d0d2c/go.mod h1:lADxMC39cJJqL93Duh1xhAs4I2Zs8mKS89XWXFGp9cs= -github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/huandu/xstrings v1.3.1/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= -github.com/iancoleman/strcase v0.0.0-20190422225806-e506e3ef7365/go.mod h1:SK73tn/9oHe+/Y0h39VT4UCxmurVJkR5NA7kMEAOgSE= +github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.5/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= github.com/imdario/mergo v0.3.7/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= -github.com/imdario/mergo v0.3.8 h1:CGgOkSJeqMRmt0D9XLWExdT4m4F1vd3FV3VPt+0VxkQ= -github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA= +github.com/imdario/mergo v0.3.10 h1:6q5mVkdH/vYmqngx7kZQTjJ5HRsx+ImorDIEQ+beJgc= +github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= -github.com/influxdata/influxdb v1.7.7/go.mod h1:qZna6X/4elxqT3yI9iZYdZrWWdeFOOprn86kgg4+IzY= -github.com/jackc/fake v0.0.0-20150926172116-812a484cc733/go.mod h1:WrMFNQdiFJ80sQsxDoMokWK1W5TQtxBFNpzWTD84ibQ= -github.com/jackc/pgx v3.2.0+incompatible/go.mod h1:0ZGrqGqkRlliWnWB4zKnWtjbSWbGkVEFm4TeybAXq+I= -github.com/jarcoal/httpmock v1.0.4 h1:jp+dy/+nonJE4g4xbVtl9QdrUNbn6/3hDT5R4nDIZnA= -github.com/jarcoal/httpmock v1.0.4/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik= -github.com/jessevdk/go-flags v0.0.0-20180331124232-1c38ed7ad0cc/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= -github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI= +github.com/jarcoal/httpmock v1.0.6 h1:e81vOSexXU3mJuJ4l//geOmKIt+Vkxerk1feQBC8D0g= +github.com/jarcoal/httpmock v1.0.6/go.mod h1:ATjnClrvW/3tijVmpL/va5Z3aAyGvqU3gCT8nX0Txik= github.com/jetstack/cert-manager v0.15.1 h1:Bcm1LdNk5NZ10WvOhh464FOgHKBjNMpOxNJTS+VFiuk= github.com/jetstack/cert-manager v0.15.1/go.mod h1:7V2UW1EzgIWVUWi4uVATMIWXqinFOEqpggdvFdNMhlk= -github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= -github.com/jmoiron/sqlx v1.2.0/go.mod h1:1FEQNm3xlJgrMD+FBdI9+xvCksHtbpVBBw5dYhBSsks= -github.com/joefitzgerald/rainbow-reporter v0.1.0/go.mod h1:481CNgqmVHQZzdIbN52CupLJyoVwB10FQ/IQlF1pdL8= -github.com/joeshaw/multierror v0.0.0-20140124173710-69b34d4ec901/go.mod h1:Z86h9688Y0wesXCyonoVr47MasHilkuLMqGhRZ4Hpak= -github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= -github.com/jpillora/backoff v1.0.0/go.mod h1:J/6gKK9jxlEcS3zixgDgUAsiuZ7yrSoa/FX5e0EB2j4= github.com/json-iterator/go v0.0.0-20180612202835-f2b4162afba3/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= -github.com/json-iterator/go v1.1.7 h1:KfgG9LzI+pYjr4xvmz/5H4FXjokeP+rlHLhv3iH62Fo= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/json-iterator/go v1.1.9 h1:9yzud/Ht36ygwatGx56VwCZtlI/2AD15T1X2sjSuGns= github.com/json-iterator/go v1.1.9/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= -github.com/jsonnet-bundler/jsonnet-bundler v0.3.1/go.mod h1:/by7P/OoohkI3q4CgSFqcoFsVY+IaNbzOVDknEsKDeU= +github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68= +github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w= -github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8IZAc4RVcycCCAKdM= github.com/kardianos/osext v0.0.0-20190222173326-2bc1f35cddc0/go.mod h1:1NbS8ALrpOvjt0rHPNLyCIeMtbizbir8U//inJ+zuB8= github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q= github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/konsorten/go-windows-terminal-sequences v1.0.2 h1:DB17ag19krx9CFsz4o3enTrPXyIXCl+2iCXH/aMAp9s= -github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= +github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc= -github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI= github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= +github.com/kr/pretty v0.2.0 h1:s5hAObm+yFO5uHYt5dYjxi2rXrsnmRpJx4OYvIWUaQs= +github.com/kr/pretty v0.2.0/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI= github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= github.com/kr/pty v1.1.5/go.mod h1:9r2w37qlBe7rQ6e1fg1S/9xpWHSnaqNdHD3WcMdbPDA= github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kshvakov/clickhouse v1.3.5/go.mod h1:DMzX7FxRymoNkVgizH0DWAL8Cur7wHLgx3MUnGwJqpE= -github.com/kylelemons/godebug v0.0.0-20160406211939-eadb3ce320cb/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= -github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LEHPfb2qLo0BaaOLcbitczOKLWTsrBG9LczfCD4k= -github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o= -github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw= -github.com/leanovate/gopter v0.2.4/go.mod h1:gNcbPWNEWRe4lm+bycKqxUYoH5uoVje5SkOJ3uoLer8= -github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/lib/pq v1.2.0 h1:LXpIM/LZ5xGFhOpXAQUIMM1HdyqzVYM13zNdjCEEcA0= -github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/lib/pq v1.3.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE= -github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM= -github.com/lightstep/lightstep-tracer-go v0.18.0/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4= github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc= -github.com/lovoo/gcloud-opentracing v0.3.0/go.mod h1:ZFqk2y38kMDDikZPAK7ynTTGuyt17nSPdS3K5e+ZTBY= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/mailru/easyjson v0.0.0-20160728113105-d5b7844b561a/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20180823135443-60711f1a8329/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190312143242-1de009706dbe/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= -github.com/mailru/easyjson v0.7.0 h1:aizVhC/NAAcKWb+5QsU1iNOZb4Yws5UO2I+aIprQITM= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= -github.com/markbates/inflect v1.0.4/go.mod h1:1fR9+pO2KHEO9ZRtto13gDwwZaAKstQzferVeWqbgNs= -github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/mattbaird/jsonpatch v0.0.0-20171005235357-81af80346b1a/go.mod h1:M1qoD/MqPgTZIk0EWKB38wE28ACRfVcn+cU08jyArI0= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= -github.com/mattn/go-ieproxy v0.0.0-20190610004146-91bb50d98149/go.mod h1:31jz6HNzdxOmlERGGEc4v/dMssOfmp2p5bT/okiKFFc= -github.com/mattn/go-ieproxy v0.0.0-20190702010315-6dee0af9227d/go.mod h1:31jz6HNzdxOmlERGGEc4v/dMssOfmp2p5bT/okiKFFc= -github.com/mattn/go-ieproxy v0.0.0-20191113090002-7c0f6868bffe/go.mod h1:pYabZ6IHcRpFh7vIaLfK7rdcWgFEb3SFJ6/gNWuh88E= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= -github.com/mattn/go-isatty v0.0.6/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-runewidth v0.0.4/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= -github.com/mattn/go-runewidth v0.0.6/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= -github.com/mattn/go-shellwords v1.0.10/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y= -github.com/mattn/go-sqlite3 v1.9.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= -github.com/mattn/go-sqlite3 v1.10.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= -github.com/mattn/go-sqlite3 v1.12.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= -github.com/matttproud/golang_protobuf_extensions v1.0.1 h1:4hp9jkHxhMHkqkrB3Ix0jegS5sx/RkqARlsWZ6pIwiU= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= -github.com/maxbrunsfeld/counterfeiter/v6 v6.2.2/go.mod h1:eD9eIE7cdwcMi9rYluz88Jz2VyhSmden33/aXg4oVIY= +github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 h1:I0XW9+e1XWDxdcEniV4rQAIOPUGDq67JSCiRCgGCZLI= +github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= github.com/miekg/dns v0.0.0-20170721150254-0f3adef2e220/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.1.15/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= -github.com/miekg/dns v1.1.22/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso= -github.com/mikefarah/yaml/v2 v2.4.0/go.mod h1:ahVqZF4n1W4NqwvVnZzC4es67xsW9uR/RRf2RRxieJU= -github.com/mikefarah/yq/v2 v2.4.1/go.mod h1:i8SYf1XdgUvY2OFwSqGAtWOOgimD2McJ6iutoxRm4k0= -github.com/minio/minio-go/v6 v6.0.49/go.mod h1:qD0lajrGW49lKZLtXKtCB4X/qkMf0a5tBvN2PaZg7Gg= -github.com/minio/sha256-simd v0.1.1/go.mod h1:B5e1o+1/KgNmWrSQK08Y6Z1Vb5pwIktudl0J58iy0KM= github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc= -github.com/mitchellh/copystructure v1.0.0 h1:Laisrj+bAB6b/yJwB5Bt3ITZhGJdqmxquMKeZ+mmkFQ= github.com/mitchellh/copystructure v1.0.0/go.mod h1:SNtv71yrdKgLRyLFxmLdkAbkKEFWgYaq1OVrnRcwhnw= -github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= -github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y= github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0= github.com/mitchellh/go-testing-interface v0.0.0-20171004221916-a61a99592b77/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= -github.com/mitchellh/go-testing-interface v1.0.0 h1:fzU/JVNcaqHQEcVFAKeR41fkiLdIPrefOvVG1VZ96U0= github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI= github.com/mitchellh/go-wordwrap v1.0.0/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= -github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg= -github.com/mitchellh/hashstructure v0.0.0-20170609045927-2bca23e0e452/go.mod h1:QjSHrPWS+BGUVBYkbTZWEnOh3G1DutKwClXU/ABz6AQ= -github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY= -github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= -github.com/mitchellh/reflectwalk v1.0.0 h1:9D+8oIskB4VJBN5SFlmc27fSlIBZaov1Wpk/IfikLNY= github.com/mitchellh/reflectwalk v1.0.0/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= -github.com/moby/moby v0.7.3-0.20190826074503-38ab9da00309/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc= +github.com/moby/term v0.0.0-20200312100748-672ec06f55cd/go.mod h1:DdlQx2hp0Ss5/fLikoLlEeIYiATotOjgB//nb973jeo= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -650,87 +383,43 @@ github.com/modern-go/reflect2 v0.0.0-20180320133207-05fbef0ca5da/go.mod h1:bx2lN github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0= -github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= -github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc= -github.com/mozillazg/go-cos v0.13.0/go.mod h1:Zp6DvvXn0RUOXGJ2chmWt2bLEqRAnJnS3DnAZsJsoaE= -github.com/mozillazg/go-httpheader v0.2.1/go.mod h1:jJ8xECTlalr6ValeXYdOF8fFUISeBAdw6E61aqQma60= github.com/munnerz/crd-schema-fuzz v1.0.0/go.mod h1:4z/rcm37JxUkSsExFcLL6ZIT1SgDRdLiu7qq1evdVS0= github.com/munnerz/goautoneg v0.0.0-20120707110453-a547fc61f48d/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= -github.com/mwitkow/go-conntrack v0.0.0-20190716064945-2f068394615f/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/nakagami/firebirdsql v0.0.0-20190310045651-3c02a58cfed8/go.mod h1:86wM1zFnC6/uDBfZGNwB65O+pR2OFi5q/YQaEUid1qA= -github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= -github.com/oklog/run v1.0.0 h1:Ru7dDtJNOyC66gQ5dQmaCa0qIsAUFY3sFpK1Xk8igrw= +github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78= +github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA= -github.com/oklog/ulid v0.0.0-20170117200651-66bb6560562f/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/oklog/ulid v1.3.1/go.mod h1:CirwcVhetQ6Lv90oh/F+FBtV6XMibvdAFo93nm5qn4U= github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/olekukonko/tablewriter v0.0.1/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo= -github.com/olekukonko/tablewriter v0.0.2/go.mod h1:rSAaSIOAGT9odnlyGlUfAJaoc5w2fSBUmeGDbRWPxyQ= github.com/onsi/ginkgo v0.0.0-20170829012221-11459a886d9c/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.4.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.8.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.1 h1:q/mM8GF/n0shIN8SaAZ0V+jnLPzen6WIVZdiwrRlMlo= github.com/onsi/ginkgo v1.10.1/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.10.3/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.12.0 h1:Iw5WCbBcaAAd0fpRb1c9r5YCylv4XDoCSigm1zLevwU= -github.com/onsi/ginkgo v1.12.0/go.mod h1:oUhWkIvk5aDxtKvDDuw8gItl8pKl42LzjC9KZE0HfGg= +github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= +github.com/onsi/ginkgo v1.14.1 h1:jMU0WaQrP0a/YAEq8eJmJKjBoMs+pClEr1vDMlM/Do4= +github.com/onsi/ginkgo v1.14.1/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v1.3.0/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= -github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/onsi/gomega v1.7.0 h1:XPnZz8VVBHjVsy1vzJmRwIcSwiUO+JFfrv/xGiigmME= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.8.1/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= -github.com/onsi/gomega v1.9.0 h1:R1uwffexN6Pr340GtYRIdZmAiN4J+iw6WG4wog1DUXg= -github.com/onsi/gomega v1.9.0/go.mod h1:Ho0h+IUsWyvy1OpqCwxlQ/21gkhVunqlU8fDGcoTdcA= -github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v0.0.0-20180430190053-c9281466c8b2/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ= +github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= +github.com/onsi/gomega v1.10.2 h1:aY/nuoWlKJud2J6U0E3NWsjlg+0GtwXxgEqthRdzlcs= +github.com/onsi/gomega v1.10.2/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= -github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runtime-spec v0.1.2-0.20190507144316-5b71a03e2700/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= -github.com/opencontainers/runtime-tools v0.0.0-20181011054405-1d69bd0f9c39/go.mod h1:r3f7wjNzSs2extwzU3Y+6pKfobzPh+kKFJ3ofN+3nfs= -github.com/openshift/origin v0.0.0-20160503220234-8f127d736703 h1:KLVRXtjLhZHVtrcdnuefaI2Bf182EEiTfEVDHokoyng= -github.com/openshift/origin v0.0.0-20160503220234-8f127d736703/go.mod h1:0Rox5r9C8aQn6j1oAOQ0c1uC86mYbUFObzjBRvUKHII= -github.com/openshift/prom-label-proxy v0.1.1-0.20191016113035-b8153a7f39f1/go.mod h1:p5MuxzsYP1JPsNGwtjtcgRHHlGziCJJfztff91nNixw= -github.com/opentracing-contrib/go-stdlib v0.0.0-20190519235532-cf7a6c988dc9/go.mod h1:PLldrQSroqzH70Xl+1DQcGnefIbqsKR7UDaiux3zV+w= -github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74= -github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= -github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= -github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw= -github.com/operator-framework/api v0.3.7-0.20200602203552-431198de9fc2/go.mod h1:Xbje9x0SHmh0nihE21kpesB38vk3cyxnE6JdDS8Jo1Q= -github.com/operator-framework/operator-registry v1.12.6-0.20200605115407-01fa069730e2/go.mod h1:loVINznYhgBIkmv83kU4yee88RS0BBk+hqOw9r4bhJk= -github.com/operator-framework/operator-sdk v0.18.1 h1:AOUOBchkx8r3yYF/MDjH0gdtd13ACENuy2gnsSXQXt0= -github.com/operator-framework/operator-sdk v0.18.1/go.mod h1:QMFHXj8+SxF56tfR1QmIU/tc9FKI73TG8Qw7Iy4D2zY= -github.com/otiai10/copy v1.2.0/go.mod h1:rrF5dJ5F0t/EWSYODDu4j9/vEeYHMkc8jt0zJChqQWw= -github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= -github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= -github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= -github.com/otiai10/mint v1.3.1/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= -github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pascaldekloe/goe v0.1.0/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc= github.com/pavel-v-chernykh/keystore-go v2.1.0+incompatible h1:Jd6xfriVlJ6hWPvYOE0Ni0QWcNTLRehfGPFxr3eSL80= github.com/pavel-v-chernykh/keystore-go v2.1.0+incompatible/go.mod h1:xlUlxe/2ItGlQyMTstqeDv9r3U4obH7xYd26TbDQutY= github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k= -github.com/pelletier/go-toml v1.2.0 h1:T5zMGML61Wp+FlcbWjRDT7yAxhJNAiPPLOFECq181zc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/phayes/freeport v0.0.0-20180830031419-95f893ade6f2/go.mod h1:iIss55rKnNBTvrwdmkUpLnDpZoAHvWaiq5+iMmen4AE= github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -739,239 +428,131 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI= github.com/pquerna/cachecontrol v0.0.0-20171018203845-0dec1b30a021/go.mod h1:prYjPmNq4d1NPVmpShWobRqXY3q7Vp+80DqgxxUrUIA= -github.com/prometheus/alertmanager v0.18.0/go.mod h1:WcxHBl40VSPuOaqWae6l6HpnEOVRIycEJ7i9iYkadEE= -github.com/prometheus/alertmanager v0.20.0/go.mod h1:9g2i48FAyZW6BtbsnvHtMHQXl2aVtrORKwKVCQ+nbrg= -github.com/prometheus/client_golang v0.0.0-20180209125602-c332b6f63c06/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= -github.com/prometheus/client_golang v0.9.2/go.mod h1:OsXs2jCmiKlQ1lTBmv21f2mNfw4xf/QclQDMrYNZzcM= -github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs= github.com/prometheus/client_golang v0.9.3/go.mod h1:/TN21ttK/J9q6uSwhBd54HahCDft0ttaMvbicHlPoso= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= -github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.2.0/go.mod h1:XMU6Z2MjaRKVu/dC1qupJI9SiNkDYzz3xecMgSW/F+U= -github.com/prometheus/client_golang v1.2.1 h1:JnMpQc6ppsNgw9QPAGF6Dod479itz7lvlsMzzNayLOI= -github.com/prometheus/client_golang v1.2.1/go.mod h1:XMU6Z2MjaRKVu/dC1qupJI9SiNkDYzz3xecMgSW/F+U= -github.com/prometheus/client_golang v1.5.1 h1:bdHYieyGlH+6OLEk2YQha8THib30KP0/yD0YH9m6xcA= -github.com/prometheus/client_golang v1.5.1/go.mod h1:e9GMxYsXl05ICDXkRhurwBS4Q3OK1iX/F2sw+iXX5zU= -github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= +github.com/prometheus/client_golang v1.7.1 h1:NTGy1Ja9pByO+xAeH/qiWnLrKtr3hJPNjaVUwnjpdpA= +github.com/prometheus/client_golang v1.7.1/go.mod h1:PY5Wy2awLA44sXw4AOSfFBetzPP4j5+D6mVACh+pe2M= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= -github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4 h1:gQz4mCbXsO+nc9n1hCxHcGA3Zx3Eo+UHZoInFGUIXNM= github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= github.com/prometheus/client_model v0.2.0 h1:uq5h0d+GuxiXLJLNABMgp2qUWDPiLvgCzz2dUR+/W/M= github.com/prometheus/client_model v0.2.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= -github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.0.0-20181113130724-41aa239b4cce/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.0.0-20181126121408-4724e9255275/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= -github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= -github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.7.0 h1:L+1lyG48J1zAQXA3RBX/nG/B3gjlHq0zTt2tlbJLyCY= -github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA= -github.com/prometheus/common v0.9.1 h1:KOMtN28tlbam3/7ZKEYKHhKoJZYYj3gMH4uc62x7X7U= -github.com/prometheus/common v0.9.1/go.mod h1:yhUN8i9wzaXS3w1O07YhxHEBxD+W35wd8bs7vj7HSQ4= -github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= +github.com/prometheus/common v0.10.0 h1:RyRA7RzGXQZiW+tGMr7sxa85G1z0yOpM1qq5c8lNawc= +github.com/prometheus/common v0.10.0/go.mod h1:Tlit/dnDKsSWFlCLTWaA1cyBgKHSMdTB80sz/V91rCo= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20181204211112-1dc9a6cbc91a/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= -github.com/prometheus/procfs v0.0.0-20190425082905-87a4384529e0/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.0-20190507164030-5867b95ac084/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.0-20190522114515-bc1a522cf7b1/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= -github.com/prometheus/procfs v0.0.3/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.5 h1:3+auTFlqw+ZaQYJARz6ArODtkaIwtvBTx3N2NehQlL8= -github.com/prometheus/procfs v0.0.5/go.mod h1:4A/X28fw3Fc593LaREMrKMqOKvUAntwMDaekg4FpcdQ= -github.com/prometheus/procfs v0.0.6/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/procfs v0.0.8 h1:+fpWZdT24pJBiqJdAwYBjPSk+5YmQzYNPYzQsdzLkt8= -github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A= -github.com/prometheus/prometheus v0.0.0-20180315085919-58e2a31db8de/go.mod h1:oAIUtOny2rjMX0OWN5vPR5/q/twIROJvdqnQKDdil/s= -github.com/prometheus/prometheus v1.8.2-0.20200110114423-1e64d757f711/go.mod h1:7U90zPoLkWjEIQcy/rweQla82OCTUzxVHE51G3OhJbI= -github.com/prometheus/prometheus v2.3.2+incompatible/go.mod h1:oAIUtOny2rjMX0OWN5vPR5/q/twIROJvdqnQKDdil/s= +github.com/prometheus/procfs v0.1.3 h1:F0+tqvhOksq22sc6iCHF5WGlWjdwj92p0udFh1VFBS8= +github.com/prometheus/procfs v0.1.3/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4OA4YeYWdaU= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= -github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4= github.com/remyoudompheng/bigfft v0.0.0-20170806203942-52369c62f446/go.mod h1:uYEyJGbgTkfkS4+E/PavXkNJcbFIpEtjt2B0KDQ5+9M= -github.com/robfig/cron v0.0.0-20170526150127-736158dc09e1/go.mod h1:JGuDeoQd7Z6yL4zQhZ3OPEVHB7fL6Ka6skscFHfmt2k= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= -github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= -github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= -github.com/rogpeppe/go-internal v1.3.2/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.4.0/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= -github.com/rogpeppe/go-internal v1.5.0/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc= github.com/rollbar/rollbar-go v1.0.2/go.mod h1:AcFs5f0I+c71bpHlXNNDbOWJiKwjFDtISeXco0L5PKQ= -github.com/rs/cors v1.6.0/go.mod h1:gFx+x8UowdsKA9AchylcLynDq+nNFfI8FkUZdN/jGCU= -github.com/rubenv/sql-migrate v0.0.0-20200212082348-64f95ea68aa3/go.mod h1:rtQlpHw+eR6UrqaS3kX1VYeaCxzCVdimDS7g5Ln4pPc= github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= -github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk= github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc= -github.com/samuel/go-zookeeper v0.0.0-20190810000440-0ceca61e4d75/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= -github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E= -github.com/santhosh-tekuri/jsonschema v1.2.4/go.mod h1:TEAUOeZSmIxTTuHatJzrvARHiuO9LYd+cIxzgEHCQI4= -github.com/satori/go.uuid v0.0.0-20160603004225-b111a074d5ef/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= -github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= -github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo= -github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4= -github.com/shurcooL/httpfs v0.0.0-20171119174359-809beceb2371/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= -github.com/shurcooL/httpfs v0.0.0-20190707220628-8d4bc4ba7749/go.mod h1:ZY1cvUeJuFPAdZ/B6v7RHavJWZn2YPVFQ1OSXhCGOkg= github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/shurcooL/vfsgen v0.0.0-20180825020608-02ddb050ef6b/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw= -github.com/shurcooL/vfsgen v0.0.0-20181202132449-6a9ea43bcacd/go.mod h1:TrYk7fJVaAttu97ZZKrO9UbRa8izdowaMIZcxYMbVaw= -github.com/sirupsen/logrus v1.0.4-0.20170822132746-89742aefa4b2/go.mod h1:pMByvHTf9Beacp5x1UXfOR9xyW/9antXMhjMPG0dEzc= github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo= -github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q= -github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4= github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/sirupsen/logrus v1.5.0 h1:1N5EYkVAPEywqZRJd7cwnRtCb6xJx7NH3T3WUTF980Q= -github.com/sirupsen/logrus v1.5.0/go.mod h1:+F7Ogzej0PZc/94MaYx/nvG9jOFMD2osvC3s+Squfpo= +github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/soheilhy/cmux v0.1.3/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= -github.com/spaolacci/murmur3 v1.1.0/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= -github.com/spf13/afero v1.2.2 h1:5jhuqJyZCZf2JRofRvN/nIFgIWNzPa3/Vz8mYylgbWc= github.com/spf13/afero v1.2.2/go.mod h1:9ZxEEn6pIJ8Rxe320qSDBk6AsU0r9pR7Q4OcevTdifk= -github.com/spf13/cast v1.3.0 h1:oget//CVOEoFewqQxwr0Ej5yjygnqGkvggSE/gB35Q8= github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE= -github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tLCHU= -github.com/spf13/cobra v0.0.6/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= -github.com/spf13/cobra v0.0.7/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= -github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s= -github.com/spf13/viper v1.4.0 h1:yXHLWeravcrgGyFSyCgdYpXQ9dR9c/WED3pg1RhxqEU= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= +github.com/stoewer/go-strcase v1.2.0/go.mod h1:IBiWB2sKIp3wVVQ3Y035++gc+knqhUQag1KpM8ahLw8= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE= github.com/stretchr/testify v0.0.0-20151208002404-e3a8ff8ce365/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= -github.com/thanos-io/thanos v0.11.0/go.mod h1:N/Yes7J68KqvmY+xM6J5CJqEvWIvKSR5sqGtmuD6wDc= -github.com/tidwall/pretty v0.0.0-20180105212114-65a9db5fad51/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= +github.com/stretchr/testify v1.6.1 h1:hDPOHmpOpP40lSULcqw7IrRb/u7w6RpDC9399XyoNd0= +github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/tidwall/pretty v1.0.0/go.mod h1:XNkn88O1ChpSDQmQeStsy+sBenx6DDtFZJxhVysOjyk= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= -github.com/tv42/httpunix v0.0.0-20150427012821-b75d8614f926/go.mod h1:9ESjWnEqriFuLhtthL60Sar/7RFoluCcXsuvEwTV5KM= -github.com/uber/jaeger-client-go v2.20.1+incompatible/go.mod h1:WVhlPFC8FDjOFMMWRy2pZqQJSXxYSwNYOkTr/Z6d3Kk= -github.com/uber/jaeger-lib v2.2.0+incompatible/go.mod h1:ComeNDZlWwrWnDv8aPp0Ba6+uUTzImX/AauajbLI56U= github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0= -github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli/v2 v2.1.1/go.mod h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ= github.com/vektah/gqlparser v1.1.2/go.mod h1:1ycwN7Ij5njmMkPPAOaRFY4rET2Enx7IkVv3vaXspKw= -github.com/xanzy/go-gitlab v0.15.0/go.mod h1:8zdQa/ri1dfn8eS3Ir1SyfvOKlw7WBJ8DVThkpGiXrs= -github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c/go.mod h1:lB8K/P019DLNhemzwFU4jHLhdvlE6uDZjXFejJXr49I= -github.com/xdg/stringprep v1.0.0/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y= -github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU= -github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ= -github.com/xeipuuv/gojsonschema v0.0.0-20180618132009-1d523034197f/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= -github.com/xeipuuv/gojsonschema v1.1.0/go.mod h1:5yf86TLmAcydyeJq5YvxkGPE2fm/u4myDekKRoLuqhs= -github.com/xiang90/probing v0.0.0-20160813154853-07dd2e8dfe18/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xlab/handysort v0.0.0-20150421192137-fb3537ed64a1/go.mod h1:QcJo0QPSfTONNIgpN5RA8prR7fF8nkF6cTWTcNerRO8= -github.com/xlab/treeprint v0.0.0-20180616005107-d6fb6747feb6/go.mod h1:ce1O1j6UtZfjr22oyGxGLbauSBp2YVXpARAosm7dHBg= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= -github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= -github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= -github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0= -gitlab.com/nyarla/go-crypt v0.0.0-20160106005555-d9a5dc2b789b/go.mod h1:T3BPAOm2cqquPa0MKWeNkmOM5RQsRhkrwMWonFMN7fE= -go.elastic.co/apm v1.5.0/go.mod h1:OdB9sPtM6Vt7oz3VXt7+KR96i9li74qrxBGHTQygFvk= -go.elastic.co/apm/module/apmhttp v1.5.0/go.mod h1:1FbmNuyD3ddauwzgVwFB0fqY6KbZt3JkV187tGCYYhY= -go.elastic.co/apm/module/apmot v1.5.0/go.mod h1:d2KYwhJParTpyw2WnTNy8geNlHKKFX+4oK3YLlsesWE= -go.elastic.co/fastjson v1.0.0/go.mod h1:PmeUOMMtLHQr9ZS9J9owrAVg0FkaZDRZJEFTTGHtchs= -go.etcd.io/bbolt v1.3.2 h1:Z/90sZLPOeCy2PwprqkFa25PdkusRzaj9P8zm/KNyvk= +github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= go.etcd.io/bbolt v1.3.2/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU= -go.etcd.io/bbolt v1.3.4/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= +go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg= +go.etcd.io/etcd v0.5.0-alpha.5.0.20200819165624-17cef6e3e9d5/go.mod h1:skWido08r9w6Lq/w70DO5XYIKMu4QFu1+4VsqLQuJy8= go.mongodb.org/mongo-driver v1.0.3/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.mongodb.org/mongo-driver v1.1.0/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.1/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= go.mongodb.org/mongo-driver v1.1.2/go.mod h1:u7ryQJ+DOzQmeO7zB6MHyr8jkEQvC8vH7qLUO4lqsUM= -go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= -go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk= go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU= go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8= go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= -go.uber.org/atomic v0.0.0-20181018215023-8dc6146f7569/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.4.0 h1:cxzIVoETapQEqDhQu3QfnvXAV4AlzcvUCxkVUFw3+EU= go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= -go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= go.uber.org/atomic v1.6.0 h1:Ezj3JGmsOnG1MoRWQkPBsKLe9DwWD9QeXzTRzzldNVk= go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ= -go.uber.org/automaxprocs v1.2.0/go.mod h1:YfO3fm683kQpzETxlTGZhGIVmXAhaw3gxeBADbpZtnU= -go.uber.org/multierr v0.0.0-20180122172545-ddea229ff1df/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.1.0 h1:HoEmRHQPVSqub6w2z2d2EOVs2fjyFRGyofhKuyDq0QI= +go.uber.org/goleak v1.1.10 h1:z+mqJhf6ss6BSfSM671tgKyZBFPTTJM+HLxnhPC3wu0= +go.uber.org/goleak v1.1.10/go.mod h1:8a7PlsEVH3e/a/GLqe5IIrQx6GzcnRmZEufDUTk4A7A= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= go.uber.org/multierr v1.5.0 h1:KCa4XfM8CWFCpxXRGok+Q0SS/0XBhMDbHHGABQLvD2A= go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee h1:0mgffUl7nfd+FpvXMVz4IDEaUSmT1ysygQC7qYo7sG4= go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA= -go.uber.org/zap v0.0.0-20180814183419-67bc79d13d15/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.10.0 h1:ORx85nbTijNz8ljznvCMR1ZBIPKFn3jQrag10X2AsuM= +go.uber.org/zap v1.8.