mirror of
https://github.com/kubernetes/sample-controller.git
synced 2025-01-22 01:42:52 +08:00
ac45ff67c5
Automatic merge from submit-queue (batch tested with PRs 60011, 59256, 59293, 60328, 60367). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Serve OpenAPI spec with single /openapi/v2 endpoint **What this PR does / why we need it**: We are deprecating format-separated endpoints (`/swagger.json`, `/swagger-2.0.0.json`, `/swagger-2.0.0.pb-v1`, `/swagger-2.0.0.pb-v1.gz`) for OpenAPI spec, and switching to a single `/openapi/v2` endpoint in Kubernetes 1.10. The design doc and deprecation process are tracked at: https://docs.google.com/document/d/19lEqE9lc4yHJ3WJAJxS_G7TcORIJXGHyq3wpwcH28nU Requested format is specified by setting HTTP headers header | possible values -- | -- Accept | `application/json`, `application/com.github.proto-openapi.spec.v2@v1.0+protobuf` Accept-Encoding | `gzip` This PR changes dynamic_client (and kubectl as a result) to use the new endpoint. The old endpoints will remain in 1.10 and 1.11, and get removed in 1.12. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Fixes # **Special notes for your reviewer**: **Release note**: ```release-note action required: Deprecate format-separated endpoints for OpenAPI spec. Please use single `/openapi/v2` endpoint instead. ``` /sig api-machinery Kubernetes-commit: d6153194d929ad6c036d5bbbf67a6f892e75feb5
419 lines
15 KiB
Go
419 lines
15 KiB
Go
/*
|
|
Copyright 2015 The Kubernetes Authors.
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package discovery
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"net/url"
|
|
"sort"
|
|
"strings"
|
|
|
|
"github.com/golang/protobuf/proto"
|
|
"github.com/googleapis/gnostic/OpenAPIv2"
|
|
|
|
"k8s.io/apimachinery/pkg/api/errors"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
"k8s.io/apimachinery/pkg/runtime"
|
|
"k8s.io/apimachinery/pkg/runtime/schema"
|
|
"k8s.io/apimachinery/pkg/runtime/serializer"
|
|
"k8s.io/apimachinery/pkg/version"
|
|
"k8s.io/client-go/kubernetes/scheme"
|
|
restclient "k8s.io/client-go/rest"
|
|
)
|
|
|
|
const (
|
|
// defaultRetries is the number of times a resource discovery is repeated if an api group disappears on the fly (e.g. ThirdPartyResources).
|
|
defaultRetries = 2
|
|
// protobuf mime type
|
|
mimePb = "application/com.github.proto-openapi.spec.v2@v1.0+protobuf"
|
|
)
|
|
|
|
// DiscoveryInterface holds the methods that discover server-supported API groups,
|
|
// versions and resources.
|
|
type DiscoveryInterface interface {
|
|
RESTClient() restclient.Interface
|
|
ServerGroupsInterface
|
|
ServerResourcesInterface
|
|
ServerVersionInterface
|
|
OpenAPISchemaInterface
|
|
}
|
|
|
|
// CachedDiscoveryInterface is a DiscoveryInterface with cache invalidation and freshness.
|
|
type CachedDiscoveryInterface interface {
|
|
DiscoveryInterface
|
|
// Fresh is supposed to tell the caller whether or not to retry if the cache
|
|
// fails to find something (false = retry, true = no need to retry).
|
|
//
|
|
// TODO: this needs to be revisited, this interface can't be locked properly
|
|
// and doesn't make a lot of sense.
|
|
Fresh() bool
|
|
// Invalidate enforces that no cached data is used in the future that is older than the current time.
|
|
Invalidate()
|
|
}
|
|
|
|
// ServerGroupsInterface has methods for obtaining supported groups on the API server
|
|
type ServerGroupsInterface interface {
|
|
// ServerGroups returns the supported groups, with information like supported versions and the
|
|
// preferred version.
|
|
ServerGroups() (*metav1.APIGroupList, error)
|
|
}
|
|
|
|
// ServerResourcesInterface has methods for obtaining supported resources on the API server
|
|
type ServerResourcesInterface interface {
|
|
// ServerResourcesForGroupVersion returns the supported resources for a group and version.
