Skip to content

Commit

Permalink
UPSTREAM: <carry>: kube-apiserver: allow rewiring
Browse files Browse the repository at this point in the history
openshift-rebase(v1.24):source=87f75213acc

openshift-rebase(v1.24):source=87f75213acc

openshift-rebase(v1.24):source=87f75213acc
  • Loading branch information
deads2k authored and soltysh committed Sep 20, 2022
1 parent 0385e16 commit bcf574c
Show file tree
Hide file tree
Showing 6 changed files with 42 additions and 15 deletions.
6 changes: 6 additions & 0 deletions cmd/kube-apiserver/app/options/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,8 @@ type ServerRunOptions struct {
ServiceAccountTokenMaxExpiration time.Duration

ShowHiddenMetricsForVersion string

OpenShiftConfig string
}

// NewServerRunOptions creates a new ServerRunOptions object with default parameters
Expand Down Expand Up @@ -247,5 +249,9 @@ func (s *ServerRunOptions) Flags() (fss cliflag.NamedFlagSets) {
fs.StringVar(&s.ServiceAccountSigningKeyFile, "service-account-signing-key-file", s.ServiceAccountSigningKeyFile, ""+
"Path to the file that contains the current private key of the service account token issuer. The issuer will sign issued ID tokens with this private key.")

fs.StringVar(&s.OpenShiftConfig, "openshift-config", s.OpenShiftConfig, "config for openshift")
fs.MarkDeprecated("openshift-config", "to be removed")
fs.MarkHidden("openshift-config")

return fss
}
5 changes: 2 additions & 3 deletions cmd/kube-apiserver/app/patch_openshift.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,12 +4,11 @@ import (
"k8s.io/apiserver/pkg/admission"
genericapiserver "k8s.io/apiserver/pkg/server"
clientgoinformers "k8s.io/client-go/informers"
"k8s.io/kubernetes/openshift-kube-apiserver/openshiftkubeapiserver"
"k8s.io/kubernetes/pkg/master"
)

type KubeAPIServerConfigFunc func(config *genericapiserver.Config, versionedInformers clientgoinformers.SharedInformerFactory, pluginInitializers *[]admission.PluginInitializer) (genericapiserver.DelegationTarget, error)

var OpenShiftKubeAPIServerConfigPatch KubeAPIServerConfigFunc = nil
var OpenShiftKubeAPIServerConfigPatch openshiftkubeapiserver.KubeAPIServerConfigFunc = nil

type KubeAPIServerServerFunc func(server *master.Master) error

Expand Down
33 changes: 33 additions & 0 deletions cmd/kube-apiserver/app/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,11 @@ import (
"strings"
"time"

"k8s.io/kubernetes/openshift-kube-apiserver/configdefault"
"k8s.io/kubernetes/openshift-kube-apiserver/enablement"
"k8s.io/kubernetes/openshift-kube-apiserver/openshiftkubeapiserver"

"github.com/go-openapi/spec"
"github.com/spf13/cobra"

oteltrace "go.opentelemetry.io/otel/trace"
Expand Down Expand Up @@ -117,6 +122,31 @@ cluster's shared state through which all other components interact.`,
}
cliflag.PrintFlags(fs)

if len(s.OpenShiftConfig) > 0 {
enablement.ForceOpenShift()
openshiftConfig, err := enablement.GetOpenshiftConfig(s.OpenShiftConfig)
if err != nil {
klog.Fatal(err)
}

// this forces a patch to be called
// TODO we're going to try to remove bits of the patching.
configPatchFn, serverPatchContext := openshiftkubeapiserver.NewOpenShiftKubeAPIServerConfigPatch(genericapiserver.NewEmptyDelegate(), openshiftConfig)
OpenShiftKubeAPIServerConfigPatch = configPatchFn
OpenShiftKubeAPIServerServerPatch = serverPatchContext.PatchServer

args, err := openshiftkubeapiserver.ConfigToFlags(openshiftConfig)
if err != nil {
return err
}
// hopefully this resets the flags?
if err := cmd.ParseFlags(args); err != nil {
return err
}

enablement.ForceGlobalInitializationForOpenShift(s)
}

// set default options
completedOptions, err := Complete(s)
if err != nil {
Expand Down Expand Up @@ -487,6 +517,9 @@ func buildGenericConfig(
return
}

if enablement.IsOpenShift() {
configdefault.SetAdmissionDefaults(s, versionedInformers, clientgoExternalClient)
}
err = s.Admission.ApplyTo(
genericConfig,
versionedInformers,
Expand Down
2 changes: 0 additions & 2 deletions pkg/kubeapiserver/options/admission.go
Original file line number Diff line number Diff line change
Expand Up @@ -116,8 +116,6 @@ func (a *AdmissionOptions) ApplyTo(
return nil
}

a.GenericAdmission.Decorators = append(a.GenericAdmission.Decorators, Decorators...)

if a.PluginNames != nil {
// pass PluginNames to generic AdmissionOptions
a.GenericAdmission.EnablePlugins, a.GenericAdmission.DisablePlugins = computePluginNames(a.PluginNames, a.GenericAdmission.RecommendedPluginOrder)
Expand Down
9 changes: 0 additions & 9 deletions pkg/kubeapiserver/options/patch.go

This file was deleted.

2 changes: 1 addition & 1 deletion pkg/kubeapiserver/options/plugins.go
Original file line number Diff line number Diff line change
Expand Up @@ -139,7 +139,7 @@ func RegisterAllAdmissionPlugins(plugins *admission.Plugins) {
}

// DefaultOffAdmissionPlugins get admission plugins off by default for kube-apiserver.
func defaultOffAdmissionPlugins() sets.String {
func DefaultOffAdmissionPlugins() sets.String {
defaultOnPlugins := sets.NewString(
lifecycle.PluginName, // NamespaceLifecycle
limitranger.PluginName, // LimitRanger
Expand Down

0 comments on commit bcf574c

Please sign in to comment.