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= -go.uber.org/zap v1.14.1 h1:nYDKopTbvAPq/NrUVZwT15y2lpROBiLLyoRTbXOYWOo= -go.uber.org/zap v1.14.1/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= -golang.org/x/crypto v0.0.0-20171113213409-9f005a07e0d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= +go.uber.org/zap v1.15.0 h1:ZZCA22JRF2gQE5FoNmhmrf7jeJJ2uhqDUNRYKm8dvmM= +go.uber.org/zap v1.15.0/go.mod h1:Mb2vm2krFEG5DV0W9qcHBYFtp/Wku1cvYaqPsS/WYfc= golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= -golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190211182817-74369b46fc67/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190320223903-b7391e95e576/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190424203555-c05e17bb3b2d/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190513172903-22d7a77e9e5f/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20190617133340-57b3e21c3d56/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190621222207-cc06ce4a13d4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20191112222119-e1110fd1c708/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200128174031-69ecbb4d6d5d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20191206172530-e9b2fee46413/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200220183623-bac4c82f6975/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200414173820-0848c9571904 h1:bXoxMPcSLOq08zI3/c5dEBT6lE4eh+jOh886GHrn6V8= -golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190125153040-c74c464bbbf2/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190312203227-4b39c73a6495/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190829153037-c13cbed26979/go.mod h1:86+5VVa7VpoJ4kLfm080zCjGlMRFzhUhsZKEZO7MGek= -golang.org/x/exp v0.0.0-20191030013958-a1ab85dbe136/go.mod h1:JXzH8nQsPlswgeRAPE3MuO9GYsAcnJvJ4vnMwN/5qkY= +golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -987,54 +568,46 @@ golang.org/x/mobile v0.0.0-20190312151609-d3739f865fa6/go.mod h1:z+o9i4GpDbdi3rU golang.org/x/mobile v0.0.0-20190719004257-d2bd2a29d028/go.mod h1:E/iHnbuqvinMTCcRqshq8CkpyQDoeVncDDYHnLhea+o= golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc= golang.org/x/mod v0.1.0/go.mod h1:0QHyrYULN0/3qlju5TqG8bIK38QM8yzMo5ekMj3DlcY= -golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ= +golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4= +golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20170114055629-f2499483f923/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180112015858-5ccada7d0a7b/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181005035420-146acd28ed58/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181108082009-03003ca0c849/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190320064053-1272bf9dcd53/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190424112056-4829fb13d2c6/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190501004415-9ce7a6920f09/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190503192946-f4e77d36d62c/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190628185345-da137c7871d7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190812203447-cdfb69ac37fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191002035440-2ec189313ef0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20191004110552-13f9640d40b9/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271 h1:N66aaryRB3Ax92gH0v3hp1QYZ3zWWCCUR/j8Ifh45Ss= -golang.org/x/net v0.0.0-20191028085509-fe3aa8a45271/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20191112182307-2180aed22343/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= +golang.org/x/net v0.0.0-20191209160850-c0dbc17a3553/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/net v0.0.0-20200421231249-e086a090c8fd h1:QPwSajcTUrFriMF1nJ3XzgoqakqQEsnZf9LdXdi2nkI= -golang.org/x/net v0.0.0-20200421231249-e086a090c8fd/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= +golang.org/x/net v0.0.0-20200707034311-ab3426394381 h1:VXak5I6aEWmAXeQjA+QSZzlgNrpq9mjcfDemuexIKsU= +golang.org/x/net v0.0.0-20200707034311-ab3426394381/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/net v0.0.0-20200822124328-c89045814202 h1:VvcQYSHwXgi7W+TpUR6A9g6Up98WAHf3f/ulnJ62IyA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190402181905-9f3314589c9a/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= -golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 h1:SVwTIAaPC2U/AvvLNZ2a7OVsmBpC8L5BlwK1whH3hm0= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6 h1:pE8b58s1HRDMi8RDc79m0HISf9D4TzseP40cEA6IGfs= +golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d h1:TzXSXBo42m9gQenoE3b9BGiEpg5IG2JkU5FkPIawgtw= golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -1043,80 +616,67 @@ golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180117170059-2c42eef0765b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190102155601-82a175fd1598/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190129075346-302c3dd5f1cc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190209173611-3b5209105503/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190310054646-10058d7d4faa/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190321052220-f7bb7a8bee54/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190425045458-9f0b1ff7b46a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190425145619-16072639606e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190426135247-a129542de9ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190514135907-3a4b5fb9f71f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190515120540-06a5c4944438/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190602015325-4c4f7f33c9ed/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190616124812-15dcb6c0061f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190624142023-c5567b49c5d0/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190626221950-04f50cda93cb/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190712062909-fae7ac547cb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190801041406-cbf593c0f2f3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191010194322-b09406accb47/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191022100944-742c48ecaeb7/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191025021431-6c3a3bfe00ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191112214154-59a1497f0cea/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191113165036-4c7a9d0fe056/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200120151820-655fe14d7479/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200122134326-e047566fdf82/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191228213918-04cbcbbfeed8/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200106162015-b016eb3dc98e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884= +golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200615200032-f1bc736245b1/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4 h1:5/PjkGUjvEU5Gl6BxmvKRPpqo2uNMv4rcHBMwzk/st8= +golang.org/x/sys v0.0.0-20200622214017-ed371f2e16b4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae h1:Ih9Yo4hSPImZOpfGuA4bR/ORKTAbhZo2AbWNRCnevdo= +golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20171227012246-e19ae1496984/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.1-0.20180805044716-cb6730876b98/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20181227161524-e6919f6577db/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= -golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e h1:EHBhcS0mlXEAVwNyO2dLfjToGsyY4j24pTs2ScHnX7s= +golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181011042414-1f849cf54d09/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20181030221726-6c7e314b6563/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190118193359-16909d206f00/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190125232054-d66bd3c5d5a6/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190206041539-40960b6deb8e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= @@ -1125,7 +685,6 @@ golang.org/x/tools v0.0.0-20190312151545-0bb0c0a6e846/go.mod h1:LCzVGOaR6xXOjkQ3 golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.0.0-20190425222832-ad9eeb80039a/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190506145303-2d16b83fe98c/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= @@ -1134,109 +693,91 @@ golang.org/x/tools v0.0.0-20190617190820-da514acc4774/go.mod h1:/rFqwRUd4F7ZHNgw golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20190628153133-6cdbf07be9d0/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -golang.org/x/tools v0.0.0-20190706070813-72ffa07ba3db/go.mod h1:jcCCGcm9btYwXyDqrUWc6MKQKKGJCWEQ3AfLSRIbEuI= -golang.org/x/tools v0.0.0-20190813034749-528a2984e271/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190816200558-6889da9d5479/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190911174233-4f2ddba30aff/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20190918214516-5a1a30219888/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20190920225731-5eefd052ad72/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191004055002-72853e10c5a3/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191012152004-8de300cfc20a/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191030203535-5e247c9ad0a0/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191111182352-50fa39b762bc/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191113191852-77e3bb0ad9e7/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20191115202509-3a792d9c32b2/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= +golang.org/x/tools v0.0.0-20191108193012-7d206e10da11/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= -golang.org/x/tools v0.0.0-20200403190813-44a64ad78b9b h1:AFZdJUT7jJYXQEC29hYH/WZkoV7+KhwxQGmdZ19yYoY= -golang.org/x/tools v0.0.0-20200403190813-44a64ad78b9b/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= -golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7 h1:9zdDQZ7Thm29KFXgAX/+yaf3eVbP7djjWp/dXAppNCc= +golang.org/x/tools v0.0.0-20191227053925-7b8e75db28f4/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= +golang.org/x/tools v0.0.0-20200616133436-c1934b75d054 h1:HHeAlu5H9b71C+Fx0K+1dGgVFN1DM1/wz4aoGOA5qS8= +golang.org/x/tools v0.0.0-20200616133436-c1934b75d054/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= +golang.org/x/tools v0.0.0-20201014231627-1610a49f37af h1:VIUWFyOgzG3c0t9KYop5Ybp4m56LupfOnFYX7Ipnz+I= +golang.org/x/tools v0.0.0-20201014231627-1610a49f37af/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.0.1 h1:xyiBuvkD2g5n7cYzx6u2sxQvsAy4QJsZFCzGVdzOXZ0= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= +golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.0.1/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= -gomodules.xyz/jsonpatch/v3 v3.0.1/go.mod h1:CBhndykehEwTOlEfnsfJwvkFQbSN8YZFr9M+cIHAJto= -gomodules.xyz/orderedmap v0.1.0/go.mod h1:g9/TPUCm1t2gwD3j3zfV8uylyYhVdCNSi+xCEIu7yTU= +gomodules.xyz/jsonpatch/v2 v2.1.0 h1:Phva6wqu+xR//Njw6iorylFFgn/z547tw5Ne3HZPQ+k= +gomodules.xyz/jsonpatch/v2 v2.1.0/go.mod h1:IhYNNY4jnS53ZnfE4PAmpKtDpTCj1JFXc+3mwe7XcUU= gonum.org/v1/gonum v0.0.0-20190331200053-3d26580ed485/go.mod h1:2ltnJ7xHfj0zHS40VVPYEAAMTa3ZGguvHGBSJeRWqE0= gonum.org/v1/netlib v0.0.0-20190313105609-8cb42192e0e0/go.mod h1:wa6Ws7BG/ESfp6dHfk7C6KdzKA7wR7u/rKwOGE66zvw= gonum.org/v1/netlib v0.0.0-20190331212654-76723241ea4e/go.mod h1:kS+toOQn6AQKjmKJ7gzohV1XkqsFehRA2FbsbkopSuQ= -google.golang.org/api v0.0.0-20160322025152-9bf6e6e569ff/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0= -google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= -google.golang.org/api v0.3.2/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk= google.golang.org/api v0.4.0/go.mod h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE= google.golang.org/api v0.7.0/go.mod h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M= google.golang.org/api v0.8.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= google.golang.org/api v0.9.0/go.mod h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg= -google.golang.org/api v0.13.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= -google.golang.org/api v0.14.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= +google.golang.org/api v0.15.0/go.mod h1:iLdEw5Ide6rF15KTC1Kkl0iskquN2gFfn9o9XIsbkAI= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= -google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.5.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -google.golang.org/appengine v1.6.5 h1:tycE03LOZYQNhDpS27tcQdAzLCVMaj7QT2SXxebnpCM= google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= -google.golang.org/cloud v0.0.0-20151119220103-975617b05ea8/go.mod h1:0H1ncTHf11KCFhTc/+EFRbzSCOZx+VUbRMk55Yv5MYk= +google.golang.org/appengine v1.6.6 h1:lMO5rYAqUxkmaj76jAkRUvt5JZgFymx/+Q5Mzfivuhc= +google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc= google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190404172233-64821d5d2107/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= google.golang.org/genproto v0.0.0-20190502173448-54afdca5d873/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE= -google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s= -google.golang.org/genproto v0.0.0-20190716160619-c506a9f90610/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190801165951-fa694d86fc64/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc= google.golang.org/genproto v0.0.0-20190911173649-1774047e7e51/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20190927181202-20e1ac93f88c/go.mod h1:IbNlFCBrqXvoKpeg0TB2l7cyZUmoaFKYIwrEpbDKLA8= -google.golang.org/genproto v0.0.0-20191108220845-16a3f7862a1a/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20191115194625-c23dd37a84c9/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/genproto v0.0.0-20200117163144-32f20d992d24/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= -google.golang.org/grpc v0.0.0-20160317175043-d3ddb4469d5a/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= +google.golang.org/genproto v0.0.0-20191230161307-f3c370f40bfb/go.mod h1:n3cpQtvxv34hfy77yVDNjmbRyujviMdxYliBSkLhpCc= +google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo= google.golang.org/grpc v1.14.0/go.mod h1:yo6s7OP7yaDglbqo1J04qKzAhqBH6lvTonzMVmEdcZw= -google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs= google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c= google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38= google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM= google.golang.org/grpc v1.22.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg= -google.golang.org/grpc v1.24.0 h1:vb/1TCsVn3DcJlQ0Gs1yB1pKI6Do2/QNwxdKqmc/b0s= -google.golang.org/grpc v1.24.0/go.mod h1:XDChyiUovWa60DnaeDeZmSW86xtLtjtZbwvSiRnRtcA= -google.golang.org/grpc v1.25.1/go.mod h1:c3i+UQWmh7LiEpx4sFZnkU36qjEYZ0imhYfXVyQciAY= google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk= -gopkg.in/airbrake/gobrake.v2 v2.0.9/go.mod h1:/h5ZAUhDkGaJfjzjKLSjv6zCL6O0LLBxU4K+aSYdM/U= +google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= +google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= +google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= +google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= +google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= +google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= +google.golang.org/protobuf v1.24.0 h1:UhZDfRO8JRQru4/+LlLE0BRKGF8L+PICnvYZmx/fEGA= +google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4= +google.golang.org/protobuf v1.25.0 h1:Ejskq+SyPohKW+1uil0JJMtmHCgJPJ/qWTxr8qp+R4c= +google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= gopkg.in/asn1-ber.v1 v1.0.0-20181015200546-f715ec2f112d/go.mod h1:cuepJuh7vyXfUyUwEgHQXw849cJrilpS5NeIjOWESAw= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20141024133853-64131543e789/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw= gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= -gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/fsnotify/fsnotify.v1 v1.4.7/go.mod h1:Fyux9zXlo4rWoMSIzpn9fDAYjalPqJ/K1qJ27s+7ltE= -gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= -gopkg.in/gorp.v1 v1.7.2/go.mod h1:Wo3h+DBQZIxATwftsglhdD/62zRFPhGhTiu5jUJmCaw= -gopkg.in/imdario/mergo.v0 v0.3.7/go.mod h1:9qPP6AGrlC1G2PTNXko614FwGZvorN7MiBU0Eppok+U= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/ini.v1 v1.38.2/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.42.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.52.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= -gopkg.in/op/go-logging.v1 v1.0.0-20160211212156-b2cb9fa56473/go.mod h1:N1eN2tsCx0Ydtgjl4cqmbRCsY4/+z4cYDeqwZTk6zog= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= gopkg.in/square/go-jose.v2 v2.2.2/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= gopkg.in/square/go-jose.v2 v2.3.1/go.mod h1:M9dMgbHiYLoDGQrXy7OpJDJWiKiU//h+vD76mk0e1AI= @@ -1244,109 +785,109 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkep gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= gopkg.in/yaml.v2 v2.0.0/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74= -gopkg.in/yaml.v2 v2.1.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.3/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.5/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= +gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20190905181640-827449938966/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776 h1:tQIYjPdBoyREyB9XMu+nnTclpTYkz2zFM+lzLJFO4gQ= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= -helm.sh/helm/v3 v3.2.0/go.mod h1:ZaXz/vzktgwjyGGFbUWtIQkscfE7WYoRGP2szqAFHR0= -honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.1-2019.2.3 h1:3JgtbtFHMiCmsznwGVTUWbgGov+pVqnlf1dEJTNAXeM= honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= -howett.net/plist v0.0.0-20181124034731-591f970eefbb/go.mod h1:vMygbs4qMhSZSc4lCUl2OEE+rDiIIJAIdR4m7MiMcm0= -k8s.io/api v0.18.2 h1:wG5g5ZmSVgm5B+eHMIbI9EGATS2L8Z72rda19RIEgY8= -k8s.io/api v0.18.2/go.mod h1:SJCWI7OLzhZSvbY7U8zwNl9UA4o1fizoug34OV/2r78= -k8s.io/apiextensions-apiserver v0.0.0-20190918161926-8f644eb6e783/go.mod h1:xvae1SZB3E17UpV59AWc271W/Ph25N+bjPyR63X6tPY= +k8s.io/api v0.17.4/go.mod h1:5qxx6vjmwUVG2nHQTKGlLts8Tbok8PzHl4vHtVFuZCA= +k8s.io/api v0.18.0/go.mod h1:q2HRQkfDzHMBZL9l/y9rH63PkQl4vae0xRT+8prbrK8= +k8s.io/api v0.19.2 h1:q+/krnHWKsL7OBZg/rxnycsl9569Pud76UJ77MvKXms= +k8s.io/api v0.19.2/go.mod h1:IQpK0zFQ1xc5iNIQPqzgoOwuFugaYHK4iCknlAQP9nI= +k8s.io/api v0.19.4 h1:I+1I4cgJYuCDgiLNjKx7SLmIbwgj9w7N7Zr5vSIdwpo= +k8s.io/api v0.19.4/go.mod h1:SbtJ2aHCItirzdJ36YslycFNzWADYH3tgOhvBEFtZAk= k8s.io/apiextensions-apiserver v0.17.4/go.mod h1:rCbbbaFS/s3Qau3/1HbPlHblrWpFivoaLYccCffvQGI= k8s.io/apiextensions-apiserver v0.18.0/go.mod h1:18Cwn1Xws4xnWQNC00FLq1E350b9lUF+aOdIWDOZxgo= -k8s.io/apiextensions-apiserver v0.18.2 h1:I4v3/jAuQC+89L3Z7dDgAiN4EOjN6sbm6iBqQwHTah8= -k8s.io/apiextensions-apiserver v0.18.2/go.mod h1:q3faSnRGmYimiocj6cHQ1I3WpLqmDgJFlKL37fC4ZvY= -k8s.io/apimachinery v0.18.2 h1:44CmtbmkzVDAhCpRVSiP2R5PPrC2RtlIv/MoB8xpdRA= -k8s.io/apimachinery v0.18.2/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA= -k8s.io/apiserver v0.0.0-20190918160949-bfa5e2e684ad/go.mod h1:XPCXEwhjaFN29a8NldXA901ElnKeKLrLtREO9ZhFyhg= -k8s.io/apiserver v0.0.0-20191122221311-9d521947b1e1/go.mod h1:RbsZY5zzBIWnz4KbctZsTVjwIuOpTp4Z8oCgFHN4kZQ= +k8s.io/apiextensions-apiserver v0.19.2 h1:oG84UwiDsVDu7dlsGQs5GySmQHCzMhknfhFExJMz9tA= +k8s.io/apiextensions-apiserver v0.19.2/go.mod h1:EYNjpqIAvNZe+svXVx9j4uBaVhTB4C94HkY3w058qcg= +k8s.io/apiextensions-apiserver v0.19.4 h1:D9ak9T012tb3vcGFWYmbQuj9SCC8YM4zhA4XZqsAQC4= +k8s.io/apiextensions-apiserver v0.19.4/go.mod h1:B9rpH/nu4JBCtuUp3zTTk8DEjZUupZTBEec7/2zNRYw= +k8s.io/apimachinery v0.17.4/go.mod h1:gxLnyZcGNdZTCLnq3fgzyg2A5BVCHTNDFrw8AmuJ+0g= +k8s.io/apimachinery v0.18.0/go.mod h1:9SnR/e11v5IbyPCGbvJViimtJ0SwHG4nfZFjU77ftcA= +k8s.io/apimachinery v0.19.2 h1:5Gy9vQpAGTKHPVOh5c4plE274X8D/6cuEiTO2zve7tc= +k8s.io/apimachinery v0.19.2/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= +k8s.io/apimachinery v0.19.4 h1:+ZoddM7nbzrDCp0T3SWnyxqf8cbWPT2fkZImoyvHUG0= +k8s.io/apimachinery v0.19.4/go.mod h1:DnPGDnARWFvYa3pMHgSxtbZb7gpzzAZ1pTfaUNDVlmA= k8s.io/apiserver v0.17.4/go.mod h1:5ZDQ6Xr5MNBxyi3iUZXS84QOhZl+W7Oq2us/29c0j9I= k8s.io/apiserver v0.18.0/go.mod h1:3S2O6FeBBd6XTo0njUrLxiqk8GNy6wWOftjhJcXYnjw= -k8s.io/apiserver v0.18.2/go.mod h1:Xbh066NqrZO8cbsoenCwyDJ1OSi8Ag8I2lezeHxzwzw= -k8s.io/autoscaler v0.0.0-20190607113959-1b4f1855cb8e/go.mod h1:QEXezc9uKPT91dwqhSJq3GNI3B1HxFRQHiku9kmrsSA= +k8s.io/apiserver v0.19.2/go.mod h1:FreAq0bJ2vtZFj9Ago/X0oNGC51GfubKK/ViOKfVAOA= +k8s.io/apiserver v0.19.4/go.mod h1:X8WRHCR1UGZDd7HpV0QDc1h/6VbbpAeAGyxSh8yzZXw= k8s.io/cli-runtime v0.18.0/go.mod h1:1eXfmBsIJosjn9LjEBUd2WVPoPAY9XGTqTFcPMIBsUQ= -k8s.io/cli-runtime v0.18.2/go.mod h1:yfFR2sQQzDsV0VEKGZtrJwEy4hLZ2oj4ZIfodgxAHWQ= -k8s.io/client-go v0.18.2 h1:aLB0iaD4nmwh7arT2wIn+lMnAq7OswjaejkQ8p9bBYE= -k8s.io/client-go v0.18.2/go.mod h1:Xcm5wVGXX9HAA2JJ2sSBUn3tCJ+4SVlCbl2MNNv+CIU= -k8s.io/code-generator v0.0.0-20190912054826-cd179ad6a269/go.mod h1:V5BD6M4CyaN5m+VthcclXWsVcT1Hu+glwa1bi3MIsyE= +k8s.io/client-go v0.17.4/go.mod h1:ouF6o5pz3is8qU0/qYL2RnoxOPqgfuidYLowytyLJmc= +k8s.io/client-go v0.18.0/go.mod h1:uQSYDYs4WhVZ9i6AIoEZuwUggLVEF64HOD37boKAtF8= +k8s.io/client-go v0.19.2 h1:gMJuU3xJZs86L1oQ99R4EViAADUPMHHtS9jFshasHSc= +k8s.io/client-go v0.19.2/go.mod h1:S5wPhCqyDNAlzM9CnEdgTGV4OqhsW3jGO1UM1epwfJA= +k8s.io/client-go v0.19.4 h1:85D3mDNoLF+xqpyE9Dh/OtrJDyJrSRKkHmDXIbEzer8= +k8s.io/client-go v0.19.4/go.mod h1:ZrEy7+wj9PjH5VMBCuu/BDlvtUAku0oVFk4MmnW9mWA= k8s.io/code-generator v0.17.4/go.mod h1:l8BLVwASXQZTo2xamW5mQNFCe1XPiAesVq7Y1t7PiQQ= k8s.io/code-generator v0.18.0/go.mod h1:+UHX5rSbxmR8kzS+FAv7um6dtYrZokQvjHpDSYRVkTc= -k8s.io/code-generator v0.18.2/go.mod h1:+UHX5rSbxmR8kzS+FAv7um6dtYrZokQvjHpDSYRVkTc= -k8s.io/component-base v0.0.0-20190918160511-547f6c5d7090/go.mod h1:933PBGtQFJky3TEwYx4aEPZ4IxqhWh3R6DCmzqIn1hA= -k8s.io/component-base v0.0.0-20191122220729-2684fb322cb9/go.mod h1:NFuUusy/X4Tk21m21tcNUihnmp4OI7lXU7/xA+rYXkc= +k8s.io/code-generator v0.19.2/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= +k8s.io/code-generator v0.19.4/go.mod h1:moqLn7w0t9cMs4+5CQyxnfA/HV8MF6aAVENF+WZZhgk= k8s.io/component-base v0.17.4/go.mod h1:5BRqHMbbQPm2kKu35v3G+CpVq4K0RJKC7TRioF0I9lE= k8s.io/component-base v0.18.0/go.mod h1:u3BCg0z1uskkzrnAKFzulmYaEpZF7XC9Pf/uFyb1v2c= -k8s.io/component-base v0.18.2/go.mod h1:kqLlMuhJNHQ9lz8Z7V5bxUUtjFZnrypArGl58gmDfUM= +k8s.io/component-base v0.19.2 h1:jW5Y9RcZTb79liEhW3XDVTW7MuvEGP0tQZnfSX6/+gs= +k8s.io/component-base v0.19.2/go.mod h1:g5LrsiTiabMLZ40AR6Hl45f088DevyGY+cCE2agEIVo= +k8s.io/component-base v0.19.4 h1:HobPRToQ8KJ9ubRju6PUAk9I5V1GNMJZ4PyWbiWA0uI= +k8s.io/component-base v0.19.4/go.mod h1:ZzuSLlsWhajIDEkKF73j64Gz/5o0AgON08FgRbEPI70= k8s.io/gengo v0.0.0-20190128074634-0689ccc1d7d6/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20190822140433-26a664648505/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/gengo v0.0.0-20200114144118-36b2048a9120/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20200413195148-3a45101e95ac/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= +k8s.io/gengo v0.0.0-20200428234225-8167cfdcfc14/go.mod h1:ezvh/TsK7cY6rbqRK0oQQ8IAqLxYwwyPxAX1Pzy0ii0= k8s.io/klog v0.0.0-20181102134211-b9b56d5dfc92/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= k8s.io/klog v0.3.0/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v0.3.3/go.mod h1:Gq+BEi5rUBO/HRz0bTSXDUcqjScdoY3a9IHpCEIOOfk= -k8s.io/klog v0.4.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= k8s.io/klog v1.0.0 h1:Pt+yjF5aB1xDSVbau4VsWe+dQNzA0qv1LlXdC2dF6Q8= k8s.io/klog v1.0.0/go.mod h1:4Bi6QPql/J/LkTDqv7R/cd3hPo4k2DG6Ptcz060Ez5I= +k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= +k8s.io/klog/v2 v2.2.0 h1:XRvcwJozkgZ1UQJmfMGpvRthQHOvihEhYtDfAaxMz/A= +k8s.io/klog/v2 v2.2.0/go.mod h1:Od+F08eJP+W3HUb4pSrPpgp9DGU4GzlpG/TmITuYh/Y= k8s.io/kube-aggregator v0.18.0/go.mod h1:ateewQ5QbjMZF/dihEFXwaEwoA4v/mayRvzfmvb6eqI= -k8s.io/kube-openapi v0.0.0-20190320154901-5e45bb682580/go.mod h1:BXM9ceUBTj2QnfH2MK1odQs778ajze1RxcmP6S8RVVc= -k8s.io/kube-openapi v0.0.0-20190816220812-743ec37842bf/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a/go.mod h1:1TqjTSzOxsLGIKfj0lK8EeCP7K1iUG65v09OM0/WG5E= -k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c h1:/KUFqjjqAcY4Us6luF5RDNZ16KJtb49HfR3ZHB9qYXM= k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E= -k8s.io/kube-state-metrics v1.7.2 h1:6vdtgXrrRRMSgnyDmgua+qvgCYv954JNfxXAtDkeLVQ= -k8s.io/kube-state-metrics v1.7.2/go.mod h1:U2Y6DRi07sS85rmVPmBFlmv+2peBcL8IWGjM+IjYA/E= +k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6 h1:+WnxoVtG8TMiudHBSEtrVL1egv36TkkJm+bA8AxicmQ= +k8s.io/kube-openapi v0.0.0-20200805222855-6aeccd4b50c6/go.mod h1:UuqjUnNftUyPE5H64/qeyjQoUZhGpeFDVdxjTeEVN2o= k8s.io/kubectl v0.18.0/go.mod h1:LOkWx9Z5DXMEg5KtOjHhRiC1fqJPLyCr3KtQgEolCkU= -k8s.io/kubectl v0.18.2/go.mod h1:OdgFa3AlsPKRpFFYE7ICTwulXOcMGXHTc+UKhHKvrb4= -k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk= k8s.io/metrics v0.18.0/go.mod h1:8aYTW18koXqjLVKL7Ds05RPMX9ipJZI3mywYvBOxXd4= -k8s.io/metrics v0.18.2/go.mod h1:qga8E7QfYNR9Q89cSCAjinC9pTZ7yv1XSVGUB0vJypg= -k8s.io/utils v0.0.0-20190308190857-21c4ce38f2a7/go.mod h1:8k8uAuAQ0rXslZKaEWd0c3oVhZz7sSzSiPnVZayjIX0= -k8s.io/utils v0.0.0-20190801114015-581e00157fb1/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= k8s.io/utils v0.0.0-20191114184206-e782cd3c129f/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= -k8s.io/utils v0.0.0-20191114200735-6ca3b61696b6/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= -k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89 h1:d4vVOjXm687F1iLSP2q3lyPPuyvTUt3aVoBpi2DqRsU= k8s.io/utils v0.0.0-20200324210504-a9aa75ae1b89/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew= +k8s.io/utils v0.0.0-20200729134348-d5654de09c73/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= +k8s.io/utils v0.0.0-20200912215256-4140de9c8800 h1:9ZNvfPvVIEsp/T1ez4GQuzCcCTEQWhovSofhqR73A6g= +k8s.io/utils v0.0.0-20200912215256-4140de9c8800/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= modernc.org/cc v1.0.0/go.mod h1:1Sk4//wdnYJiUIxnW8ddKpaOJCF37yAdqYnkxUpaYxw= modernc.org/golex v1.0.0/go.mod h1:b/QX9oBD/LhixY6NDh+IdGv17hgB+51fET1i2kPSmvk= modernc.org/mathutil v1.0.0/go.mod h1:wU0vUrJsVWBZ4P6e7xtFJEhFSNsfRLJ8H458uRjg03k= modernc.org/strutil v1.0.0/go.mod h1:lstksw84oURvj9y3tn8lGvRxyRC1S2+g5uuIzNfIOBs= modernc.org/xc v1.0.0/go.mod h1:mRNCo0bvLjGhHO9WsyuKVU4q0ceiDDDoEeWDJHrNx8I= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= -rsc.io/letsencrypt v0.0.3/go.mod h1:buyQKZ6IXrRnB7TdkHP0RyEybLx18HHyOSoTyoOLqNY= sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.7/go.mod h1:PHgbrJT7lCHcxMU+mDHEm+nx46H4zuuHZkDP6icnhu0= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.9/go.mod h1:dzAXnQbTRyDlZPJX2SUPEqvnB+j7AJjtlox7PEwigU0= sigs.k8s.io/controller-runtime v0.5.1-0.20200416234307-5377effd4043/go.mod h1:j4echH3Y/UPHRpXS65rxGXujda8iWOheMQvDh1uNgaY= -sigs.k8s.io/controller-runtime v0.6.0 h1:Fzna3DY7c4BIP6KwfSlrfnj20DJ+SeMBK8HSFvOk9NM= -sigs.k8s.io/controller-runtime v0.6.0/go.mod h1:CpYf5pdNY/B352A1TFLAS2JVSlnGQ5O2cftPHndTroo= -sigs.k8s.io/controller-tools v0.2.4/go.mod h1:m/ztfQNocGYBgTTCmFdnK94uVvgxeZeE3LtJvd/jIzA= +sigs.k8s.io/controller-runtime v0.7.0 h1:bU20IBBEPccWz5+zXpLnpVsgBYxqclaHu1pVDl/gEt8= +sigs.k8s.io/controller-runtime v0.7.0/go.mod h1:pJ3YBrJiAqMAZKi6UVGuE98ZrroV1p+pIhoHsMm9wdU= sigs.k8s.io/controller-tools v0.2.9-0.20200414181213-645d44dca7c0/go.mod h1:YKE/iHvcKITCljdnlqHYe+kAt7ZldvtAwUzQff0k1T0= -sigs.k8s.io/controller-tools v0.3.0/go.mod h1:enhtKGfxZD1GFEoMgP8Fdbu+uKQ/cq1/WGJhdVChfvI= -sigs.k8s.io/kubebuilder v1.0.9-0.20200513134826-f07a0146a40b/go.mod h1:FGPx0hvP73+bapzWoy5ePuhAJYgJjrFbPxgvWyortM0= sigs.k8s.io/kustomize v2.0.3+incompatible/go.mod h1:MkjgH3RdOWrievjo6c9T245dYlB5QeXV4WCbnt/PEpU= sigs.k8s.io/structured-merge-diff v0.0.0-20190525122527-15d366b2352e/go.mod h1:wWxsB5ozmmv/SG7nM11ayaAW51xMvak/t1r0CSlcokI= -sigs.k8s.io/structured-merge-diff v0.0.0-20190817042607-6149e4549fca/go.mod h1:IIgPezJWb76P0hotTxzDbWsMYB8APh18qZnxkomBpxA= sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06 h1:zD2IemQ4LmOcAumeiyDWXKUI2SO0NYDe3H6QGvPOVgU= sigs.k8s.io/structured-merge-diff v1.0.1-0.20191108220359-b1b620dd3f06/go.mod h1:/ULNhyfzRopfcjskuui0cTITekDduZ7ycKN3oUT9R18= sigs.k8s.io/structured-merge-diff/v3 v3.0.0-20200116222232-67a7b8c61874/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= -sigs.k8s.io/structured-merge-diff/v3 v3.0.0 h1:dOmIZBMfhcHS09XZkMyUgkq5trg3/jRyJYFZUiaOp8E= sigs.k8s.io/structured-merge-diff/v3 v3.0.0/go.mod h1:PlARxl6Hbt/+BC80dRLi1qAmnMqwqDg62YvvVkZjemw= -sigs.k8s.io/testing_frameworks v0.1.2 h1:vK0+tvjF0BZ/RYFeZ1E6BYBwHJJXhjuZ3TdsEKH+UQM= +sigs.k8s.io/structured-merge-diff/v4 v4.0.1 h1:YXTMot5Qz/X1iBRJhAt+vI+HVttY0WkSqqhKxQ0xVbA= +sigs.k8s.io/structured-merge-diff/v4 v4.0.1/go.mod h1:bJZC9H9iH24zzfZ/41RGcq60oK1F7G282QMXDPYydCw= sigs.k8s.io/testing_frameworks v0.1.2/go.mod h1:ToQrwSC3s8Xf/lADdZp3Mktcql9CG0UAmdJG9th5i0w= -sigs.k8s.io/yaml v1.1.0 h1:4A07+ZFc2wgJwo8YNlQpr1rVlgUDlxXHhPJciaPY5gs= sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o= sigs.k8s.io/yaml v1.2.0 h1:kr/MCeFWJWTwyaHoR9c8EjH9OumOmoF9YGiZd7lFm/Q= sigs.k8s.io/yaml v1.2.0/go.mod h1:yfXDCHCao9+ENCvLSE62v9VSji2MKu5jeNfTrofGhJc= diff --git a/hack/boilerplate.go.txt b/hack/boilerplate.go.txt new file mode 100644 index 000000000..606681a69 --- /dev/null +++ b/hack/boilerplate.go.txt @@ -0,0 +1,15 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ \ No newline at end of file diff --git a/helm/nifikop/crds/nifi.orange.com_nificlusters_crd.yaml b/helm/nifikop/crds/nifi.orange.com_nificlusters.yaml similarity index 98% rename from helm/nifikop/crds/nifi.orange.com_nificlusters_crd.yaml rename to helm/nifikop/crds/nifi.orange.com_nificlusters.yaml index 84eef63a8..698650d2c 100644 --- a/helm/nifikop/crds/nifi.orange.com_nificlusters_crd.yaml +++ b/helm/nifikop/crds/nifi.orange.com_nificlusters.