|
|
ServerResourcesForGroupVersion(groupVersion string) (*metav1.APIResourceList, error)
|
|
// ServerResources returns the supported resources for all groups and versions.
|
|
ServerResources() ([]*metav1.APIResourceList, error)
|
|
// ServerPreferredResources returns the supported resources with the version preferred by the
|
|
// server.
|
|
ServerPreferredResources() ([]*metav1.APIResourceList, error)
|
|
// ServerPreferredNamespacedResources returns the supported namespaced resources with the
|
|
// version preferred by the server.
|
|
ServerPreferredNamespacedResources() ([]*metav1.APIResourceList, error)
|
|
}
|
|
|
|
// ServerVersionInterface has a method for retrieving the server's version.
|
|
type ServerVersionInterface interface {
|
|
// ServerVersion retrieves and parses the server's version (git version).
|
|
ServerVersion() (*version.Info, error)
|
|
}
|
|
|
|
// OpenAPISchemaInterface has a method to retrieve the open API schema.
|
|
type OpenAPISchemaInterface interface {
|
|
// OpenAPISchema retrieves and parses the swagger API schema the server supports.
|
|
OpenAPISchema() (*openapi_v2.Document, error)
|
|
}
|
|
|
|
// DiscoveryClient implements the functions that discover server-supported API groups,
|
|
// versions and resources.
|
|
type DiscoveryClient struct {
|
|
restClient restclient.Interface
|
|
|
|
LegacyPrefix string
|
|
}
|
|
|
|
// Convert metav1.APIVersions to metav1.APIGroup. APIVersions is used by legacy v1, so
|
|
// group would be "".
|
|
func apiVersionsToAPIGroup(apiVersions *metav1.APIVersions) (apiGroup metav1.APIGroup) {
|
|
groupVersions := []metav1.GroupVersionForDiscovery{}
|
|
for _, version := range apiVersions.Versions {
|
|
groupVersion := metav1.GroupVersionForDiscovery{
|
|
GroupVersion: version,
|
|
Version: version,
|
|
}
|
|
groupVersions = append(groupVersions, groupVersion)
|
|
}
|
|
apiGroup.Versions = groupVersions
|
|
// There should be only one groupVersion returned at /api
|
|
apiGroup.PreferredVersion = groupVersions[0]
|
|
return
|
|
}
|
|
|
|
// ServerGroups returns the supported groups, with information like supported versions and the
|
|
// preferred version.
|
|
func (d *DiscoveryClient) ServerGroups() (apiGroupList *metav1.APIGroupList, err error) {
|
|
// Get the groupVersions exposed at /api
|
|
v := &metav1.APIVersions{}
|
|
err = d.restClient.Get().AbsPath(d.LegacyPrefix).Do().Into(v)
|
|
apiGroup := metav1.APIGroup{}
|
|
if err == nil && len(v.Versions) != 0 {
|
|
apiGroup = apiVersionsToAPIGroup(v)
|
|
}
|
|
if err != nil && !errors.IsNotFound(err) && !errors.IsForbidden(err) {
|
|
return nil, err
|
|
}
|
|
|
|
// Get the groupVersions exposed at /apis
|
|
apiGroupList = &metav1.APIGroupList{}
|
|
err = d.restClient.Get().AbsPath("/apis").Do().Into(apiGroupList)
|
|
if err != nil && !errors.IsNotFound(err) && !errors.IsForbidden(err) {
|
|
return nil, err
|
|
}
|
|
// to be compatible with a v1.0 server, if it's a 403 or 404, ignore and return whatever we got from /api
|
|
if err != nil && (errors.IsNotFound(err) || errors.IsForbidden(err)) {
|
|
apiGroupList = &metav1.APIGroupList{}
|
|
}
|
|
|
|
// prepend the group retrieved from /api to the list if not empty
|
|
if len(v.Versions) != 0 {
|
|
apiGroupList.Groups = append([]metav1.APIGroup{apiGroup}, apiGroupList.Groups...)
|
|
}
|
|
return apiGroupList, nil
|
|
}
|
|
|
|
// ServerResourcesForGroupVersion returns the supported resources for a group and version.