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nificlusters.nifi.orange.com spec: group: nifi.orange.com @@ -127,9 +132,10 @@ spec: type: object fieldRef: description: 'Selects a field of the pod: supports - metadata.name, metadata.namespace, metadata.labels, - metadata.annotations, spec.nodeName, spec.serviceAccountName, - status.hostIP, status.podIP, status.podIPs.' + metadata.name, metadata.namespace, `metadata.labels['''']`, + `metadata.annotations['''']`, spec.nodeName, + spec.serviceAccountName, status.hostIP, status.podIP, + status.podIPs.' properties: apiVersion: description: Version of the schema the FieldPath @@ -595,6 +601,7 @@ spec: be referred to by services. type: string protocol: + default: TCP description: Protocol for port. Must be UDP, TCP, or SCTP. Defaults to "TCP". type: string @@ -851,6 +858,30 @@ spec: to the container. type: string type: object + seccompProfile: + description: The seccomp options to use by this container. + If seccomp options are provided at both the pod & container + level, the container options override the pod options. + properties: + localhostProfile: + description: localhostProfile indicates a profile defined + in a file on the node should be used. The profile + must be preconfigured on the node to work. Must be + a descending path, relative to the kubelet's configured + seccomp profile location. Must only be set if type + is "Localhost". + type: string + type: + description: "type indicates which kind of seccomp profile + will be applied. Valid options are: \n Localhost - + a profile defined in a file on the node should be + used. RuntimeDefault - the container runtime default + profile should be used. Unconfined - no profile should + be applied." + type: string + required: + - type + type: object windowsOptions: description: The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext @@ -2525,3 +2556,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/crds/v1/nifi.orange.com_nifidataflows_crd.yaml b/helm/nifikop/crds/nifi.orange.com_nifidataflows.yaml similarity index 97% rename from deploy/crds/v1/nifi.orange.com_nifidataflows_crd.yaml rename to helm/nifikop/crds/nifi.orange.com_nifidataflows.yaml index 62c68edb1..265322bfd 100644 --- a/deploy/crds/v1/nifi.orange.com_nifidataflows_crd.yaml +++ b/helm/nifikop/crds/nifi.orange.com_nifidataflows.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifidataflows.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi Dataflow is the Schema for the nifi dataflow API + description: NifiDataflow is the Schema for the nifidataflows API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -247,3 +252,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/crds/v1/nifi.orange.com_nifiparametercontexts_crd.yaml b/helm/nifikop/crds/nifi.orange.com_nifiparametercontexts.yaml similarity index 96% rename from deploy/crds/v1/nifi.orange.com_nifiparametercontexts_crd.yaml rename to helm/nifikop/crds/nifi.orange.com_nifiparametercontexts.yaml index 2f3f41a98..a70c23709 100644 --- a/deploy/crds/v1/nifi.orange.com_nifiparametercontexts_crd.yaml +++ b/helm/nifikop/crds/nifi.orange.com_nifiparametercontexts.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiparametercontexts.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: NifiParameterContext is the Schema for the nifi parameter context + description: NifiParameterContext is the Schema for the nifiparametercontexts API properties: apiVersion: @@ -143,3 +148,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/nifikop/crds/nifi.orange.com_nifiregistryclients_crd.yaml b/helm/nifikop/crds/nifi.orange.com_nifiregistryclients.yaml similarity index 91% rename from helm/nifikop/crds/nifi.orange.com_nifiregistryclients_crd.yaml rename to helm/nifikop/crds/nifi.orange.com_nifiregistryclients.yaml index 37de0aa59..e604f891f 100644 --- a/helm/nifikop/crds/nifi.orange.com_nifiregistryclients_crd.yaml +++ b/helm/nifikop/crds/nifi.orange.com_nifiregistryclients.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiregistryclients.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi Registry Client is the Schema for the nifi registry client + description: NifiRegistryClient is the Schema for the nifiregistryclients API properties: apiVersion: @@ -73,3 +78,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/deploy/crds/v1/nifi.orange.com_nifiusergroups_crd.yaml b/helm/nifikop/crds/nifi.orange.com_nifiusergroups.yaml similarity index 95% rename from deploy/crds/v1/nifi.orange.com_nifiusergroups_crd.yaml rename to helm/nifikop/crds/nifi.orange.com_nifiusergroups.yaml index f6626892e..b3777280c 100644 --- a/deploy/crds/v1/nifi.orange.com_nifiusergroups_crd.yaml +++ b/helm/nifikop/crds/nifi.orange.com_nifiusergroups.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiusergroups.nifi.orange.com spec: group: nifi.orange.com @@ -14,8 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi Registry Client is the Schema for the nifi registry client - API + description: NifiUserGroup is the Schema for the nifiusergroups API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -138,3 +142,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/nifikop/crds/nifi.orange.com_nifiusers_crd.yaml b/helm/nifikop/crds/nifi.orange.com_nifiusers.yaml similarity index 95% rename from helm/nifikop/crds/nifi.orange.com_nifiusers_crd.yaml rename to helm/nifikop/crds/nifi.orange.com_nifiusers.yaml index 4d8a7b227..f3b6ab4d4 100644 --- a/helm/nifikop/crds/nifi.orange.com_nifiusers_crd.yaml +++ b/helm/nifikop/crds/nifi.orange.com_nifiusers.yaml @@ -1,6 +1,11 @@ + +--- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null name: nifiusers.nifi.orange.com spec: group: nifi.orange.com @@ -14,7 +19,7 @@ spec: - name: v1alpha1 schema: openAPIV3Schema: - description: Nifi User is the Schema for the nifi users API + description: NifiUser is the Schema for the nifiusers API properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation @@ -144,3 +149,9 @@ spec: storage: true subresources: status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/helm/nifikop/templates/deployment.yaml b/helm/nifikop/templates/deployment.yaml index 52389e4c2..ddf1b5d6c 100644 --- a/helm/nifikop/templates/deployment.yaml +++ b/helm/nifikop/templates/deployment.yaml @@ -8,26 +8,29 @@ metadata: heritage: {{ .Release.Service }} operator: nifi release: {{ .Release.Name }} + control-plane: nifikop spec: - replicas: 1 selector: matchLabels: + control-plane: nifikop name: {{ template "nifikop.name" . }} + replicas: 1 template: metadata: labels: + control-plane: nifikop name: {{ template "nifikop.name" . }} app: {{ template "nifikop.name" . }} operator: nifi release: {{ .Release.Name }} spec: -{{- if .Values.image.imagePullSecrets.enabled }} + {{- if .Values.image.imagePullSecrets.enabled }} imagePullSecrets: - name: {{ .Values.image.imagePullSecrets.name }} -{{- end }} -{{- if .Values.rbacEnable }} + {{- end }} + {{- if .Values.rbacEnable }} serviceAccountName: {{ template "nifikop.name" . }} -{{- end }} + {{- end }} {{- if .Values.vaultSecret }} volumes: - name: {{ .Values.vaultSecret }} @@ -37,29 +40,27 @@ spec: securityContext: runAsUser: 1000 containers: - - name: {{ template "nifikop.name" . }} - image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" - imagePullPolicy: "{{ .Values.image.pullPolicy }}" - command: - - nifikop + - command: + - /manager args: - {{- if .Values.namespaces }} - - --namespaces={{ join "," .Values.namespaces }} + - --leader-elect + {{- if .Values.certManager.enabled }} + - --cert-manager-enabled={{ .Values.certManager.enabled }} {{- end }} - readinessProbe: - exec: - command: - - /health - initialDelaySeconds: 4 - periodSeconds: 10 - failureThreshold: 1 - resources: -{{ toYaml .Values.resources | indent 12 }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: "{{ .Values.image.pullPolicy }}" + name: {{ template "nifikop.name" . }} + securityContext: + allowPrivilegeEscalation: false env: - name: WATCH_NAMESPACE + {{- if .Values.namespaces }} + value: {{ join "," .Values.namespaces }} + {{- else }} valueFrom: fieldRef: fieldPath: metadata.namespace + {{- end }} - name: POD_NAME valueFrom: fieldRef: @@ -74,13 +75,29 @@ spec: - name: VAULT_CACERT value: /etc/vault/certs/ca.crt {{- end }} - {{- if .Values.debug.enable }} + {{- if .Values.debug.enabled }} - name: LOG_LEVEL value: Debug {{- end }} + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: +{{ toYaml .Values.resources | indent 12 }} volumeMounts: - {{- if .Values.vaultSecret }} - - mountPath: /etc/vault/certs - name: {{ .Values.vaultSecret }} - readOnly: true - {{- end }} \ No newline at end of file + {{- if .Values.vaultSecret }} + - mountPath: /etc/vault/certs + name: {{ .Values.vaultSecret }} + readOnly: true + {{- end }} + terminationGracePeriodSeconds: 10 + diff --git a/helm/nifikop/templates/role.yaml b/helm/nifikop/templates/role.yaml index 61c60b8f2..007789115 100644 --- a/helm/nifikop/templates/role.yaml +++ b/helm/nifikop/templates/role.yaml @@ -133,6 +133,27 @@ rules: - patch - update - watch +- apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch --- {{- end}} {{- end}} diff --git a/helm/nifikop/templates/role_binding.yaml b/helm/nifikop/templates/role_binding.yaml index b8ee1bdf6..c3f731d39 100644 --- a/helm/nifikop/templates/role_binding.yaml +++ b/helm/nifikop/templates/role_binding.yaml @@ -22,24 +22,4 @@ roleRef: apiGroup: rbac.authorization.k8s.io {{- end }} {{- end }} ---- - -#kind: RoleBinding -#apiVersion: rbac.authorization.k8s.io/v1 -#metadata: -# labels: -# app: {{ template "nifikop.name" . }} -# chart: {{ .Chart.Name }}-{{ .Chart.Version }} -# heritage: {{ .Release.Service }} -# release: {{ .Release.Name }} -# name: {{ template "nifikop.name" . }}-cert-manager -# namespace: -#subjects: -# - kind: ServiceAccount -# name: {{ template "nifikop.name" . }} -# namespace: {{ .Release.Namespace }} -#roleRef: -# kind: Role -# name: {{ template "nifikop.name" . }} -# apiGroup: rbac.authorization.k8s.io -# +--- \ No newline at end of file diff --git a/helm/nifikop/values.yaml b/helm/nifikop/values.yaml index 43b6bf5fc..f524b4f60 100644 --- a/helm/nifikop/values.yaml +++ b/helm/nifikop/values.yaml @@ -39,4 +39,5 @@ debug: enabled: false certManager: + enabled: true clusterScoped: false diff --git a/main.go b/main.go new file mode 100644 index 000000000..ef5b2adc3 --- /dev/null +++ b/main.go @@ -0,0 +1,219 @@ +/* +Copyright 2020. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package main + +import ( + "flag" + "fmt" + "github.com/Orange-OpenSource/nifikop/version" + certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" + "os" + "sigs.k8s.io/controller-runtime/pkg/cache" + "strings" + + // Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.) + // to ensure that exec-entrypoint and run can make use of them. + _ "k8s.io/client-go/plugin/pkg/client/auth" + + "k8s.io/apimachinery/pkg/runtime" + utilruntime "k8s.io/apimachinery/pkg/util/runtime" + clientgoscheme "k8s.io/client-go/kubernetes/scheme" + ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/healthz" + "sigs.k8s.io/controller-runtime/pkg/log/zap" + + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" + "github.com/Orange-OpenSource/nifikop/controllers" + // +kubebuilder:scaffold:imports +) + +var ( + scheme = runtime.NewScheme() + setupLog = ctrl.Log.WithName("setup") +) + +func init() { + utilruntime.Must(clientgoscheme.AddToScheme(scheme)) + + utilruntime.Must(v1alpha1.AddToScheme(scheme)) + // +kubebuilder:scaffold:scheme +} + +func printVersion() { + setupLog.Info(fmt.Sprintf("Operator Version: %s", version.Version)) + setupLog.Info(fmt.Sprintf("Go Version: %s", runtime.APIVersionInternal)) +} + +func main() { + var metricsAddr string + var enableLeaderElection bool + var probeAddr string + var certManagerEnabled bool + + flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.") + flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.") + flag.BoolVar(&enableLeaderElection, "leader-elect", false, + "Enable leader election for controller manager. "+ + "Enabling this will ensure there is only one active controller manager.") + flag.BoolVar(&certManagerEnabled, "cert-manager-enabled", false, "Enable cert-manager integration") + + opts := zap.Options{ + Development: true, + } + opts.BindFlags(flag.CommandLine) + flag.Parse() + + ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts))) + + watchNamespace, err := getWatchNamespace() + if err != nil { + setupLog.Error(err, "unable to get WatchNamespace, "+ + "the manager will watch and manage resources in all Namespaces") + } + + options := ctrl.Options{ + Scheme: scheme, + MetricsBindAddress: metricsAddr, + Port: 9443, + HealthProbeBindAddress: probeAddr, + LeaderElection: enableLeaderElection, + LeaderElectionID: "f1c5ece8.example.com", + Namespace: watchNamespace, // namespaced-scope when the value is not an empty string + } + + // Add support for MultiNamespace set in WATCH_NAMESPACE (e.g ns1,ns2) + var namespaceList []string + if strings.Contains(watchNamespace, ",") { + setupLog.Info("manager set up with multiple namespaces", "namespaces", watchNamespace) + namespaceList = strings.Split(watchNamespace, ",") + // configure cluster-scoped with MultiNamespacedCacheBuilder + options.Namespace = "" + options.NewCache = cache.MultiNamespacedCacheBuilder(namespaceList) + } + + // NewFileReady returns a Ready that uses the presence of a file on disk to + // communicate whether the operator is ready. The operator's Pod definition + // "stat /tmp/operator-sdk-ready". + setupLog.Info("Writing ready file.") + + mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), options) + if err != nil { + setupLog.Error(err, "unable to start manager") + os.Exit(1) + } + + if err := certv1.AddToScheme(mgr.GetScheme()); err != nil { + setupLog.Error(err, "") + os.Exit(1) + } + + if err = (&controllers.NifiClusterReconciler{ + Client: mgr.GetClient(), + DirectClient: mgr.GetAPIReader(), + Log: ctrl.Log.WithName("controllers").WithName("NifiCluster"), + Scheme: mgr.GetScheme(), + Namespaces: namespaceList, + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NifiCluster") + os.Exit(1) + } + + if err = (&controllers.NifiClusterTaskReconciler{ + Client: mgr.GetClient(), + Log: ctrl.Log.WithName("controllers").WithName("NifiClusterTask"), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NifiClusterTask") + os.Exit(1) + } + + if err = (&controllers.NifiUserReconciler{ + Client: mgr.GetClient(), + Log: ctrl.Log.WithName("controllers").WithName("NifiUser"), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr, certManagerEnabled); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NifiUser") + os.Exit(1) + } + + if err = (&controllers.NifiUserGroupReconciler{ + Client: mgr.GetClient(), + Log: ctrl.Log.WithName("controllers").WithName("NifiUserGroup"), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NifiUserGroup") + os.Exit(1) + } + + if err = (&controllers.NifiDataflowReconciler{ + Client: mgr.GetClient(), + Log: ctrl.Log.WithName("controllers").WithName("NifiDataflow"), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NifiDataflow") + os.Exit(1) + } + + if err = (&controllers.NifiParameterContextReconciler{ + Client: mgr.GetClient(), + Log: ctrl.Log.WithName("controllers").WithName("NifiParameterContext"), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NifiParameterContext") + os.Exit(1) + } + + if err = (&controllers.NifiRegistryClientReconciler{ + Client: mgr.GetClient(), + Log: ctrl.Log.WithName("controllers").WithName("NifiRegistryClient"), + Scheme: mgr.GetScheme(), + }).SetupWithManager(mgr); err != nil { + setupLog.Error(err, "unable to create controller", "controller", "NifiRegistryClient") + os.Exit(1) + } + + // +kubebuilder:scaffold:builder + + if err := mgr.AddHealthzCheck("health", healthz.Ping); err != nil { + setupLog.Error(err, "unable to set up health check") + os.Exit(1) + } + if err := mgr.AddReadyzCheck("check", healthz.Ping); err != nil { + setupLog.Error(err, "unable to set up ready check") + os.Exit(1) + } + + setupLog.Info("starting manager") + if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { + setupLog.Error(err, "problem running manager") + os.Exit(1) + } +} + +// getWatchNamespace returns the Namespace the operator should be watching for changes +func getWatchNamespace() (string, error) { + // WatchNamespaceEnvVar is the constant for env variable WATCH_NAMESPACE + // which specifies the Namespace to watch. + // An empty value means the operator is running with cluster scope. + var watchNamespaceEnvVar = "WATCH_NAMESPACE" + + ns, found := os.LookupEnv(watchNamespaceEnvVar) + if !found { + return "", fmt.Errorf("%s must be set", watchNamespaceEnvVar) + } + return ns, nil +} diff --git a/pkg/apis/addtoscheme_nifi_v1alpha1.go b/pkg/apis/addtoscheme_nifi_v1alpha1.go deleted file mode 100644 index fcf53beeb..000000000 --- a/pkg/apis/addtoscheme_nifi_v1alpha1.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package apis - -import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" -) - -func init() { - // Register the types with the Scheme so the components can map objects to GroupVersionKinds and back - AddToSchemes = append(AddToSchemes, v1alpha1.SchemeBuilder.AddToScheme) -} diff --git a/pkg/apis/apis.go b/pkg/apis/apis.go deleted file mode 100644 index 807e7b24f..000000000 --- a/pkg/apis/apis.go +++ /dev/null @@ -1,27 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package apis - -import ( - "k8s.io/apimachinery/pkg/runtime" -) - -// AddToSchemes may be used to add all resources defined in the project to a Scheme -var AddToSchemes runtime.SchemeBuilder - -// AddToScheme adds all Resources to the Scheme -func AddToScheme(s *runtime.Scheme) error { - return AddToSchemes.AddToScheme(s) -} diff --git a/pkg/apis/nifi/group.go b/pkg/apis/nifi/group.go deleted file mode 100644 index 4f8d47791..000000000 --- a/pkg/apis/nifi/group.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -// Package nifi contains nifi API versions. -// -// This file ensures Go source parsers acknowledge the nifi package -// and any child packages. It can be removed if any other Go source files are -// added to this package. - -package nifi diff --git a/pkg/apis/nifi/v1alpha1/doc.go b/pkg/apis/nifi/v1alpha1/doc.go deleted file mode 100644 index 112db7a72..000000000 --- a/pkg/apis/nifi/v1alpha1/doc.go +++ /dev/null @@ -1,18 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -// Package v1alpha1 contains API Schema definitions for the nifi v1alpha1 API group -// +k8s:deepcopy-gen=package,register -// +groupName=nifi.orange.com -package v1alpha1 diff --git a/pkg/apis/nifi/v1alpha1/register.go b/pkg/apis/nifi/v1alpha1/register.go deleted file mode 100644 index 9e4ecddf9..000000000 --- a/pkg/apis/nifi/v1alpha1/register.go +++ /dev/null @@ -1,31 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -// Package v1alpha1 contains API Schema definitions for the nifi v1alpha1 API group -// +k8s:deepcopy-gen=package,register -// +groupName=nifi.orange.com -package v1alpha1 - -import ( - "k8s.io/apimachinery/pkg/runtime/schema" - "sigs.k8s.io/controller-runtime/pkg/scheme" -) - -var ( - // SchemeGroupVersion is group version used to register these objects - SchemeGroupVersion = schema.GroupVersion{Group: "nifi.orange.com", Version: "v1alpha1"} - - // SchemeBuilder is used to add go types to the GroupVersionKind scheme - SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} -) diff --git a/pkg/apis/nifi/v1alpha1/zz_generated.openapi.go b/pkg/apis/nifi/v1alpha1/zz_generated.openapi.go deleted file mode 100644 index d5e58d35e..000000000 --- a/pkg/apis/nifi/v1alpha1/zz_generated.openapi.go +++ /dev/null @@ -1,132 +0,0 @@ -// +build !ignore_autogenerated - -// This file was autogenerated by openapi-gen. Do not edit it manually! - -package v1alpha1 - -import ( - spec "github.com/go-openapi/spec" - common "k8s.io/kube-openapi/pkg/common" -) - -func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition { - return map[string]common.OpenAPIDefinition{ - "./pkg/apis/nifi/v1alpha1.NifiUser": schema_pkg_apis_nifi_v1alpha1_NifiUser(ref), - "./pkg/apis/nifi/v1alpha1.NifiUserSpec": schema_pkg_apis_nifi_v1alpha1_NifiUserSpec(ref), - "./pkg/apis/nifi/v1alpha1.NifiUserStatus": schema_pkg_apis_nifi_v1alpha1_NifiUserStatus(ref), - } -} - -func schema_pkg_apis_nifi_v1alpha1_NifiUser(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "Nifi User is the Schema for the nifi users API", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "kind": { - SchemaProps: spec.SchemaProps{ - Description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", - Type: []string{"string"}, - Format: "", - }, - }, - "apiVersion": { - SchemaProps: spec.SchemaProps{ - Description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", - Type: []string{"string"}, - Format: "", - }, - }, - "metadata": { - SchemaProps: spec.SchemaProps{ - Ref: ref("k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"), - }, - }, - "spec": { - SchemaProps: spec.SchemaProps{ - Ref: ref("./pkg/apis/nifi/v1alpha1.NifiUserSpec"), - }, - }, - "status": { - SchemaProps: spec.SchemaProps{ - Ref: ref("./pkg/apis/nifi/v1alpha1.NifiUserStatus"), - }, - }, - }, - }, - }, - Dependencies: []string{ - "./pkg/apis/nifi/v1alpha1.NifiUserSpec", "./pkg/apis/nifi/v1alpha1.NifiUserStatus", "k8s.io/apimachinery/pkg/apis/meta/v1.ObjectMeta"}, - } -} - -func schema_pkg_apis_nifi_v1alpha1_NifiUserSpec(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "NifiUserSpec defines the desired state of NifiUser", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "secretName": { - SchemaProps: spec.SchemaProps{ - Description: "Name of the secret where all cert resources will be stored", - Type: []string{"string"}, - Format: "", - }, - }, - "clusterRef": { - SchemaProps: spec.SchemaProps{ - Description: "contains the reference to the NifiCluster with the one the user is linked", - Ref: ref("./pkg/apis/nifi/v1alpha1.ClusterReference"), - }, - }, - "dnsNames": { - SchemaProps: spec.SchemaProps{ - Description: "List of DNSNames that the user will used to request the NifiCluster (allowing to create the right certificates associated)", - Type: []string{"array"}, - Items: &spec.SchemaOrArray{ - Schema: &spec.Schema{ - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - }, - }, - "includeJKS": { - SchemaProps: spec.SchemaProps{ - Description: "Whether or not the the operator also include a Java keystore format (JKS) with you secret", - Type: []string{"boolean"}, - Format: "", - }, - }, - }, - Required: []string{"secretName", "clusterRef"}, - }, - }, - Dependencies: []string{ - "./pkg/apis/nifi/v1alpha1.ClusterReference"}, - } -} - -func schema_pkg_apis_nifi_v1alpha1_NifiUserStatus(ref common.ReferenceCallback) common.OpenAPIDefinition { - return common.OpenAPIDefinition{ - Schema: spec.Schema{ - SchemaProps: spec.SchemaProps{ - Description: "NifiUserStatus defines the observed state of NifiUser", - Type: []string{"object"}, - Properties: map[string]spec.Schema{ - "state": { - SchemaProps: spec.SchemaProps{ - Type: []string{"string"}, - Format: "", - }, - }, - }, - Required: []string{"state"}, - }, - }, - } -} diff --git a/pkg/clientwrappers/accesspolicies/policies.go b/pkg/clientwrappers/accesspolicies/policies.go index dc2d0ff41..a5fa5b144 100644 --- a/pkg/clientwrappers/accesspolicies/policies.go +++ b/pkg/clientwrappers/accesspolicies/policies.go @@ -1,16 +1,16 @@ package accesspolicies import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" + "github.com/Orange-OpenSource/nifikop/pkg/common" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" + ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("accesspolicies-method") +var log = ctrl.Log.WithName("accesspolicies-method") func ExistAccessPolicies(client client.Client, accessPolicy *v1alpha1.AccessPolicy, cluster *v1alpha1.NifiCluster) (bool, error) { @@ -31,7 +31,6 @@ func ExistAccessPolicies(client client.Client, accessPolicy *v1alpha1.AccessPoli return entity != nil, nil } - func CreateAccessPolicy(client client.Client, accessPolicy *v1alpha1.AccessPolicy, cluster *v1alpha1.NifiCluster) (string, error) { @@ -93,7 +92,6 @@ func UpdateAccessPolicy( return clientwrappers.ErrorUpdateOperation(log, err, "Update user") } - func UpdateAccessPolicyEntity( client client.Client, entity *nigoapi.AccessPolicyEntity, @@ -120,7 +118,6 @@ func UpdateAccessPolicyEntity( return clientwrappers.ErrorUpdateOperation(log, err, "Update user") } - func updateAccessPolicyEntity( accessPolicy *v1alpha1.AccessPolicy, addUsers []*v1alpha1.NifiUser, @@ -143,8 +140,7 @@ func updateAccessPolicyEntity( } if entity.Component == nil { - entity.Component = &nigoapi.AccessPolicyDto{ - } + entity.Component = &nigoapi.AccessPolicyDto{} } entity.Component.Action = string(accessPolicy.Action) diff --git a/pkg/clientwrappers/dataflow/dataflow.go b/pkg/clientwrappers/dataflow/dataflow.go index d098ce8f5..21945af49 100644 --- a/pkg/clientwrappers/dataflow/dataflow.go +++ b/pkg/clientwrappers/dataflow/dataflow.go @@ -1,19 +1,19 @@ package dataflow import ( + "github.com/Orange-OpenSource/nifikop/pkg/common" + ctrl "sigs.k8s.io/controller-runtime" "strings" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("dataflow-method") +var log = ctrl.Log.WithName("dataflow-method") // DataflowExist check if the NifiDataflow exist on NiFi Cluster func DataflowExist(client client.Client, flow *v1alpha1.NifiDataflow, cluster *v1alpha1.NifiCluster) (bool, error) { @@ -250,8 +250,7 @@ func SyncDataflow( for _, pg := range processGroups { if parameterContext == nil { - pg.Component.ParameterContext = &nigoapi.ParameterContextReferenceEntity{ - } + pg.Component.ParameterContext = &nigoapi.ParameterContextReferenceEntity{} } else { pg.Component.ParameterContext = &nigoapi.ParameterContextReferenceEntity{ Id: parameterContext.Status.Id, @@ -320,8 +319,7 @@ func SyncDataflow( updateRequest2Status(updateRequest, t) } - if err := clientwrappers.ErrorGetOperation(log, err, "Get version-request"); - err != nificlient.ErrNifiClusterReturned404 || !updateRequest.Request.Complete { + if err := clientwrappers.ErrorGetOperation(log, err, "Get version-request"); err != nificlient.ErrNifiClusterReturned404 || !updateRequest.Request.Complete { if err != nil { return &flow.Status, err } @@ -331,7 +329,7 @@ func SyncDataflow( isOutOfSink, err := IsOutOfSyncDataflow(client, flow, cluster, registry, parameterContext) if err != nil { - return &flow.Status, err + return &flow.Status, err } if isOutOfSink { status, err := prepareUpdatePG(client, flow, cluster) @@ -400,7 +398,7 @@ func SyncDataflow( func prepareUpdatePG( client client.Client, flow *v1alpha1.NifiDataflow, - cluster *v1alpha1.NifiCluster, ) (*v1alpha1.NifiDataflowStatus, error) { + cluster *v1alpha1.NifiCluster) (*v1alpha1.NifiDataflowStatus, error) { nClient, err := common.NewNodeConnection(log, client, cluster) if err != nil { @@ -422,8 +420,7 @@ func prepareUpdatePG( dropRequest, err := nClient.GetDropRequest(flow.Status.LatestDropRequest.ConnectionId, flow.Status.LatestDropRequest.Id) - if err := clientwrappers.ErrorGetOperation(log, err, "Get drop-request"); - err != nificlient.ErrNifiClusterReturned404 { + if err := clientwrappers.ErrorGetOperation(log, err, "Get drop-request"); err != nificlient.ErrNifiClusterReturned404 { if err != nil { return nil, err } diff --git a/pkg/clientwrappers/parametercontext/parametercontext.go b/pkg/clientwrappers/parametercontext/parametercontext.go index 1fc7dde99..f0cbe9a70 100644 --- a/pkg/clientwrappers/parametercontext/parametercontext.go +++ b/pkg/clientwrappers/parametercontext/parametercontext.go @@ -1,18 +1,18 @@ package parametercontext import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" + "github.com/Orange-OpenSource/nifikop/pkg/common" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" corev1 "k8s.io/api/core/v1" + ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("parametercontext-method") +var log = ctrl.Log.WithName("parametercontext-method") func ExistParameterContext(client client.Client, parameterContext *v1alpha1.NifiParameterContext, cluster *v1alpha1.NifiCluster) (bool, error) { @@ -84,8 +84,7 @@ func SyncParameterContext( parameterContext.Status.LatestUpdateRequest = updateRequest2Status(updateRequest) } - if err := clientwrappers.ErrorGetOperation(log, err, "Get update-request"); - err != nificlient.ErrNifiClusterReturned404 { + if err := clientwrappers.ErrorGetOperation(log, err, "Get update-request"); err != nificlient.ErrNifiClusterReturned404 { if err != nil { return ¶meterContext.Status, err } @@ -241,8 +240,7 @@ func updateParameterContextEntity(parameterContext *v1alpha1.NifiParameterContex } if entity.Component == nil { - entity.Component = &nigoapi.ParameterContextDto{ - } + entity.Component = &nigoapi.ParameterContextDto{} } var parameters []nigoapi.ParameterEntity diff --git a/pkg/clientwrappers/registryclient/registryclient.go b/pkg/clientwrappers/registryclient/registryclient.go index 4fa4fbb81..f5c615094 100644 --- a/pkg/clientwrappers/registryclient/registryclient.go +++ b/pkg/clientwrappers/registryclient/registryclient.go @@ -1,16 +1,16 @@ package registryclient import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" + "github.com/Orange-OpenSource/nifikop/pkg/common" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" + ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("registryclient-method") +var log = ctrl.Log.WithName("registryclient-method") func ExistRegistryClient(client client.Client, registryClient *v1alpha1.NifiRegistryClient, cluster *v1alpha1.NifiCluster) (bool, error) { @@ -126,8 +126,7 @@ func updateRegistryClientEntity(registryClient *v1alpha1.NifiRegistryClient, ent } if entity.Component == nil { - entity.Component = &nigoapi.RegistryDto{ - } + entity.Component = &nigoapi.RegistryDto{} } entity.Component.Name = registryClient.Name diff --git a/pkg/clientwrappers/scale/scale.go b/pkg/clientwrappers/scale/scale.go index ca5a4f0b0..b6bfed176 100644 --- a/pkg/clientwrappers/scale/scale.go +++ b/pkg/clientwrappers/scale/scale.go @@ -16,19 +16,18 @@ package scale import ( "fmt" + ctrl "sigs.k8s.io/controller-runtime" "time" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" + "github.com/Orange-OpenSource/nifikop/pkg/common" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" "sigs.k8s.io/controller-runtime/pkg/client" - - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("scale-methods") +var log = ctrl.Log.WithName("scale-methods") // TODO : rework upscale to check that the node is connected before ending operation. // UpScaleCluster upscales Nifi cluster diff --git a/pkg/clientwrappers/user/user.go b/pkg/clientwrappers/user/user.go index 1291ef6b2..ec2f1ed4d 100644 --- a/pkg/clientwrappers/user/user.go +++ b/pkg/clientwrappers/user/user.go @@ -1,17 +1,17 @@ package user import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/accesspolicies" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" + "github.com/Orange-OpenSource/nifikop/pkg/common" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" + ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("user-method") +var log = ctrl.Log.WithName("user-method") func ExistUser(client client.Client, user *v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) (bool, error) { @@ -114,7 +114,7 @@ func SyncUser(client client.Client, user *v1alpha1.NifiUser, // Remove from access policy for _, entity := range entity.Component.AccessPolicies { contains := false - for _, accessPolicy := range user.Spec.AccessPolicies { + for _, accessPolicy := range user.Spec.AccessPolicies { if entity.Component.Action == string(accessPolicy.Action) && entity.Component.Resource == accessPolicy.GetResource(cluster) { contains = true @@ -125,9 +125,9 @@ func SyncUser(client client.Client, user *v1alpha1.NifiUser, if err := accesspolicies.UpdateAccessPolicyEntity(client, &nigoapi.AccessPolicyEntity{ Component: &nigoapi.AccessPolicyDto{ - Id: entity.Component.Id, + Id: entity.Component.Id, Resource: entity.Component.Resource, - Action: entity.Component.Action, + Action: entity.Component.Action, }, }, []*v1alpha1.NifiUser{}, []*v1alpha1.NifiUser{user}, @@ -138,7 +138,7 @@ func SyncUser(client client.Client, user *v1alpha1.NifiUser, } // add - for _, accessPolicy := range user.Spec.AccessPolicies { + for _, accessPolicy := range user.Spec.AccessPolicies { contains := false for _, entity := range entity.Component.AccessPolicies { if entity.Component.Action == string(accessPolicy.Action) && @@ -159,7 +159,7 @@ func SyncUser(client client.Client, user *v1alpha1.NifiUser, return &status, nil } -func RemoveUser(client client.Client, user *v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) error { +func RemoveUser(client client.Client, user *v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) error { nClient, err := common.NewNodeConnection(log, client, cluster) if err != nil { return err @@ -198,8 +198,7 @@ func updateUserEntity(user *v1alpha1.NifiUser, entity *nigoapi.UserEntity) { } if entity.Component == nil { - entity.Component = &nigoapi.UserDto{ - } + entity.Component = &nigoapi.UserDto{} } entity.Component.Identity = user.GetIdentity() diff --git a/pkg/clientwrappers/usergroup/usergroup.go b/pkg/clientwrappers/usergroup/usergroup.go index ec67ecf7a..fd02e429c 100644 --- a/pkg/clientwrappers/usergroup/usergroup.go +++ b/pkg/clientwrappers/usergroup/usergroup.go @@ -1,17 +1,17 @@ package usergroup import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/accesspolicies" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" + "github.com/Orange-OpenSource/nifikop/pkg/common" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" + ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("usergroup-method") +var log = ctrl.Log.WithName("usergroup-method") func ExistUserGroup(client client.Client, userGroup *v1alpha1.NifiUserGroup, cluster *v1alpha1.NifiCluster) (bool, error) { @@ -91,7 +91,6 @@ func SyncUserGroup(client client.Client, userGroup *v1alpha1.NifiUserGroup, user } } - if !userGroupIsSync(userGroup, users, entity) { updateUserGroupEntity(userGroup, users, entity) entity, err = nClient.UpdateUserGroup(*entity) @@ -107,7 +106,7 @@ func SyncUserGroup(client client.Client, userGroup *v1alpha1.NifiUserGroup, user // Remove from access policy for _, entity := range entity.Component.AccessPolicies { contains := false - for _, accessPolicy := range userGroup.Spec.AccessPolicies { + for _, accessPolicy := range userGroup.Spec.AccessPolicies { if entity.Component.Action == string(accessPolicy.Action) && entity.Component.Resource == accessPolicy.GetResource(cluster) { contains = true @@ -124,7 +123,7 @@ func SyncUserGroup(client client.Client, userGroup *v1alpha1.NifiUserGroup, user } // add - for _, accessPolicy := range userGroup.Spec.AccessPolicies { + for _, accessPolicy := range userGroup.Spec.AccessPolicies { contains := false for _, entity := range entity.Component.AccessPolicies { if entity.Component.Action == string(accessPolicy.Action) && @@ -205,8 +204,7 @@ func updateUserGroupEntity(userGroup *v1alpha1.NifiUserGroup, users []*v1alpha1. } if entity.Component == nil { - entity.Component = &nigoapi.UserGroupDto{ - } + entity.Component = &nigoapi.UserGroupDto{} } entity.Component.Identity = userGroup.GetIdentity() diff --git a/pkg/common/common.go b/pkg/common/common.go new file mode 100644 index 000000000..03d230766 --- /dev/null +++ b/pkg/common/common.go @@ -0,0 +1,26 @@ +package common + +import ( + "fmt" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" + "github.com/Orange-OpenSource/nifikop/pkg/nificlient" + "github.com/go-logr/logr" + "sigs.k8s.io/controller-runtime/pkg/client" +) + +// newNifiFromCluster points to the function for retrieving nifi clients, +// use as var so it can be overwritten from unit tests +var newNifiFromCluster = nificlient.NewFromCluster + +// newNodeConnection is a convenience wrapper for creating a node connection +// and creating a safer close function +func NewNodeConnection(log logr.Logger, client client.Client, cluster *v1alpha1.NifiCluster) (node nificlient.NifiClient, err error) { + + // Get a nifi connection + log.Info(fmt.Sprintf("Retrieving Nifi client for %s/%s", cluster.Namespace, cluster.Name)) + node, err = newNifiFromCluster(client, cluster) + if err != nil { + return + } + return +} diff --git a/pkg/controller/add_nificluster.go b/pkg/controller/add_nificluster.go deleted file mode 100644 index 4029a47e1..000000000 --- a/pkg/controller/add_nificluster.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import ( - "github.com/Orange-OpenSource/nifikop/pkg/controller/nificluster" -) - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, nificluster.Add) -} diff --git a/pkg/controller/add_nificlustertask.go b/pkg/controller/add_nificlustertask.go deleted file mode 100644 index 5150b29bb..000000000 --- a/pkg/controller/add_nificlustertask.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import ( - "github.com/Orange-OpenSource/nifikop/pkg/controller/nificlustertask" -) - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, nificlustertask.Add) -} diff --git a/pkg/controller/add_nifidataflow.go b/pkg/controller/add_nifidataflow.go deleted file mode 100644 index e518d2806..000000000 --- a/pkg/controller/add_nifidataflow.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import ( - "github.com/Orange-OpenSource/nifikop/pkg/controller/nifidataflow" -) - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, nifidataflow.Add) -} diff --git a/pkg/controller/add_nifiparametercontext.go b/pkg/controller/add_nifiparametercontext.go deleted file mode 100644 index 3131f9796..000000000 --- a/pkg/controller/add_nifiparametercontext.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import ( - "github.com/Orange-OpenSource/nifikop/pkg/controller/nifiparametercontext" -) - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, nifiparametercontext.Add) -} diff --git a/pkg/controller/add_nifiregistryclient.go b/pkg/controller/add_nifiregistryclient.go deleted file mode 100644 index 60fee427d..000000000 --- a/pkg/controller/add_nifiregistryclient.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import ( - "github.com/Orange-OpenSource/nifikop/pkg/controller/nifiregistryclient" -) - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, nifiregistryclient.Add) -} diff --git a/pkg/controller/add_nifiuser.go b/pkg/controller/add_nifiuser.go deleted file mode 100644 index 9f7bb9932..000000000 --- a/pkg/controller/add_nifiuser.go +++ /dev/null @@ -1,24 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import ( - "github.com/Orange-OpenSource/nifikop/pkg/controller/nifiuser" -) - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, nifiuser.Add) -} diff --git a/pkg/controller/add_nifiusergroup.go b/pkg/controller/add_nifiusergroup.go deleted file mode 100644 index 9b3016a90..000000000 --- a/pkg/controller/add_nifiusergroup.go +++ /dev/null @@ -1,22 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import "github.com/Orange-OpenSource/nifikop/pkg/controller/nifiusergroup" - -func init() { - // AddToManagerFuncs is a list of functions to create controllers and add them to a manager. - AddToManagerFuncs = append(AddToManagerFuncs, nifiusergroup.Add) -} diff --git a/pkg/controller/controller.go b/pkg/controller/controller.go deleted file mode 100644 index 4f7a52aab..000000000 --- a/pkg/controller/controller.go +++ /dev/null @@ -1,32 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package controller - -import ( - "sigs.k8s.io/controller-runtime/pkg/manager" -) - -// AddToManagerFuncs is a list of functions to add all Controllers to the Manager -var AddToManagerFuncs []func(manager.Manager, []string) error - -// AddToManager adds all Controllers to the Manager -func AddToManager(m manager.Manager, namespaces []string) error { - for _, f := range AddToManagerFuncs { - if err := f(m, namespaces); err != nil { - return err - } - } - return nil -} diff --git a/pkg/controller/nificluster/nificluster_controller.go b/pkg/controller/nificluster/nificluster_controller.go deleted file mode 100644 index 12f6efa63..000000000 --- a/pkg/controller/nificluster/nificluster_controller.go +++ /dev/null @@ -1,338 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package nificluster - -import ( - "context" - "fmt" - "time" - - "emperror.dev/errors" - "github.com/go-logr/logr" - v1alpha1 "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - common "github.com/Orange-OpenSource/nifikop/pkg/controller/common" - "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" - "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" - "github.com/Orange-OpenSource/nifikop/pkg/pki" - "github.com/Orange-OpenSource/nifikop/pkg/resources" - "github.com/Orange-OpenSource/nifikop/pkg/resources/nifi" - "github.com/Orange-OpenSource/nifikop/pkg/util" - corev1 "k8s.io/api/core/v1" - apiErrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/runtime" - ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/handler" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" -) - -var log = logf.Log.WithName("controller_nificluster") - -var clusterFinalizer = "finalizer.nificlusters.nifi.orange.com" -var clusterUsersFinalizer = "users.nificlusters.nifi.orange.com" - -// Add creates a new NifiCluster Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager, namespaces []string) error { - return add(mgr, newReconciler(mgr, namespaces)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager, namespaces []string) reconcile.Reconciler { - return &ReconcileNifiCluster{client: mgr.GetClient(), scheme: mgr.GetScheme(), DirectClient: mgr.GetAPIReader(), Namespaces: namespaces} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - c, err := controller.New("nificluster-controller", mgr, controller.Options{Reconciler: r}) - if err != nil { - return err - } - - // Watch for changes to primary resource NifiCluster - err = c.Watch(&source.Kind{Type: &v1alpha1.NifiCluster{}}, &handler.EnqueueRequestForObject{}) - if err != nil { - return err - } - - // Watch for changes to secondary resource Pods and requeue the owner NifiCluster - err = c.Watch(&source.Kind{Type: &corev1.Pod{}}, &handler.EnqueueRequestForOwner{ - IsController: true, - OwnerType: &v1alpha1.NifiCluster{}, - }) - if err != nil { - return err - } - - // Watch for changes to secondary resource ConfigMap and requeue the owner NifiCluster - err = c.Watch(&source.Kind{Type: &corev1.ConfigMap{}}, &handler.EnqueueRequestForOwner{ - IsController: true, - OwnerType: &v1alpha1.NifiCluster{}, - }) - if err != nil { - return err - } - - // Watch for changes to secondary resource PersistentVolumeClaim and requeue the owner NifiCluster - err = c.Watch(&source.Kind{Type: &corev1.PersistentVolumeClaim{}}, &handler.EnqueueRequestForOwner{ - IsController: true, - OwnerType: &v1alpha1.NifiCluster{}, - }) - if err != nil { - return err - } - - return nil -} - -// blank assignment to verify that ReconcileNifiCluster implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileNifiCluster{} - -// ReconcileNifiCluster reconciles a NifiCluster object -type ReconcileNifiCluster struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - client client.Client - DirectClient client.Reader - scheme *runtime.Scheme - Namespaces []string -} - -// Reconcile reads that state of the cluster for a NifiCluster object and makes changes based on the state read -// and what is in the NifiCluster.Spec -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileNifiCluster) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling NifiCluster") - - ctx := context.Background() - - // Fetch the NifiCluster instance - instance := &v1alpha1.NifiCluster{} - err := r.client.Get(ctx, request.NamespacedName, instance) - if err != nil { - if apiErrors.IsNotFound(err) { - // Request object not found, could have been deleted after reconcile request. - // Owned objects are automatically garbage collected. For additional cleanup logic use finalizers. - // Return and don't requeue - return common.Reconciled() - } - // Error reading the object - requeue the request. - return common.RequeueWithError(reqLogger, err.Error(), err) - } - - // Check if marked for deletion and run finalizers - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - return r.checkFinalizers(ctx, reqLogger, instance) - } - - // - if len(instance.Status.State) == 0 || instance.Status.State == v1alpha1.NifiClusterInitializing { - if err := k8sutil.UpdateCRStatus(r.client, instance, v1alpha1.NifiClusterInitializing, reqLogger); err != nil { - return common.RequeueWithError(log, err.Error(), err) - } - for nId := range instance.Spec.Nodes { - if err := k8sutil.UpdateNodeStatus(r.client, []string{fmt.Sprint(instance.Spec.Nodes[nId].Id)}, instance, v1alpha1.IsInitClusterNode, log); err != nil { - return common.RequeueWithError(log, err.Error(), err) - } - } - if err := k8sutil.UpdateCRStatus(r.client, instance, v1alpha1.NifiClusterInitialized, reqLogger); err != nil { - return common.RequeueWithError(log, err.Error(), err) - } - } - - if instance.Status.State != v1alpha1.NifiClusterRollingUpgrading { - if err := k8sutil.UpdateCRStatus(r.client, instance, v1alpha1.NifiClusterReconciling, reqLogger); err != nil { - return common.RequeueWithError(log, err.Error(), err) - } - } - - reconcilers := []resources.ComponentReconciler{ - nifi.New(r.client, r.DirectClient, r.scheme, instance), - } - - for _, rec := range reconcilers { - err = rec.Reconcile(reqLogger) - if err != nil { - switch errors.Cause(err).(type) { - case errorfactory.NodesUnreachable: - reqLogger.Info("Nodes unreachable, may still be starting up") - return reconcile.Result{ - RequeueAfter: time.Duration(15) * time.Second, - }, nil - case errorfactory.NodesNotReady: - reqLogger.Info("Nodes not ready, may still be starting up") - return reconcile.Result{ - RequeueAfter: time.Duration(15) * time.Second, - }, nil - case errorfactory.ResourceNotReady: - reqLogger.Info("A new resource was not found or may not be ready") - reqLogger.Info(err.Error()) - return reconcile.Result{ - RequeueAfter: time.Duration(7) * time.Second, - }, nil - case errorfactory.ReconcileRollingUpgrade: - reqLogger.Info("Rolling Upgrade in Progress") - return reconcile.Result{ - RequeueAfter: time.Duration(15) * time.Second, - }, nil - case errorfactory.NifiClusterNotReady: - return reconcile.Result{ - RequeueAfter: time.Duration(15) * time.Second, - }, nil - case errorfactory.NifiClusterTaskRunning: - return reconcile.Result{ - RequeueAfter: time.Duration(20) * time.Second, - }, nil - default: - return common.RequeueWithError(reqLogger, err.Error(), err) - } - } - } - - reqLogger.Info("ensuring finalizers on nificluster") - if instance, err = r.ensureFinalizers(ctx, instance); err != nil { - return common.RequeueWithError(log, "failed to ensure finalizers on nificluster instance", err) - } - - //Update rolling upgrade last successful state - if instance.Status.State == v1alpha1.NifiClusterRollingUpgrading { - if err := k8sutil.UpdateRollingUpgradeState(r.client, instance, time.Now(), reqLogger); err != nil { - return common.RequeueWithError(reqLogger, err.Error(), err) - } - } - - if err := k8sutil.UpdateCRStatus(r.client, instance, v1alpha1.NifiClusterRunning, reqLogger); err != nil { - return common.RequeueWithError(log, err.Error(), err) - } - - return common.Reconciled() -} - -func (r *ReconcileNifiCluster) checkFinalizers(ctx context.Context, log logr.Logger, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { - log.Info("NifiCluster is marked for deletion, checking for children") - - // If the main finalizer is gone then we've already finished up - if !util.StringSliceContains(cluster.GetFinalizers(), clusterFinalizer) { - return common.Reconciled() - } - - var err error - - var namespaces []string - if r.Namespaces == nil { - // Fetch a list of all namespaces for DeleteAllOf requests - namespaces = make([]string, 0) - var namespaceList corev1.NamespaceList - if err := r.client.List(ctx, &namespaceList); err != nil { - return common.RequeueWithError(log, "failed to get namespace list", err) - } - for _, ns := range namespaceList.Items { - namespaces = append(namespaces, ns.Name) - } - } else { - // use configured namespaces - namespaces = r.Namespaces - } - - if cluster.Spec.ListenersConfig.SSLSecrets != nil { - // If we haven't deleted all nifiusers yet, iterate namespaces and delete all nifiusers - // with the matching label. - if util.StringSliceContains(cluster.GetFinalizers(), clusterUsersFinalizer) { - log.Info(fmt.Sprintf("Sending delete nifiusers request to all namespaces for cluster %s/%s", cluster.Namespace, cluster.Name)) - for _, ns := range namespaces { - if err := r.client.DeleteAllOf( - ctx, - &v1alpha1.NifiUser{}, - client.InNamespace(ns), - client.MatchingLabels{common.ClusterRefLabel: common.ClusterLabelString(cluster)}, - ); err != nil { - if client.IgnoreNotFound(err) != nil { - return common.RequeueWithError(log, "failed to send delete request for children nifiusers", err) - } - log.Info(fmt.Sprintf("No matching nifiusers in namespace: %s", ns)) - } - } - if cluster, err = r.removeFinalizer(ctx, cluster, clusterUsersFinalizer); err != nil { - return common.RequeueWithError(log, "failed to remove users finalizer from nificluster", err) - } - } - - // Do any necessary PKI cleanup - a PKI backend should make sure any - // user finalizations are done before it does its final cleanup - log.Info("Tearing down any PKI resources for the nificluster") - if err = pki.GetPKIManager(r.client, cluster).FinalizePKI(ctx, log); err != nil { - switch err.(type) { - case errorfactory.ResourceNotReady: - log.Info("The PKI is not ready to be torn down") - return ctrl.Result{ - Requeue: true, - RequeueAfter: time.Duration(5) * time.Second, - }, nil - default: - return common.RequeueWithError(log, "failed to finalize PKI", err) - } - } - - } - - log.Info("Finalizing deletion of nificluster instance") - if _, err = r.removeFinalizer(ctx, cluster, clusterFinalizer); err != nil { - if client.IgnoreNotFound(err) == nil { - // We may have been a requeue from earlier with all conditions met - but with - // the state of the finalizer not yet reflected in the response we got. - return common.Reconciled() - } - return common.RequeueWithError(log, "failed to remove main finalizer", err) - } - - return reconcile.Result{}, nil -} - -func (r *ReconcileNifiCluster) removeFinalizer(ctx context.Context, cluster *v1alpha1.NifiCluster, finalizer string) (updated *v1alpha1.NifiCluster, err error) { - cluster.SetFinalizers(util.StringSliceRemove(cluster.GetFinalizers(), finalizer)) - return r.updateAndFetchLatest(ctx, cluster) -} - -func (r *ReconcileNifiCluster) updateAndFetchLatest(ctx context.Context, cluster *v1alpha1.NifiCluster) (*v1alpha1.NifiCluster, error) { - typeMeta := cluster.TypeMeta - err := r.client.Update(ctx, cluster) - if err != nil { - return nil, err - } - cluster.TypeMeta = typeMeta - return cluster, nil -} - -func (r *ReconcileNifiCluster) ensureFinalizers(ctx context.Context, cluster *v1alpha1.NifiCluster) (updated *v1alpha1.NifiCluster, err error) { - finalizers := []string{clusterFinalizer} - if cluster.Spec.ListenersConfig.SSLSecrets != nil { - finalizers = append(finalizers, clusterUsersFinalizer) - } - for _, finalizer := range finalizers { - if util.StringSliceContains(cluster.GetFinalizers(), finalizer) { - continue - } - cluster.SetFinalizers(append(cluster.GetFinalizers(), finalizer)) - } - return r.updateAndFetchLatest(ctx, cluster) -} diff --git a/pkg/controller/nifidataflow/nifidataflow_controller.go b/pkg/controller/nifidataflow/nifidataflow_controller.go deleted file mode 100644 index 3f9c946f3..000000000 --- a/pkg/controller/nifidataflow/nifidataflow_controller.go +++ /dev/null @@ -1,397 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package nifidataflow - -import ( - "context" - "reflect" - "time" - - "emperror.dev/errors" - "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/dataflow" - "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" - "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" - apierrors "k8s.io/apimachinery/pkg/api/errors" - - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" - "github.com/go-logr/logr" - - "github.com/Orange-OpenSource/nifikop/pkg/util" - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/handler" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" -) - -var log = logf.Log.WithName("controller_nifidataflow") - -var dataflowFinalizer = "finalizer.nifidataflows.nifi.orange.com" - -// Add creates a new NifiCluster Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager, namespaces []string) error { - return add(mgr, newReconciler(mgr)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileNifiDataflow{client: mgr.GetClient(), scheme: mgr.GetScheme()} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - c, err := controller.New("nifidataflow-controller", mgr, controller.Options{Reconciler: r}) - if err != nil { - return err - } - - // Watch for changes to primary resource NifiDataflow - err = c.Watch(&source.Kind{Type: &v1alpha1.NifiDataflow{}}, &handler.EnqueueRequestForObject{}) - if err != nil { - return err - } - - if err != nil { - if _, ok := err.