|
|
func (d *DiscoveryClient) ServerResourcesForGroupVersion(groupVersion string) (resources *metav1.APIResourceList, err error) {
|
|
url := url.URL{}
|
|
if len(groupVersion) == 0 {
|
|
return nil, fmt.Errorf("groupVersion shouldn't be empty")
|
|
}
|
|
if len(d.LegacyPrefix) > 0 && groupVersion == "v1" {
|
|
url.Path = d.LegacyPrefix + "/" + groupVersion
|
|
} else {
|
|
url.Path = "/apis/" + groupVersion
|
|
}
|
|
resources = &metav1.APIResourceList{
|
|
GroupVersion: groupVersion,
|
|
}
|
|
err = d.restClient.Get().AbsPath(url.String()).Do().Into(resources)
|
|
if err != nil {
|
|
// ignore 403 or 404 error to be compatible with an v1.0 server.
|
|
if groupVersion == "v1" && (errors.IsNotFound(err) || errors.IsForbidden(err)) {
|
|
return resources, nil
|
|
}
|
|
return nil, err
|
|
}
|
|
return resources, nil
|
|
}
|
|
|
|
// serverResources returns the supported resources for all groups and versions.
|
|
func (d *DiscoveryClient) serverResources() ([]*metav1.APIResourceList, error) {
|
|
apiGroups, err := d.ServerGroups()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
result := []*metav1.APIResourceList{}
|
|
failedGroups := make(map[schema.GroupVersion]error)
|
|
|
|
for _, apiGroup := range apiGroups.Groups {
|
|
for _, version := range apiGroup.Versions {
|
|
gv := schema.GroupVersion{Group: apiGroup.Name, Version: version.Version}
|
|
resources, err := d.ServerResourcesForGroupVersion(version.GroupVersion)
|
|
if err != nil {
|
|
// TODO: maybe restrict this to NotFound errors
|
|
failedGroups[gv] = err
|
|
continue
|
|
}
|
|
|
|
result = append(result, resources)
|
|
}
|
|
}
|
|
|
|
if len(failedGroups) == 0 {
|
|
return result, nil
|
|
}
|
|
|
|
return result, &ErrGroupDiscoveryFailed{Groups: failedGroups}
|
|
}
|
|
|
|
// ServerResources returns the supported resources for all groups and versions.
|
|
func (d *DiscoveryClient) ServerResources() ([]*metav1.APIResourceList, error) {
|
|
return withRetries(defaultRetries, d.serverResources)
|
|
}
|
|
|
|
// ErrGroupDiscoveryFailed is returned if one or more API groups fail to load.
|
|
type ErrGroupDiscoveryFailed struct {
|
|
// Groups is a list of the groups that failed to load and the error cause
|
|
Groups map[schema.GroupVersion]error
|
|
}
|
|
|
|
// Error implements the error interface
|
|
func (e *ErrGroupDiscoveryFailed) Error() string {
|
|
var groups []string
|
|
for k, v := range e.Groups {
|
|
groups = append(groups, fmt.Sprintf("%s: %v", k, v))
|
|
}
|
|
sort.Strings(groups)
|
|
return fmt.Sprintf("unable to retrieve the complete list of server APIs: %s", strings.Join(groups, ", "))
|
|
}
|
|
|
|
// IsGroupDiscoveryFailedError returns true if the provided error indicates the server was unable to discover
|
|
// a complete list of APIs for the client to use.
|
|
func IsGroupDiscoveryFailedError(err error) bool {
|
|
_, ok := err.(*ErrGroupDiscoveryFailed)
|
|
return err != nil && ok
|
|
}
|
|
|
|
// serverPreferredResources returns the supported resources with the version preferred by the server.