(*meta.NoKindMatchError); !ok { - return err - } - } - - return nil -} - -// blank assignment to verify that ReconcileNifiDataflow implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileNifiDataflow{} - -// ReconcileNifiCluster reconciles a NifiDataflow object -type ReconcileNifiDataflow struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - client client.Client - scheme *runtime.Scheme -} - -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifidataflows,verbs=get;list;watch;create;update;patch;delete;deletecollection -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifidataflows/status,verbs=get;update;patch - -// Reconcile reads that state of the cluster for a NifiDataflow object and makes changes based on the state read -// and what is in the NifiDataflow.Spec -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileNifiDataflow) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling NifiDataflow") - var err error - - // Get a context for the request - ctx := context.Background() - - // Fetch the NifiDataflow instance - instance := &v1alpha1.NifiDataflow{} - if err = r.client.Get(ctx, request.NamespacedName, instance); err != nil { - if apierrors.IsNotFound(err) { - // Request object not found, could have been deleted after reconcile request. - return common.Reconciled() - } - // Error reading the object - requeue the request. - return common.RequeueWithError(reqLogger, err.Error(), err) - } - - // Ensure finalizer for cleanup on deletion - if !util.StringSliceContains(instance.GetFinalizers(), dataflowFinalizer) { - reqLogger.Info("Adding Finalizer for NifiDataflow") - instance.SetFinalizers(append(instance.GetFinalizers(), dataflowFinalizer)) - } - - // Push any changes - if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow", err) - } - - // Get the referenced NifiRegistryClient - var registryClient *v1alpha1.NifiRegistryClient - var registryClientNamespace string - if instance.Spec.RegistryClientRef != nil { - registryClientNamespace = - common.GetRegistryClientRefNamespace(instance.Namespace, *instance.Spec.RegistryClientRef) - - if registryClient, err = k8sutil.LookupNifiRegistryClient(r.client, - instance.Spec.RegistryClientRef.Name, registryClientNamespace); err != nil { - - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Registry client is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced registry client", err) - } - } - - var parameterContext *v1alpha1.NifiParameterContext - var parameterContextNamespace string - if instance.Spec.ParameterContextRef != nil { - parameterContextNamespace = - common.GetParameterContextRefNamespace(instance.Namespace, *instance.Spec.ParameterContextRef) - - if parameterContext, err = k8sutil.LookupNifiParameterContext(r.client, - instance.Spec.ParameterContextRef.Name, parameterContextNamespace); err != nil { - - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Parameter context is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced parameter-contest", err) - } - } - - // Check if cluster references are the same - clusterNamespace := common.GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) - if registryClient != nil && - (registryClientNamespace != clusterNamespace || - registryClient.Spec.ClusterRef.Name != instance.Spec.ClusterRef.Name || - (parameterContext != nil && - (parameterContextNamespace != clusterNamespace || - parameterContext.Spec.ClusterRef.Name != instance.Spec.ClusterRef.Name))) { - - return common.RequeueWithError( - reqLogger, - "failed to lookup referenced cluster, due to inconsistency", - errors.New("inconsistent cluster references")) - } - - var cluster *v1alpha1.NifiCluster - if cluster, err = k8sutil.LookupNifiCluster(r.client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Cluster is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced cluster", err) - } - - // Check if marked for deletion and if so run finalizers - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - return r.checkFinalizers(ctx, reqLogger, instance, cluster) - } - - if instance.Spec.GetRunOnce() && instance.Status.State == v1alpha1.DataflowStateRan { - return common.Reconciled() - } - - // Check if the dataflow already exist - existing, err := dataflow.DataflowExist(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure checking for existing dataflow", err) - } - - // Create dataflow if it doesn't already exist - if !existing { - - processGroupStatus, err := dataflow.CreateDataflow(r.client, instance, cluster, registryClient) - if err != nil { - return common.RequeueWithError(reqLogger, "failure creating dataflow", err) - } - - // Set dataflow status - instance.Status = *processGroupStatus - instance.Status.State = v1alpha1.DataflowStateCreated - - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow status", err) - } - - existing = true - } - - // In case where the flow is not sync - if instance.Status.State == v1alpha1.DataflowStateOutOfSync { - status, err := dataflow.SyncDataflow(r.client, instance, cluster, registryClient, parameterContext) - if status != nil { - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow status", err) - } - } - if err != nil { - switch errors.Cause(err).(type) { - case errorfactory.NifiConnectionDropping, - errorfactory.NifiFlowUpdateRequestRunning, - errorfactory.NifiFlowDraining, - errorfactory.NifiFlowControllerServiceScheduling, - errorfactory.NifiFlowScheduling, errorfactory.NifiFlowSyncing: - return reconcile.Result{ - RequeueAfter: time.Duration(5) * time.Second, - }, nil - default: - return common.RequeueWithError(reqLogger, "failed to sync NiFiDataflow", err) - } - } - - instance.Status.State = v1alpha1.DataflowStateInSync - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow status", err) - } - } - - // Check if the flow is out of sync - isOutOfSink, err := dataflow.IsOutOfSyncDataflow(r.client, instance, cluster, registryClient, parameterContext) - if err != nil { - return common.RequeueWithError(reqLogger, "failed to check NifiDataflow sync", err) - } - - if isOutOfSink { - instance.Status.State = v1alpha1.DataflowStateOutOfSync - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow status", err) - } - return common.Requeue() - } - - // Schedule the flow - if instance.Status.State == v1alpha1.DataflowStateCreated || - instance.Status.State == v1alpha1.DataflowStateStarting || - instance.Status.State == v1alpha1.DataflowStateInSync || - (!instance.Spec.GetRunOnce() && instance.Status.State == v1alpha1.DataflowStateRan) { - - instance.Status.State = v1alpha1.DataflowStateStarting - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow status", err) - } - - if err := dataflow.ScheduleDataflow(r.client, instance, cluster); err != nil { - switch errors.Cause(err).(type) { - case errorfactory.NifiFlowControllerServiceScheduling, errorfactory.NifiFlowScheduling: - return common.RequeueAfter(time.Duration(5) * time.Second) - default: - return common.RequeueWithError(reqLogger, "failed to run NifiDataflow", err) - } - } - - instance.Status.State = v1alpha1.DataflowStateRan - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow status", err) - } - } - - // Ensure NifiCluster label - if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to ensure NifiCluster label on dataflow", err) - } - - // Push any changes - if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiDataflow", err) - } - - reqLogger.Info("Ensured Dataflow") - - if instance.Spec.GetRunOnce() { - return common.Reconciled() - } - - return common.RequeueAfter(time.Duration(5) * time.Second) -} - -func (r *ReconcileNifiDataflow) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, - flow *v1alpha1.NifiDataflow) (*v1alpha1.NifiDataflow, error) { - - labels := common.ApplyClusterRefLabel(cluster, flow.GetLabels()) - if !reflect.DeepEqual(labels, flow.GetLabels()) { - flow.SetLabels(labels) - return r.updateAndFetchLatest(ctx, flow) - } - return flow, nil -} - -func (r *ReconcileNifiDataflow) updateAndFetchLatest(ctx context.Context, - flow *v1alpha1.NifiDataflow) (*v1alpha1.NifiDataflow, error) { - - typeMeta := flow.TypeMeta - err := r.client.Update(ctx, flow) - if err != nil { - return nil, err - } - flow.TypeMeta = typeMeta - return flow, nil -} - -func (r *ReconcileNifiDataflow) checkFinalizers(ctx context.Context, reqLogger logr.Logger, - flow *v1alpha1.NifiDataflow, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { - - reqLogger.Info("NiFi dataflow is marked for deletion") - var err error - if util.StringSliceContains(flow.GetFinalizers(), dataflowFinalizer) { - if err = r.finalizeNifiDataflow(reqLogger, flow, cluster); err != nil { - switch errors.Cause(err).(type) { - case errorfactory.NifiConnectionDropping, errorfactory.NifiFlowDraining: - return common.RequeueAfter(time.Duration(5) * time.Second) - default: - return common.RequeueWithError(reqLogger, "failed to finalize NiFiDataflow", err) - } - } - if err = r.removeFinalizer(ctx, flow); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer from dataflow", err) - } - } - return common.Reconciled() -} - -func (r *ReconcileNifiDataflow) removeFinalizer(ctx context.Context, flow *v1alpha1.NifiDataflow) error { - flow.SetFinalizers(util.StringSliceRemove(flow.GetFinalizers(), dataflowFinalizer)) - _, err := r.updateAndFetchLatest(ctx, flow) - return err -} - -func (r *ReconcileNifiDataflow) finalizeNifiDataflow(reqLogger logr.Logger, flow *v1alpha1.NifiDataflow, - cluster *v1alpha1.NifiCluster) error { - - exists, err := dataflow.DataflowExist(r.client, flow, cluster) - if err != nil { - return err - } - - if exists { - if _, err = dataflow.RemoveDataflow(r.client, flow, cluster); err != nil { - return err - } - reqLogger.Info("Delete dataflow") - } - - return nil -} diff --git a/pkg/controller/nifiparametercontext/nifiparametercontext_controller.go b/pkg/controller/nifiparametercontext/nifiparametercontext_controller.go deleted file mode 100644 index 2b6c07473..000000000 --- a/pkg/controller/nifiparametercontext/nifiparametercontext_controller.go +++ /dev/null @@ -1,282 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package nifiparametercontext - -import ( - "context" - "reflect" - "time" - - "emperror.dev/errors" - "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/parametercontext" - "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" - "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" - corev1 "k8s.io/api/core/v1" - apierrors "k8s.io/apimachinery/pkg/api/errors" - - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" - "github.com/go-logr/logr" - - "github.com/Orange-OpenSource/nifikop/pkg/util" - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/handler" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" -) - -var log = logf.Log.WithName("controller_nifiparametercontext") - -var parameterContextFinalizer = "finalizer.nifiparametercontexts.nifi.orange.com" - -// Add creates a new NifiParameterContext Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager, namespaces []string) error { - return add(mgr, newReconciler(mgr)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileNifiParameterContext{client: mgr.GetClient(), scheme: mgr.GetScheme()} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - c, err := controller.New("nifiparametercontext-controller", mgr, controller.Options{Reconciler: r}) - if err != nil { - return err - } - - // Watch for changes to primary resource NifiParameterContext - err = c.Watch(&source.Kind{Type: &v1alpha1.NifiParameterContext{}}, &handler.EnqueueRequestForObject{}) - if err != nil { - return err - } - - if err != nil { - if _, ok := err.(*meta.NoKindMatchError); !ok { - return err - } - } - - return nil -} - -// blank assignment to verify that ReconcileNifiParameterContext implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileNifiParameterContext{} - -// ReconcileNifiParameterContext reconciles a NifiParameterContext object -type ReconcileNifiParameterContext struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - client client.Client - scheme *runtime.Scheme -} - -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiparametercontexts,verbs=get;list;watch;create;update;patch;delete;deletecollection -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiparametercontexts/status,verbs=get;update;patch - -// Reconcile reads that state of the parameter context for a NifiParameterContext object and makes changes based on the state read -// and what is in the NifiParameterContext.Spec -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileNifiParameterContext) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling NifiParameterContext") - var err error - - // Get a context for the request - ctx := context.Background() - - // Fetch the NifiParameterContext instance - instance := &v1alpha1.NifiParameterContext{} - if err = r.client.Get(ctx, request.NamespacedName, instance); err != nil { - if apierrors.IsNotFound(err) { - // Request object not found, could have been deleted after reconcile request. - return common.Reconciled() - } - // Error reading the object - requeue the request. - return common.RequeueWithError(reqLogger, err.Error(), err) - } - - // Get the referenced secrets - var parameterSecrets []*corev1.Secret - for _, parameterSecret := range instance.Spec.SecretRefs { - secretNamespace := common.GetSecretRefNamespace(instance.Namespace, parameterSecret) - var secret *corev1.Secret - if secret, err = k8sutil.LookupSecret(r.client, parameterSecret.Name, secretNamespace); err != nil { - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Secret is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced secret", err) - } - parameterSecrets = append(parameterSecrets, secret) - } - - // Get the referenced NifiCluster - clusterNamespace := common.GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) - var cluster *v1alpha1.NifiCluster - if cluster, err = k8sutil.LookupNifiCluster(r.client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Cluster is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced cluster", err) - } - - // Check if marked for deletion and if so run finalizers - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - return r.checkFinalizers(ctx, reqLogger, instance, parameterSecrets, cluster) - } - - // Check if the NiFi registry client already exist - exist, err := parametercontext.ExistParameterContext(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure checking for existing parameter context", err) - } - - if !exist { - // Create NiFi parameter context - status, err := parametercontext.CreateParameterContext(r.client, instance, parameterSecrets, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure creating parameter context", err) - } - - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiParameterContext status", err) - } - } - - // Sync ParameterContext resource with NiFi side component - status, err := parametercontext.SyncParameterContext(r.client, instance, parameterSecrets, cluster) - if status != nil { - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiParameterContext status", err) - } - } - if err != nil { - switch errors.Cause(err).(type) { - case errorfactory.NifiParameterContextUpdateRequestRunning: - return common.RequeueAfter(time.Duration(5) * time.Second) - default: - return common.RequeueWithError(reqLogger, "failed to sync NifiParameterContext", err) - } - } - - // Ensure NifiCluster label - if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to ensure NifiCluster label on parameter context", err) - } - - // Ensure finalizer for cleanup on deletion - if !util.StringSliceContains(instance.GetFinalizers(), parameterContextFinalizer) { - reqLogger.Info("Adding Finalizer for NifiParameterContext") - instance.SetFinalizers(append(instance.GetFinalizers(), parameterContextFinalizer)) - } - - // Push any changes - if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiParameterContext", err) - } - - reqLogger.Info("Ensured Parameter Context") - - return common.RequeueAfter(time.Duration(15) * time.Second) -} - -func (r *ReconcileNifiParameterContext) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, - parameterContext *v1alpha1.NifiParameterContext) (*v1alpha1.NifiParameterContext, error) { - - labels := common.ApplyClusterRefLabel(cluster, parameterContext.GetLabels()) - if !reflect.DeepEqual(labels, parameterContext.GetLabels()) { - parameterContext.SetLabels(labels) - return r.updateAndFetchLatest(ctx, parameterContext) - } - return parameterContext, nil -} - -func (r *ReconcileNifiParameterContext) updateAndFetchLatest(ctx context.Context, - parameterContext *v1alpha1.NifiParameterContext) (*v1alpha1.NifiParameterContext, error) { - - typeMeta := parameterContext.TypeMeta - err := r.client.Update(ctx, parameterContext) - if err != nil { - return nil, err - } - parameterContext.TypeMeta = typeMeta - return parameterContext, nil -} - -func (r *ReconcileNifiParameterContext) checkFinalizers( - ctx context.Context, - reqLogger logr.Logger, - parameterContext *v1alpha1.NifiParameterContext, - parameterSecrets []*corev1.Secret, - cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { - - reqLogger.Info("NiFi parameter context is marked for deletion") - var err error - if util.StringSliceContains(parameterContext.GetFinalizers(), parameterContextFinalizer) { - if err = r.finalizeNifiParameterContext(reqLogger, parameterContext, parameterSecrets, cluster); err != nil { - return common.RequeueWithError(reqLogger, "failed to finalize parameter context", err) - } - if err = r.removeFinalizer(ctx, parameterContext); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer from parameter context", err) - } - } - return common.Reconciled() -} - -func (r *ReconcileNifiParameterContext) removeFinalizer(ctx context.Context, flow *v1alpha1.NifiParameterContext) error { - flow.SetFinalizers(util.StringSliceRemove(flow.GetFinalizers(), parameterContextFinalizer)) - _, err := r.updateAndFetchLatest(ctx, flow) - return err -} - -func (r *ReconcileNifiParameterContext) finalizeNifiParameterContext( - reqLogger logr.Logger, - parameterContext *v1alpha1.NifiParameterContext, - parameterSecrets []*corev1.Secret, - cluster *v1alpha1.NifiCluster) error { - - if err := parametercontext.RemoveParameterContext(r.client, parameterContext, parameterSecrets, cluster); err != nil { - return err - } - reqLogger.Info("Delete Registry client") - - return nil -} diff --git a/pkg/controller/nifiregistryclient/nifiregistryclient_controller.go b/pkg/controller/nifiregistryclient/nifiregistryclient_controller.go deleted file mode 100644 index 1d0515eca..000000000 --- a/pkg/controller/nifiregistryclient/nifiregistryclient_controller.go +++ /dev/null @@ -1,245 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package nifiregistryclient - -import ( - "context" - "reflect" - "time" - - "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/registryclient" - "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" - apierrors "k8s.io/apimachinery/pkg/api/errors" - - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" - "github.com/go-logr/logr" - - "github.com/Orange-OpenSource/nifikop/pkg/util" - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/handler" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" -) - -var log = logf.Log.WithName("controller_nifiregistryclient") - -var registryClientFinalizer = "finalizer.nifiregistryclients.nifi.orange.com" - -// Add creates a new NifiRegistryClient Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager, namespaces []string) error { - return add(mgr, newReconciler(mgr)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileNifiRegistryClient{client: mgr.GetClient(), scheme: mgr.GetScheme()} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - c, err := controller.New("nifiregistryclient-controller", mgr, controller.Options{Reconciler: r}) - if err != nil { - return err - } - - // Watch for changes to primary resource NifiRegistryClient - err = c.Watch(&source.Kind{Type: &v1alpha1.NifiRegistryClient{}}, &handler.EnqueueRequestForObject{}) - if err != nil { - return err - } - - if err != nil { - if _, ok := err.(*meta.NoKindMatchError); !ok { - return err - } - } - - return nil -} - -// blank assignment to verify that ReconcileNifiRegistryClient implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileNifiRegistryClient{} - -// ReconcileNifiRegistryClient reconciles a NifiRegistryClient object -type ReconcileNifiRegistryClient struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - client client.Client - scheme *runtime.Scheme -} - -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiregistryclients,verbs=get;list;watch;create;update;patch;delete;deletecollection -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiregistryclients/status,verbs=get;update;patch - -// Reconcile reads that state of the registry client for a NifiRegistryClient object and makes changes based on the state read -// and what is in the NifiRegistryClient.Spec -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileNifiRegistryClient) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling NifiRegistryClient") - var err error - - // Get a context for the request - ctx := context.Background() - - // Fetch the NifiRegistryClient instance - instance := &v1alpha1.NifiRegistryClient{} - if err = r.client.Get(ctx, request.NamespacedName, instance); err != nil { - if apierrors.IsNotFound(err) { - // Request object not found, could have been deleted after reconcile request. - return common.Reconciled() - } - // Error reading the object - requeue the request. - return common.RequeueWithError(reqLogger, err.Error(), err) - } - - // Get the referenced NifiCluster - clusterNamespace := common.GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) - var cluster *v1alpha1.NifiCluster - if cluster, err = k8sutil.LookupNifiCluster(r.client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Cluster is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced cluster", err) - } - - // Check if marked for deletion and if so run finalizers - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - return r.checkFinalizers(ctx, reqLogger, instance, cluster) - } - - // Check if the NiFi registry client already exist - exist, err := registryclient.ExistRegistryClient(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure checking for existing registry client", err) - } - - if !exist { - // Create NiFi registry client - status, err := registryclient.CreateRegistryClient(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure creating registry client", err) - } - - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiRegistryClient status", err) - } - } - - // Sync RegistryClient resource with NiFi side component - status, err := registryclient.SyncRegistryClient(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failed to sync NifiRegistryClient", err) - } - - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiRegistryClient status", err) - } - - // Ensure NifiCluster label - if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to ensure NifiCluster label on registry client", err) - } - - // Ensure finalizer for cleanup on deletion - if !util.StringSliceContains(instance.GetFinalizers(), registryClientFinalizer) { - reqLogger.Info("Adding Finalizer for NifiRegistryClient") - instance.SetFinalizers(append(instance.GetFinalizers(), registryClientFinalizer)) - } - - // Push any changes - if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiRegistryClient", err) - } - - reqLogger.Info("Ensured Registry Client") - - return common.RequeueAfter(time.Duration(15) * time.Second) -} - -func (r *ReconcileNifiRegistryClient) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, - registryClient *v1alpha1.NifiRegistryClient) (*v1alpha1.NifiRegistryClient, error) { - - labels := common.ApplyClusterRefLabel(cluster, registryClient.GetLabels()) - if !reflect.DeepEqual(labels, registryClient.GetLabels()) { - registryClient.SetLabels(labels) - return r.updateAndFetchLatest(ctx, registryClient) - } - return registryClient, nil -} - -func (r *ReconcileNifiRegistryClient) updateAndFetchLatest(ctx context.Context, - registryClient *v1alpha1.NifiRegistryClient) (*v1alpha1.NifiRegistryClient, error) { - - typeMeta := registryClient.TypeMeta - err := r.client.Update(ctx, registryClient) - if err != nil { - return nil, err - } - registryClient.TypeMeta = typeMeta - return registryClient, nil -} - -func (r *ReconcileNifiRegistryClient) checkFinalizers(ctx context.Context, reqLogger logr.Logger, - registryClient *v1alpha1.NifiRegistryClient, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { - - reqLogger.Info("NiFi registry client is marked for deletion") - var err error - if util.StringSliceContains(registryClient.GetFinalizers(), registryClientFinalizer) { - if err = r.finalizeNifiRegistryClient(reqLogger, registryClient, cluster); err != nil { - return common.RequeueWithError(reqLogger, "failed to finalize nifiregistryclient", err) - } - if err = r.removeFinalizer(ctx, registryClient); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer from nifiregistryclient", err) - } - } - return common.Reconciled() -} - -func (r *ReconcileNifiRegistryClient) removeFinalizer(ctx context.Context, registryClient *v1alpha1.NifiRegistryClient) error { - registryClient.SetFinalizers(util.StringSliceRemove(registryClient.GetFinalizers(), registryClientFinalizer)) - _, err := r.updateAndFetchLatest(ctx, registryClient) - return err -} - -func (r *ReconcileNifiRegistryClient) finalizeNifiRegistryClient(reqLogger logr.Logger, registryClient *v1alpha1.NifiRegistryClient, - cluster *v1alpha1.NifiCluster) error { - - if err := registryclient.RemoveRegistryClient(r.client, registryClient, cluster); err != nil { - return err - } - reqLogger.Info("Delete Registry client") - - return nil -} diff --git a/pkg/controller/nifiuser/nifiuser_controller.go b/pkg/controller/nifiuser/nifiuser_controller.go deleted file mode 100644 index 36f322d1a..000000000 --- a/pkg/controller/nifiuser/nifiuser_controller.go +++ /dev/null @@ -1,329 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package nifiuser - -import ( - "context" - "reflect" - "time" - - "emperror.dev/errors" - certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" - - v1alpha1 "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - usercli "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/user" - common "github.com/Orange-OpenSource/nifikop/pkg/controller/common" - "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" - "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" - "github.com/Orange-OpenSource/nifikop/pkg/pki" - "github.com/go-logr/logr" - - "github.com/Orange-OpenSource/nifikop/pkg/util" - apierrors "k8s.io/apimachinery/pkg/api/errors" - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/runtime" - ctrl "sigs.k8s.io/controller-runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/handler" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" -) - -var log = logf.Log.WithName("controller_nifiuser") - -var userFinalizer = "finalizer.nifiusers.nifi.orange.com" - -// Add creates a new NifiCluster Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager, namespaces []string) error { - return add(mgr, newReconciler(mgr)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileNifiUser{client: mgr.GetClient(), scheme: mgr.GetScheme()} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - c, err := controller.New("nifiuser-controller", mgr, controller.Options{Reconciler: r}) - if err != nil { - return err - } - - // Watch for changes to primary resource NifiUser - err = c.Watch(&source.Kind{Type: &v1alpha1.NifiUser{}}, &handler.EnqueueRequestForObject{}) - if err != nil { - return err - } - - // Watch for changes to secondary resource Pods and requeue the owner NifiUser - err = c.Watch(&source.Kind{Type: &certv1.Certificate{}}, &handler.EnqueueRequestForOwner{ - IsController: true, - OwnerType: &v1alpha1.NifiUser{}, - }) - if err != nil { - if _, ok := err.(*meta.NoKindMatchError); !ok { - return err - } - } - - return nil -} - -// blank assignment to verify that ReconcileNifiUser implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileNifiUser{} - -// ReconcileNifiCluster reconciles a NifiUser object -type ReconcileNifiUser struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - client client.Client - scheme *runtime.Scheme -} - -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusers,verbs=get;list;watch;create;update;patch;delete;deletecollection -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusers/status,verbs=get;update;patch -// +kubebuilder:rbac:groups=cert-manager.io,resources=certificates,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=cert-manager.io,resources=issuers,verbs=get;list;watch;create;update;patch;delete -// +kubebuilder:rbac:groups=cert-manager.io,resources=clusterissuers,verbs=get;list;watch;create;update;patch;delete - -// Reconcile reads that state of the cluster for a NifiUser object and makes changes based on the state read -// and what is in the NifiUser.Spec -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileNifiUser) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling NifiUser") - var err error - - // create a context for the request - ctx := context.Background() - - // Fetch the NifiUser instance - instance := &v1alpha1.NifiUser{} - if err = r.client.Get(ctx, request.NamespacedName, instance); err != nil { - if apierrors.IsNotFound(err) { - // Request object not found, could have been deleted after reconcile request. - return common.Reconciled() - } - // Error reading the object - requeue the request. - return common.RequeueWithError(reqLogger, err.Error(), err) - } - - // Get the referenced NifiCluster - clusterNamespace := common.GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) - var cluster *v1alpha1.NifiCluster - if cluster, err = k8sutil.LookupNifiCluster(r.client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Cluster is gone already, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer from NifiUser", err) - } - return common.Reconciled() - } - return common.RequeueWithError(reqLogger, "failed to lookup referenced cluster", err) - } - // Avoid panic if the user wants to create a nifi user but the cluster is in plaintext mode - // TODO: refactor this and use webhook to validate if the cluster is eligible to create a nifi user - if cluster.Spec.ListenersConfig.SSLSecrets == nil { - return common.RequeueWithError(reqLogger, "could not create Nifi user since cluster does not use ssl", errors.New("failed to create Nifi user")) - } - - pkiManager := pki.GetPKIManager(r.client, cluster) - - if instance.Spec.GetCreateCert() { - - // Reconcile no matter what to get a user certificate instance for ACL management - // TODO (tinyzimmer): This can go wrong if the user made a mistake in their secret path - // using the vault backend, then tried to delete and fix it. Should probably - // have the PKIManager export a GetUserCertificate specifically for deletions - // that will allow the error to fall through if the certificate doesn't exist. - _, err := pkiManager.ReconcileUserCertificate(ctx, instance, r.scheme) - if err != nil { - switch errors.Cause(err).(type) { - case errorfactory.ResourceNotReady: - reqLogger.Info("generated secret not found, may not be ready") - return ctrl.Result{ - Requeue: true, - RequeueAfter: time.Duration(5) * time.Second, - }, nil - case errorfactory.FatalReconcileError: - // TODO: (tinyzimmer) - Sleep for longer for now to give user time to see the error - // But really we should catch these kinds of issues in a pre-admission hook in a future PR - // The user can fix while this is looping and it will pick it up next reconcile attempt - reqLogger.Error(err, "Fatal error attempting to reconcile the user certificate. If using vault perhaps a permissions issue or improperly configured PKI?") - return ctrl.Result{ - Requeue: true, - RequeueAfter: time.Duration(15) * time.Second, - }, nil - case errorfactory.VaultAPIFailure: - // Same as above in terms of things that could be checked pre-flight on the cluster - reqLogger.Error(err, "Vault API error attempting to reconcile the user certificate. If using vault perhaps a permissions issue or improperly configured PKI?") - return ctrl.Result{ - Requeue: true, - RequeueAfter: time.Duration(15) * time.Second, - }, nil - default: - return common.RequeueWithError(reqLogger, "failed to reconcile user secret", err) - } - } - } - - // check if marked for deletion - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Nifi user is marked for deletion, revoking certificates") - if err = pkiManager.FinalizeUserCertificate(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to finalize user certificate", err) - } - return r.checkFinalizers(ctx, reqLogger, instance, cluster) - } - - // Check if the NiFi user already exist - exist, err := usercli.ExistUser(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure checking for existing registry client", err) - } - - if !exist { - var status *v1alpha1.NifiUserStatus - - status, err = usercli.FindUserByIdentity(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure finding user", err) - } - - if status == nil { - // Create NiFi registry client - status, err = usercli.CreateUser(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure creating user", err) - } - } - - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiUser status", err) - } - } - - // Sync user resource with NiFi side component - status, err := usercli.SyncUser(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failed to sync NifiUser", err) - } - - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiRegistryClient status", err) - } - - // ensure a NifiCluster label - if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to ensure NifiCluster label on user", err) - } - - // ensure a finalizer for cleanup on deletion - if !util.StringSliceContains(instance.GetFinalizers(), userFinalizer) { - r.addFinalizer(reqLogger, instance) - if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiUser with finalizer", err) - } - } - - // Push any changes - if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiUser", err) - } - - reqLogger.Info("Ensured user") - - return common.RequeueAfter(time.Duration(15) * time.Second) - - // set user status - //instance.Status = v1alpha1.NifiUserStatus{ - // State: v1alpha1.UserStateCreated, - //} - //if err := r.client.Status().Update(ctx, instance); err != nil { - // return common.RequeueWithError(reqLogger, "failed to update NifiUser status", err) - //} - - //return common.Reconciled() -} - -func (r *ReconcileNifiUser) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, user *v1alpha1.NifiUser) (*v1alpha1.NifiUser, error) { - labels := common.ApplyClusterRefLabel(cluster, user.GetLabels()) - if !reflect.DeepEqual(labels, user.GetLabels()) { - user.SetLabels(labels) - return r.updateAndFetchLatest(ctx, user) - } - return user, nil -} - -func (r *ReconcileNifiUser) updateAndFetchLatest(ctx context.Context, user *v1alpha1.NifiUser) (*v1alpha1.NifiUser, error) { - typeMeta := user.TypeMeta - err := r.client.Update(ctx, user) - if err != nil { - return nil, err - } - user.TypeMeta = typeMeta - return user, nil -} - -func (r *ReconcileNifiUser) checkFinalizers(ctx context.Context, reqLogger logr.Logger, user *v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { - reqLogger.Info("NiFi user is marked for deletion") - var err error - if util.StringSliceContains(user.GetFinalizers(), userFinalizer) { - if err = r.finalizeNifiUser(reqLogger, user, cluster); err != nil { - return common.RequeueWithError(reqLogger, "failed to finalize nifiuser", err) - } - // remove finalizer - if err = r.removeFinalizer(ctx, user); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer from NifiUser", err) - } - } - return common.Reconciled() -} - -func (r *ReconcileNifiUser) removeFinalizer(ctx context.Context, user *v1alpha1.NifiUser) error { - user.SetFinalizers(util.StringSliceRemove(user.GetFinalizers(), userFinalizer)) - _, err := r.updateAndFetchLatest(ctx, user) - return err -} - -func (r *ReconcileNifiUser) finalizeNifiUser(reqLogger logr.Logger, user *v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) error { - if k8sutil.IsMarkedForDeletion(cluster.ObjectMeta) { - reqLogger.Info("Cluster is being deleted, skipping deletion") - return nil - } - - if err := usercli.RemoveUser(r.client, user, cluster); err != nil { - return err - } - reqLogger.Info("Delete user") - return nil -} - -func (r *ReconcileNifiUser) addFinalizer(reqLogger logr.Logger, user *v1alpha1.NifiUser) { - reqLogger.Info("Adding Finalizer for the NifiUser") - user.SetFinalizers(append(user.GetFinalizers(), userFinalizer)) - return -} diff --git a/pkg/controller/nifiusergroup/nifiusergroup_controller.go b/pkg/controller/nifiusergroup/nifiusergroup_controller.go deleted file mode 100644 index 1f5533d00..000000000 --- a/pkg/controller/nifiusergroup/nifiusergroup_controller.go +++ /dev/null @@ -1,281 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package nifiusergroup - -import ( - "context" - "reflect" - "time" - - "emperror.dev/errors" - "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/usergroup" - "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" - apierrors "k8s.io/apimachinery/pkg/api/errors" - - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - "github.com/Orange-OpenSource/nifikop/pkg/controller/common" - "github.com/go-logr/logr" - - "github.com/Orange-OpenSource/nifikop/pkg/util" - "k8s.io/apimachinery/pkg/api/meta" - "k8s.io/apimachinery/pkg/runtime" - "sigs.k8s.io/controller-runtime/pkg/client" - "sigs.k8s.io/controller-runtime/pkg/controller" - "sigs.k8s.io/controller-runtime/pkg/handler" - logf "sigs.k8s.io/controller-runtime/pkg/log" - "sigs.k8s.io/controller-runtime/pkg/manager" - "sigs.k8s.io/controller-runtime/pkg/reconcile" - "sigs.k8s.io/controller-runtime/pkg/source" -) - -var log = logf.Log.WithName("controller_nifiusergroup") - -var registryClientFinalizer = "finalizer.nifiusergroups.nifi.orange.com" - -// Add creates a new NifiUserGroup Controller and adds it to the Manager. The Manager will set fields on the Controller -// and Start it when the Manager is Started. -func Add(mgr manager.Manager, namespaces []string) error { - return add(mgr, newReconciler(mgr)) -} - -// newReconciler returns a new reconcile.Reconciler -func newReconciler(mgr manager.Manager) reconcile.Reconciler { - return &ReconcileNifiUserGroup{client: mgr.GetClient(), scheme: mgr.GetScheme()} -} - -// add adds a new Controller to mgr with r as the reconcile.Reconciler -func add(mgr manager.Manager, r reconcile.Reconciler) error { - // Create a new controller - c, err := controller.New("nifiusergroup-controller", mgr, controller.Options{Reconciler: r}) - if err != nil { - return err - } - - // Watch for changes to primary resource NifiUserGRoup - err = c.Watch(&source.Kind{Type: &v1alpha1.NifiUserGroup{}}, &handler.EnqueueRequestForObject{}) - if err != nil { - return err - } - - if err != nil { - if _, ok := err.(*meta.NoKindMatchError); !ok { - return err - } - } - - return nil -} - -// blank assignment to verify that ReconcileNifiUserGroup implements reconcile.Reconciler -var _ reconcile.Reconciler = &ReconcileNifiUserGroup{} - -// ReconcileNifiUserGroup reconciles a NifiUserGroup object -type ReconcileNifiUserGroup struct { - // This client, initialized using mgr.Client() above, is a split client - // that reads objects from the cache and writes to the apiserver - client client.Client - scheme *runtime.Scheme -} - -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusergroups,verbs=get;list;watch;create;update;patch;delete;deletecollection -// +kubebuilder:rbac:groups=nifi.orange.com,resources=nifiusergroups/status,verbs=get;update;patch - -// Reconcile reads that state of the user group for a NifiUserGroup object and makes changes based on the state read -// and what is in the NifiUserGroup.Spec -// Note: -// The Controller will requeue the Request to be processed again if the returned error is non-nil or -// Result.Requeue is true, otherwise upon completion it will remove the work from the queue. -func (r *ReconcileNifiUserGroup) Reconcile(request reconcile.Request) (reconcile.Result, error) { - reqLogger := log.WithValues("Request.Namespace", request.Namespace, "Request.Name", request.Name) - reqLogger.Info("Reconciling NifiUserGroup") - var err error - - // Get a context for the request - ctx := context.Background() - - // Fetch the NifiUserGroup instance - instance := &v1alpha1.NifiUserGroup{} - if err = r.client.Get(ctx, request.NamespacedName, instance); err != nil { - if apierrors.IsNotFound(err) { - // Request object not found, could have been deleted after reconcile request. - return common.Reconciled() - } - // Error reading the object - requeue the request. - return common.RequeueWithError(reqLogger, err.Error(), err) - } - - var users []*v1alpha1.NifiUser - - for _, userRef := range instance.Spec.UsersRef { - var user *v1alpha1.NifiUser - userNamespace := common.GetUserRefNamespace(instance.Namespace, userRef) - - if user, err = k8sutil.LookupNifiUser(r.client, userRef.Name, userNamespace); err != nil { - - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("User is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced user", err) - } - // Check if cluster references are the same - clusterNamespace := common.GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) - if user != nil && (userNamespace != clusterNamespace || user.Spec.ClusterRef.Name != instance.Spec.ClusterRef.Name) { - return common.RequeueWithError( - reqLogger, - "failed to lookup referenced cluster, due to inconsistency", - errors.New("inconsistent cluster references")) - } - - users = append(users, user) - } - - // Get the referenced NifiCluster - clusterNamespace := common.GetClusterRefNamespace(instance.Namespace, instance.Spec.ClusterRef) - var cluster *v1alpha1.NifiCluster - if cluster, err = k8sutil.LookupNifiCluster(r.client, instance.Spec.ClusterRef.Name, clusterNamespace); err != nil { - // This shouldn't trigger anymore, but leaving it here as a safetybelt - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - reqLogger.Info("Cluster is already gone, there is nothing we can do") - if err = r.removeFinalizer(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer", err) - } - return common.Reconciled() - } - - // the cluster does not exist - should have been caught pre-flight - return common.RequeueWithError(reqLogger, "failed to lookup referenced cluster", err) - } - - // Check if marked for deletion and if so run finalizers - if k8sutil.IsMarkedForDeletion(instance.ObjectMeta) { - return r.checkFinalizers(ctx, reqLogger, instance, users, cluster) - } - - // Check if the NiFi user group already exist - exist, err := usergroup.ExistUserGroup(r.client, instance, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure checking for existing user group", err) - } - - if !exist { - // Create NiFi registry client - status, err := usergroup.CreateUserGroup(r.client, instance, users, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failure creating user group", err) - } - - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiUserGroup status", err) - } - } - - // Sync UserGroup resource with NiFi side component - status, err := usergroup.SyncUserGroup(r.client, instance, users, cluster) - if err != nil { - return common.RequeueWithError(reqLogger, "failed to sync NifiUserGroup", err) - } - - instance.Status = *status - if err := r.client.Status().Update(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiUserGroup status", err) - } - - // Ensure NifiCluster label - if instance, err = r.ensureClusterLabel(ctx, cluster, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to ensure NifiCluster label on user group", err) - } - - // Ensure finalizer for cleanup on deletion - if !util.StringSliceContains(instance.GetFinalizers(), registryClientFinalizer) { - reqLogger.Info("Adding Finalizer for NifiUserGroup") - instance.SetFinalizers(append(instance.GetFinalizers(), registryClientFinalizer)) - } - - // Push any changes - if instance, err = r.updateAndFetchLatest(ctx, instance); err != nil { - return common.RequeueWithError(reqLogger, "failed to update NifiUserGroup", err) - } - - reqLogger.Info("Ensured User Group") - - return common.RequeueAfter(time.Duration(15) * time.Second) -} - -func (r *ReconcileNifiUserGroup) ensureClusterLabel(ctx context.Context, cluster *v1alpha1.NifiCluster, - userGroup *v1alpha1.NifiUserGroup) ( *v1alpha1.NifiUserGroup, error) { - - labels := common.ApplyClusterRefLabel(cluster, userGroup.GetLabels()) - if !reflect.DeepEqual(labels, userGroup.GetLabels()) { - userGroup.SetLabels(labels) - return r.updateAndFetchLatest(ctx, userGroup) - } - return userGroup, nil -} - -func (r *ReconcileNifiUserGroup) updateAndFetchLatest(ctx context.Context, - userGroup *v1alpha1.NifiUserGroup) (*v1alpha1.NifiUserGroup, error) { - - typeMeta := userGroup.TypeMeta - err := r.client.Update(ctx, userGroup) - if err != nil { - return nil, err - } - userGroup.TypeMeta = typeMeta - return userGroup, nil -} - -func (r *ReconcileNifiUserGroup) checkFinalizers(ctx context.Context, reqLogger logr.Logger, - userGroup *v1alpha1.NifiUserGroup, users []*v1alpha1.NifiUser, cluster *v1alpha1.NifiCluster) (reconcile.Result, error) { - - reqLogger.Info("NiFi registry client is marked for deletion") - var err error - if util.StringSliceContains(userGroup.GetFinalizers(), registryClientFinalizer) { - if err = r.finalizeNifiNifiUserGroup(reqLogger, userGroup, users, cluster); err != nil { - return common.RequeueWithError(reqLogger, "failed to finalize nifiusergroup", err) - } - if err = r.removeFinalizer(ctx, userGroup); err != nil { - return common.RequeueWithError(reqLogger, "failed to remove finalizer from kafkatopic", err) - } - } - return common.Reconciled() -} - -func (r *ReconcileNifiUserGroup) removeFinalizer(ctx context.Context, userGroup *v1alpha1.NifiUserGroup) error { - userGroup.SetFinalizers(util.StringSliceRemove(userGroup.GetFinalizers(), registryClientFinalizer)) - _, err := r.updateAndFetchLatest(ctx, userGroup) - return err -} - -func (r *ReconcileNifiUserGroup) finalizeNifiNifiUserGroup( - reqLogger logr.Logger, - userGroup *v1alpha1.NifiUserGroup, - users []*v1alpha1.NifiUser, - cluster *v1alpha1.NifiCluster) error { - - if err := usergroup.RemoveUserGroup(r.client, userGroup, users, cluster); err != nil { - return err - } - reqLogger.Info("Delete Registry client") - - return nil -} diff --git a/pkg/k8sutil/cr.go b/pkg/k8sutil/cr.go index a47206526..9579bdc30 100644 --- a/pkg/k8sutil/cr.go +++ b/pkg/k8sutil/cr.go @@ -17,7 +17,7 @@ package k8sutil import ( "context" "emperror.dev/errors" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "k8s.io/apimachinery/pkg/types" runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" "strconv" diff --git a/pkg/k8sutil/lookup.go b/pkg/k8sutil/lookup.go index bb61969dc..1b76e7bdd 100644 --- a/pkg/k8sutil/lookup.go +++ b/pkg/k8sutil/lookup.go @@ -16,7 +16,7 @@ package k8sutil import ( "context" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/types" @@ -56,4 +56,4 @@ func LookupNifiUser(client runtimeClient.Client, userName, userNamespace string) user = &v1alpha1.NifiUser{} err = client.Get(context.TODO(), types.NamespacedName{Name: userName, Namespace: userNamespace}, user) return -} \ No newline at end of file +} diff --git a/pkg/k8sutil/resource.go b/pkg/k8sutil/resource.go index d040121c3..949d4cf41 100644 --- a/pkg/k8sutil/resource.go +++ b/pkg/k8sutil/resource.go @@ -18,7 +18,7 @@ import ( "context" "reflect" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" v1 "k8s.io/api/core/v1" @@ -33,18 +33,15 @@ import ( ) // Reconcile reconciles K8S resources -func Reconcile(log logr.Logger, client runtimeClient.Client, desired runtime.Object, cr *v1alpha1.NifiCluster) error { +func Reconcile(log logr.Logger, client runtimeClient.Client, desired runtimeClient.Object, cr *v1alpha1.NifiCluster) error { desiredType := reflect.TypeOf(desired) - var current = desired.DeepCopyObject() + var current = desired var err error switch desired.(type) { default: var key runtimeClient.ObjectKey - key, err = runtimeClient.ObjectKeyFromObject(current) - if err != nil { - return errors.WithDetails(err, "kind", desiredType) - } + key = runtimeClient.ObjectKeyFromObject(current) log = log.WithValues("kind", desiredType, "name", key.Name) err = client.Get(context.TODO(), key, current) diff --git a/pkg/k8sutil/status.go b/pkg/k8sutil/status.go index 8b1307a86..eda1a19da 100644 --- a/pkg/k8sutil/status.go +++ b/pkg/k8sutil/status.go @@ -17,7 +17,7 @@ package k8sutil import ( "context" "fmt" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "strings" "time" diff --git a/pkg/nificlient/client.go b/pkg/nificlient/client.go index 3b341ff68..8110d2fd6 100644 --- a/pkg/nificlient/client.go +++ b/pkg/nificlient/client.go @@ -16,16 +16,16 @@ package nificlient import ( "fmt" "net/http" + ctrl "sigs.k8s.io/controller-runtime" "time" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" "sigs.k8s.io/controller-runtime/pkg/client" - logf "sigs.k8s.io/controller-runtime/pkg/runtime/log" ) -var log = logf.Log.WithName("nifi_client") +var log = ctrl.Log.WithName("nifi_client") const ( PRIMARY_NODE = "Primary Node" diff --git a/pkg/nificlient/client_test.go b/pkg/nificlient/client_test.go index e06f9f695..12c03827e 100644 --- a/pkg/nificlient/client_test.go +++ b/pkg/nificlient/client_test.go @@ -19,12 +19,12 @@ import ( "net/http" "testing" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" + "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" + nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" "github.com/jarcoal/httpmock" "github.com/stretchr/testify/assert" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" - nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" ) var ( diff --git a/pkg/nificlient/config.go b/pkg/nificlient/config.go index 1fcc00040..13ede0567 100644 --- a/pkg/nificlient/config.go +++ b/pkg/nificlient/config.go @@ -18,7 +18,7 @@ import ( "crypto/tls" "fmt" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/pki" "github.com/Orange-OpenSource/nifikop/pkg/util" "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" diff --git a/pkg/nificlient/config_test.go b/pkg/nificlient/config_test.go index 014cff88a..b2c09e50e 100644 --- a/pkg/nificlient/config_test.go +++ b/pkg/nificlient/config_test.go @@ -18,9 +18,9 @@ import ( "fmt" "testing" - "github.com/stretchr/testify/assert" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/pki" + "github.com/stretchr/testify/assert" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/pkg/nificlient/flow_test.go b/pkg/nificlient/flow_test.go index abf8d2ff8..c288356f8 100644 --- a/pkg/nificlient/flow_test.go +++ b/pkg/nificlient/flow_test.go @@ -94,13 +94,13 @@ func TestGetFlowControllerServices(t *testing.T) { func testGetFlowControllerServices(t *testing.T, pgId string, status int) (*nigoapi.ControllerServicesEntity, error) { - cs := []nigoapi.ControllerServiceEntity { + cs := []nigoapi.ControllerServiceEntity{ MockControllerService( "16cfd2ec-2174-1065-0650-10004b9b35cc", pgId, - "unit-test controller 1", "DISABLED" ), + "unit-test controller 1", "DISABLED"), MockControllerService( "18cfd2ec-2174-1065-0650-10004b9b35cc", pgId, - "unit-test controller 2", "ENABLED" ), + "unit-test controller 2", "ENABLED"), } cluster := testClusterMock(t) @@ -129,24 +129,24 @@ func TestUpdateFlowControllerServices(t *testing.T) { pgId := "16cfd2ec-0174-1000-0000-00004b9b35cc" - mockEntity := MockFlowControllerServices([]nigoapi.ControllerServiceEntity { + mockEntity := MockFlowControllerServices([]nigoapi.ControllerServiceEntity{ MockControllerService( "16cfd2ec-2174-1065-0650-10004b9b35cc", pgId, - "unit-test controller 1", "DISABLED" ), + "unit-test controller 1", "DISABLED"), MockControllerService( "18cfd2ec-2174-1065-0650-10004b9b35cc", pgId, - "unit-test controller 2", "ENABLED" ), + "unit-test controller 2", "ENABLED"), }) - entity, err := testUpdateFlowControllerServices(t, &mockEntity, pgId,200) + entity, err := testUpdateFlowControllerServices(t, &mockEntity, pgId, 200) assert.Nil(err) assert.NotNil(entity) - entity, err = testUpdateFlowControllerServices(t, &mockEntity, pgId,404) + entity, err = testUpdateFlowControllerServices(t, &mockEntity, pgId, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) - entity, err = testUpdateFlowControllerServices(t, &mockEntity, pgId,500) + entity, err = testUpdateFlowControllerServices(t, &mockEntity, pgId, 500) assert.IsType(ErrNifiClusterNotReturned200, err) assert.Nil(entity) } @@ -178,13 +178,13 @@ func testUpdateFlowControllerServices(t *testing.T, entity *nigoapi.ControllerSe func TestUpdateFlowProcessGroup(t *testing.T) { assert := assert.New(t) - mockEntity := MockScheduleComponentsEntity("16cfd2ec-2174-1065-0650-10004b9b35cc", "STOPPED" ) + mockEntity := MockScheduleComponentsEntity("16cfd2ec-2174-1065-0650-10004b9b35cc", "STOPPED") entity, err := testUpdateFlowProcessGroup(t, mockEntity, 200) assert.Nil(err) assert.NotNil(entity) - entity, err = testUpdateFlowProcessGroup(t, mockEntity,404) + entity, err = testUpdateFlowProcessGroup(t, mockEntity, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) @@ -228,10 +228,10 @@ func MockActivateControllerServicesEntity(pgId string, cs nigoapi.ControllerServ state := "ENABLED" for _, c := range cs.ControllerServices { - components[c.Id] = nigoapi.RevisionDto{Version: &version} - if c.Component.State == "DISABLED" { - state = c.Component.State - } + components[c.Id] = nigoapi.RevisionDto{Version: &version} + if c.Component.State == "DISABLED" { + state = c.Component.State + } } return nigoapi.ActivateControllerServicesEntity{ Id: pgId, @@ -245,15 +245,15 @@ func MockControllerService(id, pgId, name, state string) nigoapi.ControllerServi var version int64 = 10 return nigoapi.ControllerServiceEntity{ Revision: &nigoapi.RevisionDto{ - Version: &version, + Version: &version, }, Id: id, ParentGroupId: pgId, - Component: &nigoapi.ControllerServiceDto{ - Id: id, - ParentGroupId: pgId, - Name: name, - State: state, + Component: &nigoapi.ControllerServiceDto{ + Id: id, + ParentGroupId: pgId, + Name: name, + State: state, }, } } @@ -269,14 +269,14 @@ func MockFlow( Uri: "", ParentGroupId: pgID, ParameterContext: parameterContext, - Flow: &nigoapi.FlowDto{ + Flow: &nigoapi.FlowDto{ ProcessGroups: processGroups, }, - LastRefreshed: "", + LastRefreshed: "", }, } } func MockScheduleComponentsEntity(id, state string) nigoapi.ScheduleComponentsEntity { - return nigoapi.ScheduleComponentsEntity{Id:id, State:state} + return nigoapi.ScheduleComponentsEntity{Id: id, State: state} } diff --git a/pkg/nificlient/flowfiles_test.go b/pkg/nificlient/flowfiles_test.go index 64e0e4f3f..30d5d3228 100644 --- a/pkg/nificlient/flowfiles_test.go +++ b/pkg/nificlient/flowfiles_test.go @@ -14,19 +14,19 @@ func TestCreateDropRequest(t *testing.T) { assert := assert.New(t) connectionId := "16cfd2ec-0174-1000-0000-54654754c" - mockEntity := MockDropRequest( + mockEntity := MockDropRequest( "16cfd2ec-0174-1000-0000-00004b9b35cc", connectionId, "", "", "", 50, 10, 15, 5, false) - entity, err := testCreateDropRequest(t, &mockEntity, connectionId,201) + entity, err := testCreateDropRequest(t, &mockEntity, connectionId, 201) assert.Nil(err) assert.NotNil(entity) - entity, err = testCreateDropRequest(t, &mockEntity, connectionId,404) + entity, err = testCreateDropRequest(t, &mockEntity, connectionId, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) - entity, err = testCreateDropRequest(t, &mockEntity, connectionId,500) + entity, err = testCreateDropRequest(t, &mockEntity, connectionId, 500) assert.IsType(ErrNifiClusterNotReturned200, err) assert.Nil(entity) } @@ -59,7 +59,7 @@ func TestGetDropRequest(t *testing.T) { assert := assert.New(t) connectionId := "16cfd2ec-0174-1000-0000-54654754c" - mockEntity := MockDropRequest( + mockEntity := MockDropRequest( "16cfd2ec-0174-1000-0000-00004b9b35cc", connectionId, "", "", "", 50, 10, 15, 5, false) @@ -67,7 +67,7 @@ func TestGetDropRequest(t *testing.T) { assert.Nil(err) assert.NotNil(entity) - entity, err = testGetDropRequest(t, &mockEntity, connectionId,404) + entity, err = testGetDropRequest(t, &mockEntity, connectionId, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) @@ -102,26 +102,25 @@ func testGetDropRequest(t *testing.T, entity *nigoapi.DropRequestEntity, connect func MockDropRequest( id, connectionId, lastUpdated, failureReason, state string, - percentCompleted, currentCount, originalCount, droppedCount int32, finished bool) nigoapi.DropRequestEntity { - - return nigoapi.DropRequestEntity{DropRequest: - &nigoapi.DropRequestDto{ - Id: id, - Uri: fmt.Sprintf("http://testunit.com:8080/nifi-api/flowfile-queues/%s/drop-requests/%s", connectionId, id), - SubmissionTime: "", - LastUpdated: lastUpdated, - PercentCompleted: percentCompleted, - Finished: finished, - FailureReason: failureReason, - CurrentCount: currentCount, - CurrentSize: int64(currentCount*250), - Current: "", - OriginalCount: originalCount, - OriginalSize: int64(originalCount*250), - Original: "", - DroppedCount: droppedCount, - DroppedSize: int64(droppedCount*250), - Dropped: "", - State: state, + percentCompleted, currentCount, originalCount, droppedCount int32, finished bool) nigoapi.DropRequestEntity { + + return nigoapi.DropRequestEntity{DropRequest: &nigoapi.DropRequestDto{ + Id: id, + Uri: fmt.Sprintf("http://testunit.com:8080/nifi-api/flowfile-queues/%s/drop-requests/%s", connectionId, id), + SubmissionTime: "", + LastUpdated: lastUpdated, + PercentCompleted: percentCompleted, + Finished: finished, + FailureReason: failureReason, + CurrentCount: currentCount, + CurrentSize: int64(currentCount * 250), + Current: "", + OriginalCount: originalCount, + OriginalSize: int64(originalCount * 250), + Original: "", + DroppedCount: droppedCount, + DroppedSize: int64(droppedCount * 250), + Dropped: "", + State: state, }} -} \ No newline at end of file +} diff --git a/pkg/nificlient/inputport_test.go b/pkg/nificlient/inputport_test.go index 1feca2fe2..e8bb40fcd 100644 --- a/pkg/nificlient/inputport_test.go +++ b/pkg/nificlient/inputport_test.go @@ -15,17 +15,17 @@ func TestUpdatePortRunStatus(t *testing.T) { id := "16cfd2ec-0174-1000-0000-00004b9b35cc" - mockEntity := MockPortRunStatus("Stopped") + mockEntity := MockPortRunStatus("Stopped") - entity, err := testUpdatePortRunStatus(t, mockEntity, id,200) + entity, err := testUpdatePortRunStatus(t, mockEntity, id, 200) assert.Nil(err) assert.NotNil(entity) - entity, err = testUpdatePortRunStatus(t, mockEntity, id,404) + entity, err = testUpdatePortRunStatus(t, mockEntity, id, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) - entity, err = testUpdatePortRunStatus(t, mockEntity, id,500) + entity, err = testUpdatePortRunStatus(t, mockEntity, id, 500) assert.IsType(ErrNifiClusterNotReturned200, err) assert.Nil(entity) } @@ -57,6 +57,6 @@ func MockPortRunStatus(state string) nigoapi.PortRunStatusEntity { var version int64 = 10 return nigoapi.PortRunStatusEntity{ Revision: &nigoapi.RevisionDto{Version: &version}, - State: state, + State: state, } -} \ No newline at end of file +} diff --git a/pkg/nificlient/mock_client_test.go b/pkg/nificlient/mock_client_test.go index 6d2b2ed08..448f6692c 100644 --- a/pkg/nificlient/mock_client_test.go +++ b/pkg/nificlient/mock_client_test.go @@ -17,10 +17,10 @@ package nificlient import ( "testing" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" + nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" "github.com/jarcoal/httpmock" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" ) var ( diff --git a/pkg/nificlient/parametercontext_test.go b/pkg/nificlient/parametercontext_test.go index dfd3166a3..9ef16023f 100644 --- a/pkg/nificlient/parametercontext_test.go +++ b/pkg/nificlient/parametercontext_test.go @@ -56,7 +56,7 @@ func testGetParameterContext(t *testing.T, id string, status int) (*nigoapi.Para func TestCreateParameterContext(t *testing.T) { assert := assert.New(t) - mockEntity := MockParameterContext("16cfd2ec-0174-1000-0000-00004b9b35cc", "test-unit", "unit test", + mockEntity := MockParameterContext("16cfd2ec-0174-1000-0000-00004b9b35cc", "test-unit", "unit test", map[string]string{"key1": "value1", "key2": "value2"}, map[string]string{"secret1": "value1", "secret2": "value2"}) @@ -99,7 +99,7 @@ func testCreateParameterContext(t *testing.T, entity *nigoapi.ParameterContextEn func TestRemoveParameterContext(t *testing.T) { assert := assert.New(t) - mockEntity :=MockParameterContext("16cfd2ec-0174-1000-0000-00004b9b35cc", "test-unit", "unit test", + mockEntity := MockParameterContext("16cfd2ec-0174-1000-0000-00004b9b35cc", "test-unit", "unit test", map[string]string{"key1": "value1", "key2": "value2"}, map[string]string{"secret1": "value1", "secret2": "value2"}) @@ -139,7 +139,7 @@ func testRemoveParameterContext(t *testing.T, entity *nigoapi.ParameterContextEn func TestCreateParameterContextUpdateRequest(t *testing.T) { assert := assert.New(t) - mockEntity :=MockParameterContext("16cfd2ec-0174-1000-0000-00004b9b35cc", "test-unit", + mockEntity := MockParameterContext("16cfd2ec-0174-1000-0000-00004b9b35cc", "test-unit", "unit test", map[string]string{"key1": "value1", "key2": "value2"}, map[string]string{"secret1": "value1", "secret2": "value2"}) @@ -198,7 +198,7 @@ func TestGetParameterContextUpdateRequest(t *testing.T) { assert.Nil(err) assert.NotNil(entity) - entity, err = testGetParameterContextUpdateRequest(t, &mockEntity, id,404) + entity, err = testGetParameterContextUpdateRequest(t, &mockEntity, id, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) @@ -267,4 +267,4 @@ func map2Parameters(params map[string]string, sensitive bool) []nigoapi.Paramete } return parameters -} \ No newline at end of file +} diff --git a/pkg/nificlient/policies.go b/pkg/nificlient/policies.go index 535f3dc49..1ccd58ee2 100644 --- a/pkg/nificlient/policies.go +++ b/pkg/nificlient/policies.go @@ -97,4 +97,4 @@ func (n *nifiClient) RemoveAccessPolicy(entity nigoapi.AccessPolicyEntity) error }) return errorDeleteOperation(rsp, err) -} \ No newline at end of file +} diff --git a/pkg/nificlient/processgroup_test.go b/pkg/nificlient/processgroup_test.go index c2e9804c2..5c2583081 100644 --- a/pkg/nificlient/processgroup_test.go +++ b/pkg/nificlient/processgroup_test.go @@ -204,8 +204,8 @@ func MockProcessGroup(id, name, parentPGId, registryId, bucketId, flowId string, return nigoapi.ProcessGroupEntity{ Id: id, Component: &nigoapi.ProcessGroupDto{ - Name: name, - ParentGroupId: parentPGId, + Name: name, + ParentGroupId: parentPGId, VersionControlInformation: MockVersionControlInformationDto(id, registryId, bucketId, flowId, flowVersion), }, Revision: &nigoapi.RevisionDto{Version: &version}, diff --git a/pkg/nificlient/processor_test.go b/pkg/nificlient/processor_test.go index 17c4c3703..a53293e1a 100644 --- a/pkg/nificlient/processor_test.go +++ b/pkg/nificlient/processor_test.go @@ -15,17 +15,17 @@ func TestUpdateProcessorRunStatus(t *testing.T) { id := "16cfd2ec-0174-1000-0000-00004b9b35cc" - mockEntity := MockProcessorRunStatus("Stopped") + mockEntity := MockProcessorRunStatus("Stopped") - entity, err := testUpdateProcessorRunStatus(t, mockEntity, id,200) + entity, err := testUpdateProcessorRunStatus(t, mockEntity, id, 200) assert.Nil(err) assert.NotNil(entity) - entity, err = testUpdateProcessorRunStatus(t, mockEntity, id,404) + entity, err = testUpdateProcessorRunStatus(t, mockEntity, id, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) - entity, err = testUpdateProcessorRunStatus(t, mockEntity, id,500) + entity, err = testUpdateProcessorRunStatus(t, mockEntity, id, 500) assert.IsType(ErrNifiClusterNotReturned200, err) assert.Nil(entity) } @@ -57,6 +57,6 @@ func MockProcessorRunStatus(state string) nigoapi.ProcessorRunStatusEntity { var version int64 = 10 return nigoapi.ProcessorRunStatusEntity{ Revision: &nigoapi.RevisionDto{Version: &version}, - State: state, + State: state, } -} \ No newline at end of file +} diff --git a/pkg/nificlient/registryclient_test.go b/pkg/nificlient/registryclient_test.go index e578ab799..469b1d570 100644 --- a/pkg/nificlient/registryclient_test.go +++ b/pkg/nificlient/registryclient_test.go @@ -54,7 +54,7 @@ func testGetRegistryClient(t *testing.T, id string, status int) (*nigoapi.Regist func TestCreateRegistryClient(t *testing.T) { assert := assert.New(t) - mockEntity := MockRegistryClient("16cfd2ec-0174-1000-0000-00004b9b35cc", "mock", "description", "http://uri:8888") + mockEntity := MockRegistryClient("16cfd2ec-0174-1000-0000-00004b9b35cc", "mock", "description", "http://uri:8888") entity, err := testCreateRegistryClient(t, &mockEntity, 201) assert.Nil(err) @@ -95,7 +95,7 @@ func testCreateRegistryClient(t *testing.T, entity *nigoapi.RegistryClientEntity func TestUpdateRegistryClient(t *testing.T) { assert := assert.New(t) - mockEntity := MockRegistryClient("16cfd2ec-0174-1000-0000-00004b9b35cc", "mock", "description", "http://uri:8888") + mockEntity := MockRegistryClient("16cfd2ec-0174-1000-0000-00004b9b35cc", "mock", "description", "http://uri:8888") entity, err := testUpdateRegistryClient(t, &mockEntity, 200) assert.Nil(err) @@ -136,7 +136,7 @@ func testUpdateRegistryClient(t *testing.T, entity *nigoapi.RegistryClientEntity func TestRemoveRegistryClient(t *testing.T) { assert := assert.New(t) - mockEntity := MockRegistryClient("16cfd2ec-0174-1000-0000-00004b9b35cc", "mock", "description", "http://uri:8888") + mockEntity := MockRegistryClient("16cfd2ec-0174-1000-0000-00004b9b35cc", "mock", "description", "http://uri:8888") err := testRemoveRegistryClient(t, &mockEntity, 200) assert.Nil(err) @@ -183,4 +183,4 @@ func MockRegistryClient(id, name, description, uri string) nigoapi.RegistryClien }, Revision: &nigoapi.RevisionDto{Version: &version}, } -} \ No newline at end of file +} diff --git a/pkg/nificlient/snippet_test.go b/pkg/nificlient/snippet_test.go index bd4e583c5..2c332000e 100644 --- a/pkg/nificlient/snippet_test.go +++ b/pkg/nificlient/snippet_test.go @@ -40,7 +40,7 @@ func testCreateSnippet(t *testing.T, entity nigoapi.SnippetEntity, status int) ( httpmock.Activate() defer httpmock.DeactivateAndReset() - url := nifiAddress(cluster, fmt.Sprintf("/snippets", )) + url := nifiAddress(cluster, fmt.Sprintf("/snippets")) httpmock.RegisterResponder(http.MethodPost, url, func(req *http.Request) (*http.Response, error) { return httpmock.NewJsonResponse( @@ -100,4 +100,4 @@ func MockSnippet(pgID, parentGroupID string) nigoapi.SnippetEntity { ProcessGroups: map[string]nigoapi.RevisionDto{pgID: nigoapi.RevisionDto{}}, }, } -} \ No newline at end of file +} diff --git a/pkg/nificlient/system.go b/pkg/nificlient/system.go index e342783c3..1b6c731b3 100644 --- a/pkg/nificlient/system.go +++ b/pkg/nificlient/system.go @@ -15,7 +15,7 @@ package nificlient import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" ) diff --git a/pkg/nificlient/system_test.go b/pkg/nificlient/system_test.go index 643073f88..b0db38351 100644 --- a/pkg/nificlient/system_test.go +++ b/pkg/nificlient/system_test.go @@ -19,11 +19,11 @@ import ( "net/http" "testing" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" + nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" nigoapi "github.com/erdrix/nigoapi/pkg/nifi" "github.com/jarcoal/httpmock" "github.com/stretchr/testify/assert" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" - nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" ) func TestDescribeCluster(t *testing.T) { @@ -203,7 +203,7 @@ func TestOffloadClusterNode(t *testing.T) { cluster := testClusterMock(t) for _, node := range cluster.Spec.Nodes { - nodeEntity, err := testOffloadClusterNode(t, cluster, node.Id, 200 ) + nodeEntity, err := testOffloadClusterNode(t, cluster, node.Id, 200) assert.Nil(err) assert.NotNil(nodeEntity) } diff --git a/pkg/nificlient/user.go b/pkg/nificlient/user.go index 908bffb1b..817914862 100644 --- a/pkg/nificlient/user.go +++ b/pkg/nificlient/user.go @@ -106,4 +106,4 @@ func (n *nifiClient) RemoveUser(entity nigoapi.UserEntity) error { }) return errorDeleteOperation(rsp, err) -} \ No newline at end of file +} diff --git a/pkg/nificlient/usergroup.go b/pkg/nificlient/usergroup.go index c4d21392b..bae4b7c07 100644 --- a/pkg/nificlient/usergroup.go +++ b/pkg/nificlient/usergroup.go @@ -105,4 +105,4 @@ func (n *nifiClient) RemoveUserGroup(entity nigoapi.UserGroupEntity) error { }) return errorDeleteOperation(rsp, err) -} \ No newline at end of file +} diff --git a/pkg/nificlient/version_test.go b/pkg/nificlient/version_test.go index 6eaf8756b..0f2eb1a07 100644 --- a/pkg/nificlient/version_test.go +++ b/pkg/nificlient/version_test.go @@ -13,7 +13,7 @@ import ( func TestCreateVersionUpdateRequest(t *testing.T) { assert := assert.New(t) - mockEntity := MockVersionUpdateRequest( + mockEntity := MockVersionUpdateRequest( "16cfd2ec-0174-1000-0000-00004b9b35cc", "16cfd2ec-0174-1450-0000-00004b9b35cc", "16cfd2ec-0174-6580-0000-00004b9b35cc", @@ -62,7 +62,7 @@ func TestGetVersionUpdateRequest(t *testing.T) { id := "16cfd2ec-0174-1000-0000-00004b9b35cc" - mockEntity := MockVersionUpdateRequest( + mockEntity := MockVersionUpdateRequest( "16cfd2ec-0174-1000-0000-00004b9b35cc", "16cfd2ec-0174-1450-0000-00004b9b35cc", "16cfd2ec-0174-6580-0000-00004b9b35cc", @@ -73,7 +73,7 @@ func TestGetVersionUpdateRequest(t *testing.T) { assert.Nil(err) assert.NotNil(entity) - entity, err = testGetVersionUpdateRequest(t, &mockEntity, id,404) + entity, err = testGetVersionUpdateRequest(t, &mockEntity, id, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) @@ -109,7 +109,7 @@ func testGetVersionUpdateRequest(t *testing.T, entity *nigoapi.VersionControlInf func TestCreateVersionRevertRequest(t *testing.T) { assert := assert.New(t) - mockEntity := MockVersionRevertRequest( + mockEntity := MockVersionRevertRequest( "16cfd2ec-0174-1000-0000-00004b9b35cc", "16cfd2ec-0174-1450-0000-00004b9b35cc", "16cfd2ec-0174-6580-0000-00004b9b35cc", @@ -158,7 +158,7 @@ func TestGetVersionRevertRequest(t *testing.T) { id := "16cfd2ec-0174-1000-0000-00004b9b35cc" - mockEntity := MockVersionRevertRequest( + mockEntity := MockVersionRevertRequest( "16cfd2ec-0174-1000-0000-00004b9b35cc", "16cfd2ec-0174-1450-0000-00004b9b35cc", "16cfd2ec-0174-6580-0000-00004b9b35cc", @@ -169,7 +169,7 @@ func TestGetVersionRevertRequest(t *testing.T) { assert.Nil(err) assert.NotNil(entity) - entity, err = testGetVersionRevertRequest(t, &mockEntity, id,404) + entity, err = testGetVersionRevertRequest(t, &mockEntity, id, 404) assert.IsType(ErrNifiClusterReturned404, err) assert.Nil(entity) @@ -231,4 +231,4 @@ func MockVersionControlInformationDto(pgId, registryId, bucketId, flowId string, FlowId: flowId, Version: flowVersion, } -} \ No newline at end of file +} diff --git a/pkg/pki/certmanagerpki/certmanager.go b/pkg/pki/certmanagerpki/certmanager.go index 7043f651d..e3e7c802a 100644 --- a/pkg/pki/certmanagerpki/certmanager.go +++ b/pkg/pki/certmanagerpki/certmanager.go @@ -15,7 +15,7 @@ package certmanagerpki import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/util/pki" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/pkg/pki/certmanagerpki/certmanager_pki.go b/pkg/pki/certmanagerpki/certmanager_pki.go index 7b90dd215..bd4fb29a6 100644 --- a/pkg/pki/certmanagerpki/certmanager_pki.go +++ b/pkg/pki/certmanagerpki/certmanager_pki.go @@ -18,7 +18,7 @@ import ( "context" "fmt" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" pkicommon "github.com/Orange-OpenSource/nifikop/pkg/util/pki" @@ -147,7 +147,7 @@ func fullPKI(cluster *v1alpha1.NifiCluster, scheme *runtime.Scheme, externalHost // A cluster issuer backed by the CA certificate - so it can provision secrets // for app in other namespaces mainIssuerForCluster(cluster, scheme), - }... + }..., ) } else { objects = append(objects, []runtime.Object{ @@ -158,7 +158,7 @@ func fullPKI(cluster *v1alpha1.NifiCluster, scheme *runtime.Scheme, externalHost // A issuer backed by the CA certificate - so it can provision secrets // in this namespace mainIssuerForNamespace(cluster, scheme), - }... + }..., ) } diff --git a/pkg/pki/certmanagerpki/certmanager_pki_test.go b/pkg/pki/certmanagerpki/certmanager_pki_test.go index 72e8181df..5d4c0a129 100644 --- a/pkg/pki/certmanagerpki/certmanager_pki_test.go +++ b/pkg/pki/certmanagerpki/certmanager_pki_test.go @@ -20,7 +20,7 @@ import ( "reflect" "testing" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" certutil "github.com/Orange-OpenSource/nifikop/pkg/util/cert" pkicommon "github.com/Orange-OpenSource/nifikop/pkg/util/pki" diff --git a/pkg/pki/certmanagerpki/certmanager_test.go b/pkg/pki/certmanagerpki/certmanager_test.go index 3d227f6f0..eaae9a086 100644 --- a/pkg/pki/certmanagerpki/certmanager_test.go +++ b/pkg/pki/certmanagerpki/certmanager_test.go @@ -18,7 +18,7 @@ import ( "reflect" "testing" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" "k8s.io/client-go/kubernetes/scheme" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/pkg/pki/certmanagerpki/certmanager_tls_config.go b/pkg/pki/certmanagerpki/certmanager_tls_config.go index 6f1e6e101..bb7c54121 100644 --- a/pkg/pki/certmanagerpki/certmanager_tls_config.go +++ b/pkg/pki/certmanagerpki/certmanager_tls_config.go @@ -21,7 +21,7 @@ import ( "fmt" "strings" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" pkicommon "github.com/Orange-OpenSource/nifikop/pkg/util/pki" corev1 "k8s.io/api/core/v1" diff --git a/pkg/pki/certmanagerpki/certmanager_tls_config_test.go b/pkg/pki/certmanagerpki/certmanager_tls_config_test.go index 22a33a089..967037793 100644 --- a/pkg/pki/certmanagerpki/certmanager_tls_config_test.go +++ b/pkg/pki/certmanagerpki/certmanager_tls_config_test.go @@ -19,7 +19,7 @@ import ( "reflect" "testing" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" certutil "github.com/Orange-OpenSource/nifikop/pkg/util/cert" corev1 "k8s.io/api/core/v1" diff --git a/pkg/pki/certmanagerpki/certmanager_user.go b/pkg/pki/certmanagerpki/certmanager_user.go index fa93507cf..539bb8ebb 100644 --- a/pkg/pki/certmanagerpki/certmanager_user.go +++ b/pkg/pki/certmanagerpki/certmanager_user.go @@ -19,7 +19,7 @@ import ( "errors" "fmt" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" "github.com/Orange-OpenSource/nifikop/pkg/k8sutil" certutil "github.com/Orange-OpenSource/nifikop/pkg/util/cert" diff --git a/pkg/pki/certmanagerpki/certmanager_user_test.go b/pkg/pki/certmanagerpki/certmanager_user_test.go index 984bad647..3b6d862e1 100644 --- a/pkg/pki/certmanagerpki/certmanager_user_test.go +++ b/pkg/pki/certmanagerpki/certmanager_user_test.go @@ -19,7 +19,7 @@ import ( "reflect" "testing" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" certutil "github.com/Orange-OpenSource/nifikop/pkg/util/cert" corev1 "k8s.io/api/core/v1" diff --git a/pkg/pki/certmanagerpki/reconcile.go b/pkg/pki/certmanagerpki/reconcile.go index 736ab560e..c00b6f6dc 100644 --- a/pkg/pki/certmanagerpki/reconcile.go +++ b/pkg/pki/certmanagerpki/reconcile.go @@ -19,7 +19,7 @@ import ( "fmt" "reflect" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/go-logr/logr" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" corev1 "k8s.io/api/core/v1" diff --git a/pkg/pki/pki_manager.go b/pkg/pki/pki_manager.go index d155a1c97..643641046 100644 --- a/pkg/pki/pki_manager.go +++ b/pkg/pki/pki_manager.go @@ -18,7 +18,7 @@ import ( "context" "crypto/tls" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/pki/certmanagerpki" "github.com/Orange-OpenSource/nifikop/pkg/util/pki" "github.com/go-logr/logr" diff --git a/pkg/pki/pki_manager_test.go b/pkg/pki/pki_manager_test.go index 4fa56accd..2bc364fb9 100644 --- a/pkg/pki/pki_manager_test.go +++ b/pkg/pki/pki_manager_test.go @@ -19,7 +19,7 @@ import ( "reflect" "testing" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/go-logr/logr" "k8s.io/client-go/kubernetes/scheme" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/pkg/resources/nifi/LbService.go b/pkg/resources/nifi/LbService.go index 9b4f9b8c6..eea4fa966 100644 --- a/pkg/resources/nifi/LbService.go +++ b/pkg/resources/nifi/LbService.go @@ -17,11 +17,11 @@ package nifi import ( "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" ) // TODO: To remove ? Or to redo -func (r *Reconciler) lbService() runtime.Object { +func (r *Reconciler) lbService() runtimeClient.Object { usedPorts := r.generateServicePortForInternalListeners() diff --git a/pkg/resources/nifi/allNodeService.go b/pkg/resources/nifi/allNodeService.go index 81b85e05d..cfeacdbcc 100644 --- a/pkg/resources/nifi/allNodeService.go +++ b/pkg/resources/nifi/allNodeService.go @@ -19,10 +19,10 @@ import ( "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" nifiutils "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" ) -func (r *Reconciler) allNodeService() runtime.Object { +func (r *Reconciler) allNodeService() runtimeClient.Object { usedPorts := r.generateServicePortForInternalListeners() usedPorts = append(usedPorts, r.generateDefaultServicePort()...) diff --git a/pkg/resources/nifi/configmap.go b/pkg/resources/nifi/configmap.go index b030b5123..9918c4232 100644 --- a/pkg/resources/nifi/configmap.go +++ b/pkg/resources/nifi/configmap.go @@ -17,11 +17,12 @@ package nifi import ( "bytes" "fmt" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" "sort" "strings" "text/template" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates/config" @@ -31,10 +32,9 @@ import ( "github.com/go-logr/logr" "github.com/imdario/mergo" corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" ) -func (r *Reconciler) configMap(id int32, nodeConfig *v1alpha1.NodeConfig, serverPass, clientPass string, superUsers []string, log logr.Logger) runtime.Object { +func (r *Reconciler) configMap(id int32, nodeConfig *v1alpha1.NodeConfig, serverPass, clientPass string, superUsers []string, log logr.Logger) runtimeClient.Object { configMap := &corev1.ConfigMap{ ObjectMeta: templates.ObjectMeta( fmt.Sprintf(templates.NodeConfigTemplate+"-%d", r.NifiCluster.Name, id), @@ -97,7 +97,6 @@ func (r Reconciler) generateNifiPropertiesNodeConfig(id int32, nodeConfig *v1alp log.Error(err, "error occurred during merging operator generated configs") } - completeConfig := []string{} for key, value := range completeConfigMap { @@ -230,8 +229,7 @@ func (r *Reconciler) getZookeeperPropertiesConfigString(nConfig *v1alpha1.NodeCo var out bytes.Buffer t := template.Must(template.New("nConfig-config").Parse(config.ZookeeperPropertiesTemplate)) - if err := t.Execute(&out, map[string]interface{}{ - }); err != nil { + if err := t.Execute(&out, map[string]interface{}{}); err != nil { log.Error(err, "error occurred during parsing the config template") } return out.String() @@ -335,12 +333,12 @@ func (r *Reconciler) getAuthorizersConfigString(nConfig *v1alpha1.NodeConfig, id t := template.Must(template.New("nConfig-config").Parse(authorizersTemplate)) if err := t.Execute(&out, map[string]interface{}{ - "NifiCluster": r.NifiCluster, - "Id": id, - "ClusterName": r.NifiCluster.Name, - "Namespace": r.NifiCluster.Namespace, - "NodeList": nodeList, - "ControllerUser": fmt.Sprintf(pkicommon.NodeControllerFQDNTemplate, + "NifiCluster": r.NifiCluster, + "Id": id, + "ClusterName": r.NifiCluster.Name, + "Namespace": r.NifiCluster.Namespace, + "NodeList": nodeList, + "ControllerUser": fmt.Sprintf(pkicommon.NodeControllerFQDNTemplate, fmt.Sprintf(pkicommon.NodeControllerTemplate, r.NifiCluster.Name), r.NifiCluster.Namespace, r.NifiCluster.Spec.ListenersConfig.GetClusterDomain()), diff --git a/pkg/resources/nifi/headlessService.go b/pkg/resources/nifi/headlessService.go index 59a82b024..191363145 100644 --- a/pkg/resources/nifi/headlessService.go +++ b/pkg/resources/nifi/headlessService.go @@ -20,10 +20,10 @@ import ( "github.com/Orange-OpenSource/nifikop/pkg/util" nifiutils "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" ) -func (r *Reconciler) headlessService() runtime.Object { +func (r *Reconciler) headlessService() runtimeClient.Object { // InternalListeners ports usedPorts := r.generateServicePortForInternalListeners() diff --git a/pkg/resources/nifi/nifi.go b/pkg/resources/nifi/nifi.go index 5dd026409..8a0f72dc2 100644 --- a/pkg/resources/nifi/nifi.go +++ b/pkg/resources/nifi/nifi.go @@ -21,7 +21,7 @@ import ( "strings" "emperror.dev/errors" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/dataflow" "github.com/Orange-OpenSource/nifikop/pkg/clientwrappers/scale" "github.com/Orange-OpenSource/nifikop/pkg/errorfactory" @@ -215,7 +215,6 @@ func (r *Reconciler) Reconcile(log logr.Logger) error { return err } - // Reconcile cluster communications pgRootId, err := dataflow.RootProcessGroup(r.Client, r.NifiCluster) if err != nil { @@ -231,7 +230,7 @@ func (r *Reconciler) Reconcile(log logr.Logger) error { return errors.WrapIf(err, "failed to reconcile resource") } } - + log.V(1).Info("Reconciled") return nil @@ -650,7 +649,7 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { pkicommon.LabelsForNifiPKI(r.NifiCluster.Name), r.NifiCluster, ), Spec: v1alpha1.NifiUserSpec{ - Identity: managedUser.GetIdentity(), + Identity: managedUser.GetIdentity(), CreateCert: &pFalse, ClusterRef: v1alpha1.ClusterReference{ Name: r.NifiCluster.Name, @@ -676,6 +675,7 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { } groups := []*v1alpha1.NifiUserGroup{ + // Managed admins { ObjectMeta: templates.ObjectMeta( "managed-admins", @@ -683,7 +683,7 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { ), Spec: v1alpha1.NifiUserGroupSpec{ ClusterRef: v1alpha1.ClusterReference{ - Name: r.NifiCluster.Name, + Name: r.NifiCluster.Name, Namespace: r.NifiCluster.Namespace, }, UsersRef: append(managedAdminUserRef, v1alpha1.UserReference{ @@ -728,6 +728,7 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { }, }, }, + // Managed Readers { ObjectMeta: templates.ObjectMeta( "managed-readers", @@ -735,10 +736,10 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { ), Spec: v1alpha1.NifiUserGroupSpec{ ClusterRef: v1alpha1.ClusterReference{ - Name: r.NifiCluster.Name, + Name: r.NifiCluster.Name, Namespace: r.NifiCluster.Namespace, }, - UsersRef: managedAdminUserRef, + UsersRef: managedReaderUserRef, AccessPolicies: []v1alpha1.AccessPolicy{ // Global {Type: v1alpha1.GlobalAccessPolicyType, Action: v1alpha1.ReadAccessPolicyAction, Resource: v1alpha1.FlowAccessPolicyResource}, @@ -760,6 +761,7 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { }, }, }, + // Managed Nodes { ObjectMeta: templates.ObjectMeta( "managed-nodes", @@ -767,7 +769,7 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { ), Spec: v1alpha1.NifiUserGroupSpec{ ClusterRef: v1alpha1.ClusterReference{ - Name: r.NifiCluster.Name, + Name: r.NifiCluster.Name, Namespace: r.NifiCluster.Namespace, }, UsersRef: managedNodeUserRef, @@ -797,4 +799,4 @@ func (r *Reconciler) reconcileNifiUsersAndGroups(log logr.Logger) error { } return nil -} \ No newline at end of file +} diff --git a/pkg/resources/nifi/pod.go b/pkg/resources/nifi/pod.go index 468b789c5..2e13e93bf 100644 --- a/pkg/resources/nifi/pod.go +++ b/pkg/resources/nifi/pod.go @@ -16,21 +16,21 @@ package nifi import ( "fmt" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" "sort" "strings" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/nificlient" - "github.com/go-logr/logr" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" "github.com/Orange-OpenSource/nifikop/pkg/util" nifiutil "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" pkicommon "github.com/Orange-OpenSource/nifikop/pkg/util/pki" zk "github.com/Orange-OpenSource/nifikop/pkg/util/zookeeper" + "github.com/go-logr/logr" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/api/resource" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" ) const ( @@ -53,7 +53,7 @@ const ( ContainerName string = "nifi" ) -func (r *Reconciler) pod(id int32, nodeConfig *v1alpha1.NodeConfig, pvcs []corev1.PersistentVolumeClaim, log logr.Logger) runtime.Object { +func (r *Reconciler) pod(id int32, nodeConfig *v1alpha1.NodeConfig, pvcs []corev1.PersistentVolumeClaim, log logr.Logger) runtimeClient.Object { zkAddress := r.NifiCluster.Spec.ZKAddress zkHostname := zk.GetHostnameAddress(zkAddress) @@ -122,10 +122,9 @@ func (r *Reconciler) pod(id int32, nodeConfig *v1alpha1.NodeConfig, pvcs []corev failCondition := "" - if val, ok := r.NifiCluster.Status.NodesState[fmt.Sprint(id)]; !ok || ( - val.InitClusterNode != v1alpha1.IsInitClusterNode && - (val.GracefulActionState.State == v1alpha1.GracefulUpscaleRequired || - val.GracefulActionState.State == v1alpha1.GracefulUpscaleRunning)) { + if val, ok := r.NifiCluster.Status.NodesState[fmt.Sprint(id)]; !ok || (val.InitClusterNode != v1alpha1.IsInitClusterNode && + (val.GracefulActionState.State == v1alpha1.GracefulUpscaleRequired || + val.GracefulActionState.State == v1alpha1.GracefulUpscaleRunning)) { failCondition = `else echo fail to request cluster exit 1 diff --git a/pkg/resources/nifi/poddisruptionbudget.go b/pkg/resources/nifi/poddisruptionbudget.go index 180c6119c..d64c51292 100644 --- a/pkg/resources/nifi/poddisruptionbudget.go +++ b/pkg/resources/nifi/poddisruptionbudget.go @@ -3,6 +3,7 @@ package nifi import ( "fmt" "math" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" "strconv" "strings" @@ -11,12 +12,10 @@ import ( "github.com/go-logr/logr" policyv1beta1 "k8s.io/api/policy/v1beta1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" ) - -func (r *Reconciler) podDisruptionBudget(log logr.Logger) (runtime.Object, error) { +func (r *Reconciler) podDisruptionBudget(log logr.Logger) (runtimeClient.Object, error) { minAvailable, err := r.computeMinAvailable(log) if err != nil { @@ -44,6 +43,7 @@ func (r *Reconciler) podDisruptionBudget(log logr.Logger) (runtime.Object, error }, nil } + // Calculate maxUnavailable as max between nodeCount - 1 (so we only allow 1 node to be disrupted) // and 1 (to cover for 1 node clusters) func (r *Reconciler) computeMinAvailable(log logr.Logger) (intstr.IntOrString, error) { @@ -86,4 +86,4 @@ func (r *Reconciler) computeMinAvailable(log logr.Logger) (intstr.IntOrString, e } return intstr.FromInt(util.Max(1, nodes-budget)), nil -} \ No newline at end of file +} diff --git a/pkg/resources/nifi/pvc.go b/pkg/resources/nifi/pvc.go index 45dc9bb5b..1aa6b905b 100644 --- a/pkg/resources/nifi/pvc.go +++ b/pkg/resources/nifi/pvc.go @@ -16,10 +16,10 @@ package nifi import ( "fmt" - "github.com/go-logr/logr" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" "github.com/Orange-OpenSource/nifikop/pkg/util" + "github.com/go-logr/logr" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" ) diff --git a/pkg/resources/nifi/service.go b/pkg/resources/nifi/service.go index 9ec3d7484..414902508 100644 --- a/pkg/resources/nifi/service.go +++ b/pkg/resources/nifi/service.go @@ -16,16 +16,16 @@ package nifi import ( "fmt" - "github.com/go-logr/logr" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" "github.com/Orange-OpenSource/nifikop/pkg/util" + "github.com/go-logr/logr" corev1 "k8s.io/api/core/v1" - "k8s.io/apimachinery/pkg/runtime" "k8s.io/apimachinery/pkg/util/intstr" + runtimeClient "sigs.k8s.io/controller-runtime/pkg/client" "strings" ) -func (r *Reconciler) service(id int32, log logr.Logger) runtime.Object { +func (r *Reconciler) service(id int32, log logr.Logger) runtimeClient.Object { usedPorts := r.generateServicePortForInternalListeners() diff --git a/pkg/resources/reconciler.go b/pkg/resources/reconciler.go index dbcdc9faf..90efdcc51 100644 --- a/pkg/resources/reconciler.go +++ b/pkg/resources/reconciler.go @@ -15,8 +15,8 @@ package resources import ( + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/go-logr/logr" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" corev1 "k8s.io/api/core/v1" "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/pkg/resources/templates/config/nifi_properties.go b/pkg/resources/templates/config/nifi_properties.go index c4a60c4cc..b3543bfb7 100644 --- a/pkg/resources/templates/config/nifi_properties.go +++ b/pkg/resources/templates/config/nifi_properties.go @@ -17,9 +17,9 @@ package config import ( "fmt" - "github.com/go-logr/logr" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" + "github.com/go-logr/logr" ) var NifiPropertiesTemplate = `# Licensed to the Apache Software Foundation (ASF) under one or more diff --git a/pkg/resources/templates/templates.go b/pkg/resources/templates/templates.go index 9222bca7e..86375d23a 100644 --- a/pkg/resources/templates/templates.go +++ b/pkg/resources/templates/templates.go @@ -15,7 +15,7 @@ package templates import ( - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/util" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/pkg/util/cert/certutil.go b/pkg/util/cert/certutil.go index f3a8cc5f5..3b42dceac 100644 --- a/pkg/util/cert/certutil.go +++ b/pkg/util/cert/certutil.go @@ -27,7 +27,7 @@ import ( "strings" "time" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" certv1 "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1alpha2" keystore "github.com/pavel-v-chernykh/keystore-go" corev1 "k8s.io/api/core/v1" diff --git a/pkg/util/cert/certutil_test.go b/pkg/util/cert/certutil_test.go index c4b03d11d..d87f8d2ff 100644 --- a/pkg/util/cert/certutil_test.go +++ b/pkg/util/cert/certutil_test.go @@ -22,7 +22,7 @@ import ( "reflect" "testing" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" corev1 "k8s.io/api/core/v1" ) diff --git a/pkg/util/nifi/common.go b/pkg/util/nifi/common.go index b3ef3f459..84491baf6 100644 --- a/pkg/util/nifi/common.go +++ b/pkg/util/nifi/common.go @@ -19,7 +19,7 @@ import ( "strconv" "time" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" ) const ( diff --git a/pkg/util/nifi/common_test.go b/pkg/util/nifi/common_test.go index 3b3afc618..284024d91 100644 --- a/pkg/util/nifi/common_test.go +++ b/pkg/util/nifi/common_test.go @@ -18,8 +18,8 @@ import ( "fmt" "testing" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/stretchr/testify/assert" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" ) const ( @@ -227,7 +227,7 @@ func TestComputeServiceNameFull(t *testing.T) { cluster := testClusterLocal(t) cluster.Spec.Service.HeadlessEnabled = true - assert.Equal(fmt.Sprintf("%s.%s.svc", ComputeServiceName(clusterName, true, ), clusterNamespace), + assert.Equal(fmt.Sprintf("%s.%s.svc", ComputeServiceName(clusterName, true), clusterNamespace), ComputeServiceNameFull(cluster.Name, cluster.Namespace, cluster.Spec.Service.HeadlessEnabled, cluster.Spec.ListenersConfig.UseExternalDNS)) @@ -243,7 +243,7 @@ func TestComputeServiceNameWithNamespace(t *testing.T) { cluster := testClusterLocal(t) cluster.Spec.Service.HeadlessEnabled = true - assert.Equal(fmt.Sprintf("%s.%s", ComputeServiceName(clusterName, true, ), clusterNamespace), + assert.Equal(fmt.Sprintf("%s.%s", ComputeServiceName(clusterName, true), clusterNamespace), ComputeServiceNameWithNamespace(cluster.Name, cluster.Namespace, cluster.Spec.Service.HeadlessEnabled, cluster.Spec.ListenersConfig.UseExternalDNS)) @@ -395,7 +395,7 @@ func TestComputeNodeServiceName(t *testing.T) { ComputeServiceName(cluster.Name, cluster.Spec.Service.HeadlessEnabled)), ComputeNodeServiceName(node.Id, cluster.Name, - cluster.Spec.Service.HeadlessEnabled, )) + cluster.Spec.Service.HeadlessEnabled)) } } } diff --git a/pkg/util/pki/common.go b/pkg/util/pki/common.go index 1ad2da50c..018984f1e 100644 --- a/pkg/util/pki/common.go +++ b/pkg/util/pki/common.go @@ -19,7 +19,7 @@ import ( "crypto/tls" "fmt" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" certutil "github.com/Orange-OpenSource/nifikop/pkg/util/cert" "github.com/Orange-OpenSource/nifikop/pkg/util/nifi" @@ -225,4 +225,4 @@ func ControllerUserForCluster(cluster *v1alpha1.NifiCluster) *v1alpha1.NifiUser }, }, } -} \ No newline at end of file +} diff --git a/pkg/util/pki/pki_common_test.go b/pkg/util/pki/pki_common_test.go index e4f31f1f9..edf2abae6 100644 --- a/pkg/util/pki/pki_common_test.go +++ b/pkg/util/pki/pki_common_test.go @@ -16,13 +16,13 @@ package pki import ( "fmt" - "reflect" - "testing" - "github.com/stretchr/testify/assert" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "github.com/Orange-OpenSource/nifikop/pkg/resources/templates" "github.com/Orange-OpenSource/nifikop/pkg/util" certutil "github.com/Orange-OpenSource/nifikop/pkg/util/cert" + "github.com/stretchr/testify/assert" + "reflect" + "testing" ) func testCluster(t *testing.T) *v1alpha1.NifiCluster { diff --git a/pkg/util/util.go b/pkg/util/util.go index d72b2714f..e40681523 100644 --- a/pkg/util/util.go +++ b/pkg/util/util.go @@ -20,7 +20,7 @@ import ( "strconv" "strings" - "github.com/Orange-OpenSource/nifikop/pkg/apis/nifi/v1alpha1" + "github.com/Orange-OpenSource/nifikop/api/v1alpha1" "emperror.dev/errors" "github.com/imdario/mergo" diff --git a/tools/health/go.mod b/tools/health/go.mod deleted file mode 100644 index 1ce520f9a..000000000 --- a/tools/health/go.mod +++ /dev/null @@ -1,5 +0,0 @@ -module main.go - -go 1.13 - -require github.com/sirupsen/logrus v1.4.2 diff --git a/tools/health/go.sum b/tools/health/go.sum deleted file mode 100644 index 2377f40bf..000000000 --- a/tools/health/go.sum +++ /dev/null @@ -1,10 +0,0 @@ -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk= -github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/sirupsen/logrus v1.4.2 h1:SPIRibHv4MatM3XXNO2BJeFLZwZ2LvZgfQ5+UNI2im4= -github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE= -github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894 h1:Cz4ceDQGXuKRnVBDTS23GTn/pU5OE2C0WrNTOYK1Uuc= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= diff --git a/tools/health/main.go b/tools/health/main.go deleted file mode 100644 index 9af0888a9..000000000 --- a/tools/health/main.go +++ /dev/null @@ -1,36 +0,0 @@ -// Copyright 2020 Orange SA -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License.package apis - -package main - -import ( - "os" - - "github.com/sirupsen/logrus" -) - -// In scratch docker container, there is no binary and we cannot stat the file -// this binary goal is to be used by the k8s healthcheck for NiFiKop -func main() { - if _, err := os.Stat("/tmp/operator-sdk-ready"); err == nil { - os.Exit(0) - - } else if os.IsNotExist(err) { - logrus.Infof("error file don't exists : %v", err) - os.Exit(1) - } else { - logrus.Infof("error %v", err) - os.Exit(1) - } -} diff --git a/tools/publish_helm_gcs.sh b/tools/publish_helm_gcs.sh index fc697d910..f21f9aaf1 100755 --- a/tools/publish_helm_gcs.sh +++ b/tools/publish_helm_gcs.sh @@ -18,9 +18,10 @@ set -o errexit set -o nounset set -o pipefail + HELM_TARGET_DIR=$(pwd)/tmp/incubator -readonly HELM_URL=https://storage.googleapis.com/kubernetes-helm -readonly HELM_TARBALL=helm-v2.9.1-linux-amd64.tar.gz +readonly HELM_URL=https://get.helm.sh +readonly HELM_TARBALL=helm-v3.4.2-linux-amd64.tar.gz #readonly HELM_TARBALL=helm-v2.9.1-darwin-amd64.tar.gz #readonly STABLE_REPO_URL=https://orange-kubernetes-charts.storage.googleapis.com/ readonly INCUBATOR_REPO_URL=https://orange-kubernetes-charts-incubator.storage.googleapis.com/ @@ -35,7 +36,7 @@ main() { # if ! sync_repo stable "$GCS_BUCKET_STABLE" "$STABLE_REPO_URL"; then # log_error "Not all stable charts could be packaged and synced!" # fi - if ! sync_repo ${HELM_TARGET_DIR} "$GCS_BUCKET_INCUBATOR" "$INCUBATOR_REPO_URL"; then + if ! sync_repo ${HELM_TARGET_DIR} "$GCS_BUCKET_INCUBATOR" "$INCUBATOR_REPO_URL" "$CHART_VERSION"; then log_error "Not all incubator charts could be packaged and pushed!" fi } @@ -45,12 +46,13 @@ setup_helm_client() { curl --user-agent curl-ci-sync -sSL -o "$HELM_TARBALL" "$HELM_URL/$HELM_TARBALL" tar xzfv "$HELM_TARBALL" -C tmp + rm -f "$HELM_TARBALL" # PATH="$(pwd)/tmp/darwin-amd64/:$PATH" PATH="$(pwd)/tmp/linux-amd64/:$PATH" - helm init --client-only - helm repo add incubator-orange "$INCUBATOR_REPO_URL" +# helm init --client-only + helm repo add orange-incubator "$INCUBATOR_REPO_URL" } authenticate() { @@ -62,8 +64,10 @@ sync_repo() { local target_dir="${1?Specify repo dir}" local bucket="${2?Specify repo bucket}" local repo_url="${3?Specify repo url}" + local chart_version="${4?Specify chart version}" local index_dir="${target_dir}-index" + echo "Syncing repo '$target_dir'..." mkdir -p "$target_dir" @@ -75,9 +79,16 @@ sync_repo() { local exit_code=0 echo "Packaging operators ..." - if ! HELM_TARGET_DIR=${target_dir} make helm-package; then - log_error "Problem packaging operator" - exit_code=1 + if [[ -n "$chart_version" ]]; then + if ! HELM_TARGET_DIR=${target_dir} make helm-package; then + log_error "Problem packaging operator" + exit_code=1 + fi + else + if ! CHART_VERSION=${chart_version} HELM_TARGET_DIR=${target_dir} make helm-package; then + log_error "Problem packaging operator" + exit_code=1 + fi fi if helm repo index --url "$repo_url" --merge "$index_dir/index.yaml" "$target_dir"; then @@ -102,4 +113,4 @@ log_error() { printf '\e[31mERROR: %s\n\e[39m' "$1" >&2 } -main \ No newline at end of file +main diff --git a/website/docs/1_concepts/2_design_principes.md b/website/docs/1_concepts/2_design_principes.md index fc2e3f00d..9cbfa578e 100644 --- a/website/docs/1_concepts/2_design_principes.md +++ b/website/docs/1_concepts/2_design_principes.md @@ -14,16 +14,16 @@ All NiFi on Kubernetes setup use [StatefulSet](https://kubernetes.io/docs/concep How does this looks from the perspective of Apache NiFi ? -With StatefulSet we get: +With StatefulSet we get : - unique Node IDs generated during Pod startup - networking between Nodes with headless services - unique Persistent Volumes for Nodes -Using StatefulSet we **lose:** +Using StatefulSet we **lose** the ability to : -- the ability to modify the configuration of unique Nodes -- to remove a specific Node from a cluster (StatefulSet always removes the most recently created Node) -- to use multiple, different Persistent Volumes for each Node +- modify the configuration of unique Nodes +- remove a specific Node from a cluster (StatefulSet always removes the most recently created Node) +- use multiple, different Persistent Volumes for each Node The Orange NiFi Operator uses `simple` Pods, ConfigMaps, and PersistentVolumeClaims, instead of StatefulSet (based on the design used by [Banzai Cloud Kafka Operator](https://github.com/banzaicloud/kafka-operator)). Using these resources allows us to build an Operator which is better suited to NiFi. @@ -38,13 +38,13 @@ With the Orange NiFi operator we can: The [Dataflow Lifecycle management feature](/nifikop/docs/1_concepts/3_features#dataflow-lifecycle-management-via-crd) introduces 3 new CRDs : -- **NiFiRegistryClient :** Allowing you to declare a registry client. +- **NiFiRegistryClient :** Allowing you to declare a [NiFi registry client](https://nifi.apache.org/docs/nifi-registry-docs/html/getting-started.html#connect-nifi-to-the-registry). - **NiFiParameterContext :** Allowing you to create parameter context, with two kinds of parameters, a simple `map[string]string` for non-sensitive parameters and a `list of secrets` which contains sensitive parameters. - **NiFiDataflow :** Allowing you to declare a Dataflow based on a `NiFiRegistryClient` and optionally a `ParameterContext`, which will be deployed and managed by the operator on the `targeted NiFi cluster`. The following diagram shows the interactions between all the components : -![dataflow lifecycle managmenet schema](/nifikop/img/1_concepts/2_design_principes/dataflow_lifecycle_management_schema.jpg) +![dataflow lifecycle management schema](/nifikop/img/1_concepts/2_design_principes/dataflow_lifecycle_management_schema.jpg) With each CRD comes a new controller, with a reconcile loop : diff --git a/website/docs/1_concepts/3_features.md b/website/docs/1_concepts/3_features.md index 90449fb24..6ccd1e78d 100644 --- a/website/docs/1_concepts/3_features.md +++ b/website/docs/1_concepts/3_features.md @@ -16,7 +16,7 @@ Apache NiFi is a good candidate to create an operator, because everything is mad ## Graceful Rolling Upgrade -Operator supports graceful rolling upgrade, It means the operator will check if the cluster is healthy. +Operator supports graceful rolling upgrade. It means the operator will check if the cluster is healthy. ## Dynamic Configuration Support diff --git a/website/docs/2_setup/1_getting_started.md b/website/docs/2_setup/1_getting_started.md index 1ec29a258..60192aab4 100644 --- a/website/docs/2_setup/1_getting_started.md +++ b/website/docs/2_setup/1_getting_started.md @@ -6,7 +6,7 @@ sidebar_label: Getting Started import Tabs from '@theme/Tabs'; import TabItem from '@theme/TabItem'; -The operator installs the 1.11.4 version of Apache NiFi, and can run on Minikube v0.33.1+ and Kubernetes 1.12.0+. +The operator installs the 1.12.1 version of Apache NiFi, can run on Minikube v0.33.1+ and **Kubernetes 1.16.0+**, and require **Helm 3**. :::info The operator supports NiFi 1.11.0+ @@ -28,16 +28,20 @@ helm repo add bitnami https://charts.bitnami.com/bitnami ```bash # You have to create the namespace before executing following command -helm install nifikop-zk bitnami/zookeeper \ +helm install zookeeper bitnami/zookeeper \ --set resources.requests.memory=256Mi \ --set resources.requests.cpu=250m \ --set resources.limits.memory=256Mi \ --set resources.limits.cpu=250m \ - --set global.storageClass=local-storage \ + --set global.storageClass=standard \ --set networkPolicy.enabled=true \ --set replicaCount=3 ``` +:::warning +Replace the `storageClass` parameter value with your own. +::: + ### Install cert-manager The NiFiKop operator uses `cert-manager` for issuing certificates to users and and nodes, so you'll need to have it setup in case you want to deploy a secured cluster with authentication enabled. @@ -47,7 +51,6 @@ The NiFiKop operator uses `cert-manager` for issuing certificates to users and a values={[ { label: 'Directly', value: 'directly', }, { label: 'helm 3', value: 'helm3', }, - { label: 'helm previous', value: 'helm', }, ] }> @@ -75,24 +78,6 @@ helm install cert-manager \ --version v0.15.1 jetstack/cert-manager ``` - - - -```bash -# Install CustomResourceDefinitions first -kubectl apply --validate=false -f \ - https://github.com/jetstack/cert-manager/releases/download/v0.15.1/cert-manager.crds.yaml - -# Add the jetstack helm repo -helm repo add jetstack https://charts.jetstack.io -helm repo update - -# Using previous versions of helm -helm install --name cert-manager \ - --namespace cert-manager \ - --version v0.15.1 \ - jetstack/cert-manager -``` @@ -102,62 +87,35 @@ helm install --name cert-manager \ You can deploy the operator using a Helm chart [Helm chart](https://github.com/Orange-OpenSource/nifikop/tree/master/helm): -> To install an other version of the operator use `helm install --name=nifikop --namespace=nifi --set operator.image.tag=x.y.z orange-incubator/nifikop` - -In the case where you don't want to deploy the crds using helm (`--skip-crds`) or you are using a version of kubernetes that is under 1.16, you have to deploy manually the crds : +> To install an other version of the operator use `helm install --name=nifikop --namespace=nifi --set operator.image.tag=x.y.z orange-incubator/nifikop` - - +In the case where you don't want to deploy the crds using helm (`--skip-crds`), you have to deploy manually the crds : ```bash -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nificlusters_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiusers_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiusergroups_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifidataflows_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiparametercontexts_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiregistryclients_crd.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nificlusters.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiusers.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiusergroups.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifidataflows.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiparametercontexts.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiregistryclients.yaml ``` - - +Add the orange incubator repository : ```bash -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nificlusters_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiusers_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiusergroups_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifidataflows_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiparametercontexts_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiregistryclients_crd.yaml -``` - - -Now deploy the helm chart : - -```bash helm repo add orange-incubator https://orange-kubernetes-charts-incubator.storage.googleapis.com/ ``` - - +Now deploy the helm chart : ```bash # You have to create the namespace before executing following command helm install nifikop \ orange-incubator/nifikop \ --namespace=nifi \ + --version 0.4.2-alpha \ + --set image.tag=v0.4.2-alpha-release \ --set resources.requests.memory=256Mi \ --set resources.requests.cpu=250m \ --set resources.limits.memory=256Mi \ @@ -165,21 +123,9 @@ helm install nifikop \ --set namespaces={"nifi"} ``` - - - -```bash -helm install --name=nifikop \ - orange-incubator/nifikop \ - --namespace=nifi \ - --set resources.requests.memory=256Mi \ - --set resources.requests.cpu=250m \ - --set resources.limits.memory=256Mi \ - --set resources.limits.cpu=250m \ - --set namespaces={"nifi"} -``` - - +:::note +Add the following parameter if you are using this instance to only deploy unsecured clusters : `--set certManager.enabled=false` +::: ## Create custom storage class diff --git a/website/docs/2_setup/3_install/1_customizable_install_with_helm.md b/website/docs/2_setup/3_install/1_customizable_install_with_helm.md index d4735c0c4..e719f379c 100644 --- a/website/docs/2_setup/3_install/1_customizable_install_with_helm.md +++ b/website/docs/2_setup/3_install/1_customizable_install_with_helm.md @@ -9,7 +9,7 @@ import TabItem from '@theme/TabItem'; ## Prerequisites - Perform any necessary [plateform-specific setup](/nifikop/docs/2_setup/2_platform_setup/1_gke) -- [Install a Helm client](https://github.com/helm/helm#install) with a version higher than 2.10 +- [Install a Helm client](https://github.com/helm/helm#install) with a version higher than 3 ## Introduction @@ -55,40 +55,18 @@ $ helm install nifikop \ ### Installing the Chart -:::important Helm 3 users -In the case where you don't want to deploy the crds using helm (`--skip-crds`) or you are using a version of kubernetes that is under 1.16, you need to deploy manually the crds beforehand: - - - +:::important Skip CRDs +In the case where you don't want to deploy the crds using helm (`--skip-crds`) you need to deploy manually the crds beforehand: ```bash -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nificlusters_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiusers_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiusergroups_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifidataflows_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiparametercontexts_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1/nifi.orange.com_nifiregistryclients_crd.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nificlusters.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiusers.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiusergroups.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifidataflows.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiparametercontexts.yaml +kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/config/crd/bases/nifi.orange.com_nifiregistryclients.yaml ``` - - - -```bash -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nificlusters_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiusers_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiusergroups_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifidataflows_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiparametercontexts_crd.yaml -kubectl apply -f https://raw.githubusercontent.com/Orange-OpenSource/nifikop/master/deploy/crds/v1beta1/nifi.orange.com_nifiregistryclients_crd.yaml -``` - - ::: ```bash -helm install nifikop orange-incubator/nifikop --set namespaces={"nifikop"} +helm install orange-incubator/nifikop ``` @@ -144,7 +122,7 @@ If you want to delete the operator from your Kubernetes cluster, the operator de should be deleted. ``` -$ helm del nifikop +helm del nifikop ``` The command removes all the Kubernetes components associated with the chart and deletes the helm release. @@ -167,7 +145,7 @@ kubectl delete crd nifidataflows.nifi.orange.com :::warning If you delete the CRD then It will delete **ALL** Clusters that has been created using this CRD!!! -Please never delete a CRD without very very good care +Please never delete a CRD without very good care ::: Helm always keeps records of what releases happened. Need to see the deleted releases ? diff --git a/website/docs/3_tasks/3_nifi_dataflow.md b/website/docs/3_tasks/3_nifi_dataflow.md index 9b01c9764..79695265e 100644 --- a/website/docs/3_tasks/3_nifi_dataflow.md +++ b/website/docs/3_tasks/3_nifi_dataflow.md @@ -59,7 +59,7 @@ spec: description: toto ``` -As you can see, in the [NifiParameterContext] you can refer to some secrets that will be converted into [sensitive parameter](https://nifi.apache.org/docs/nifi-docs/html/user-guide.html#using-parameters-with-sensitive-properties)/ +As you can see, in the [NifiParameterContext] you can refer to some secrets that will be converted into [sensitive parameter](https://nifi.apache.org/docs/nifi-docs/html/user-guide.html#using-parameters-with-sensitive-properties). Here is an example of secret that you can create that will be used by the configuration above : @@ -113,10 +113,10 @@ You have two modes of control from your dataflow by the operator : 1 - `Spec.RunOnce == true` : The operator will deploy the dataflow as described in the resource, run it once, and never control it again (unless you change the field to `false`). It is useful when you want to deploy your dataflow in a dev environment, and you want to update the dataflow. -2 - `Spec.RunOnce == true` : The operator will deploy and ensure the dataflow lifecycle, it will avoid all manual modification directly from the Cluster (e.g remove the process group, remove the versioning, update the parent process group, make some local changes ...). If you want to perform update, rollback or stuff like this, you have to simply update the [NifiDataflow] resource. +2 - `Spec.RunOnce == false` : The operator will deploy and ensure the dataflow lifecycle, it will avoid all manual modification directly from the Cluster (e.g remove the process group, remove the versioning, update the parent process group, make some local changes ...). If you want to perform update, rollback or stuff like this, you have to simply update the [NifiDataflow] resource. -:::info -More information about `Spec.UpdateStrategy` [here](http://localhost:3000/nifikop/docs/5_references/5_nifi_dataflow#dataflowupdatestrategy) +:::important +More information about `Spec.UpdateStrategy` [here](/nifikop/docs/5_references/5_nifi_dataflow#dataflowupdatestrategy) ::: [NifiDataflow]: /nifikop/docs/5_references/5_nifi_dataflow diff --git a/website/docs/6_contributing/1_developer_guide.md b/website/docs/6_contributing/1_developer_guide.md index a292bf301..d35e3a72a 100644 --- a/website/docs/6_contributing/1_developer_guide.md +++ b/website/docs/6_contributing/1_developer_guide.md @@ -10,26 +10,11 @@ sidebar_label: Developer guide NiFiKop has been validated with : -- [dep](dep_tool) version v0.5.1+. -- [go](go_tool) version v1.13+. -- [docker](docker_tool) version 18.09+. -- [kubectl](kubectl_tool) version v1.13.3+. -- [Helm](https://helm.sh/) version v2.12.2. -- [Operator sdk](https://github.com/operator-framework/operator-sdk) version v0.18.2 - -### Install the Operator SDK CLI - -First, checkout and install the operator-sdk CLI: - -```bash -mkdir -p $GOPATH/src/github.com/operator-framework/ -cd $GOPATH/src/github.com/operator-framework/ -git clone https://github.com/operator-framework/operator-sdk.git -cd operator-sdk -git checkout v1.18.0 -make tidy -make install -``` +- [go](go_tool) version v1.15+. +- [docker](docker_tool) version 18.09+ +- [kubectl](kubectl_tool) version v1.16+ +- [Helm](https://helm.sh/) version v3.4.2 +- [Operator sdk](https://github.com/operator-framework/operator-sdk) version v1.3.0 ### Initial setup @@ -40,6 +25,10 @@ git clone https://github.com/Orange-OpenSource/nifikop.git cd nifikop ``` +### Operator sdk + +The full list of command is available here : https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.0.0/#cli-changes + ### Build NiFiKop #### Local environment @@ -50,24 +39,6 @@ If you prefer working directly with your local go environment you can simply use make build ``` -#### Cross platform build environment - -Build the docker image which will be used to build NiFiKop docker image - -```bash -make build-ci-image -``` - -:::tip -If you want to change the operator-sdk version change the **OPERATOR_SDK_VERSION** in the Makefile. -::: - -Then build NiFiKop (code & image) - -```bash -make docker-build -``` - ### Run NiFiKop We can quickly run NiFiKop in development mode (on your local host), then it will use your kubectl configuration file to connect to your kubernetes cluster. @@ -101,11 +72,11 @@ Set the name of the operator in an environment variable Deploy the CRDs. ```bash -kubectl apply -f deploy/crds/nifi.orange.com_nificlusters_crd.yaml -kubectl apply -f deploy/crds/nifi.orange.com_nifidataflows_crd.yaml -kubectl apply -f deploy/crds/nifi.orange.com_nifiparametercontexts_crd.yaml -kubectl apply -f deploy/crds/nifi.orange.com_nifiregistryclients_crd.yaml -kubectl apply -f deploy/crds/nifi.orange.com_nifiusers_crd.yaml +kubectl apply -f config/crd/bases/nifi.orange.com_nificlusters.yaml +kubectl apply -f config/crd/bases/nifi.orange.com_nifidataflows.yaml +kubectl apply -f config/crd/bases/nifi.orange.com_nifiparametercontexts.yaml +kubectl apply -f config/crd/bases/nifi.orange.com_nifiregistryclients.yaml +kubectl apply -f config/crd/bases/nifi.orange.com_nifiusers.yaml ``` And deploy the operator. @@ -130,7 +101,7 @@ make docker-build Push the image to docker hub (or to whichever repo you want to use) ```bash -$ make push +$ make docker-push ``` :::info @@ -142,7 +113,7 @@ Install the Helm chart. ```bash helm install skeleton ./helm/nifikop \ --set image.tag=v0.4.2-alpha-release \ - --namesapce-{"nifikop"} + --namespace-{"nifikop"} ``` :::important @@ -169,4 +140,4 @@ In order to package the chart you need to run the following command. ```bash make helm-package -``` +``` \ No newline at end of file