|
|
func (d *DiscoveryClient) serverPreferredResources() ([]*metav1.APIResourceList, error) {
|
|
serverGroupList, err := d.ServerGroups()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
result := []*metav1.APIResourceList{}
|
|
failedGroups := make(map[schema.GroupVersion]error)
|
|
|
|
grVersions := map[schema.GroupResource]string{} // selected version of a GroupResource
|
|
grApiResources := map[schema.GroupResource]*metav1.APIResource{} // selected APIResource for a GroupResource
|
|
gvApiResourceLists := map[schema.GroupVersion]*metav1.APIResourceList{} // blueprint for a APIResourceList for later grouping
|
|
|
|
for _, apiGroup := range serverGroupList.Groups {
|
|
for _, version := range apiGroup.Versions {
|
|
groupVersion := schema.GroupVersion{Group: apiGroup.Name, Version: version.Version}
|
|
apiResourceList, err := d.ServerResourcesForGroupVersion(version.GroupVersion)
|
|
if err != nil {
|
|
// TODO: maybe restrict this to NotFound errors
|
|
failedGroups[groupVersion] = err
|
|
continue
|
|
}
|
|
|
|
// create empty list which is filled later in another loop
|
|
emptyApiResourceList := metav1.APIResourceList{
|
|
GroupVersion: version.GroupVersion,
|
|
}
|
|
gvApiResourceLists[groupVersion] = &emptyApiResourceList
|
|
result = append(result, &emptyApiResourceList)
|
|
|
|
for i := range apiResourceList.APIResources {
|
|
apiResource := &apiResourceList.APIResources[i]
|
|
if strings.Contains(apiResource.Name, "/") {
|
|
continue
|
|
}
|
|
gv := schema.GroupResource{Group: apiGroup.Name, Resource: apiResource.Name}
|
|
if _, ok := grApiResources[gv]; ok && version.Version != apiGroup.PreferredVersion.Version {
|
|
// only override with preferred version
|
|
continue
|
|
}
|
|
grVersions[gv] = version.Version
|
|
grApiResources[gv] = apiResource
|
|
}
|
|
}
|
|
}
|
|
|
|
// group selected APIResources according to GroupVersion into APIResourceLists
|
|
for groupResource, apiResource := range grApiResources {
|
|
version := grVersions[groupResource]
|
|
groupVersion := schema.GroupVersion{Group: groupResource.Group, Version: version}
|
|
apiResourceList := gvApiResourceLists[groupVersion]
|
|
apiResourceList.APIResources = append(apiResourceList.APIResources, *apiResource)
|
|
}
|
|
|
|
if len(failedGroups) == 0 {
|
|
return result, nil
|
|
}
|
|
|
|
return result, &ErrGroupDiscoveryFailed{Groups: failedGroups}
|
|
}
|
|
|
|
// ServerPreferredResources returns the supported resources with the version preferred by the
|
|
// server.
|
|
func (d *DiscoveryClient) ServerPreferredResources() ([]*metav1.APIResourceList, error) {
|
|
return withRetries(defaultRetries, d.serverPreferredResources)
|
|
}
|
|
|
|
// ServerPreferredNamespacedResources returns the supported namespaced resources with the
|
|
// version preferred by the server.
|
|
func (d *DiscoveryClient) ServerPreferredNamespacedResources() ([]*metav1.APIResourceList, error) {
|
|
all, err := d.ServerPreferredResources()
|
|
return FilteredBy(ResourcePredicateFunc(func(groupVersion string, r *metav1.APIResource) bool {
|
|
return r.Namespaced
|
|
}), all), err
|
|
}
|
|
|
|
// ServerVersion retrieves and parses the server's version (git version).
|
|
func (d *DiscoveryClient) ServerVersion() (*version.Info, error) {
|
|
body, err := d.restClient.Get().AbsPath("/version").Do().Raw()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
var info version.Info
|
|
err = json.Unmarshal(body, &info)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("got '%s': %v", string(body), err)
|
|
}
|
|
return &info, nil
|
|
}
|
|
|
|
// OpenAPISchema fetches the open api schema using a rest client and parses the proto.
|
|
func (d *DiscoveryClient) OpenAPISchema() (*openapi_v2.Document, error) {
|
|
data, err := d.restClient.Get().AbsPath("/openapi/v2").SetHeader("Accept", mimePb).Do().Raw()
|
|
if err != nil {
|
|
if errors.IsForbidden(err) || errors.IsNotFound(err) {
|
|
// single endpoint not found/registered in old server, try to fetch old endpoint
|
|
// TODO(roycaihw): remove this in 1.11
|
|
data, err = d.restClient.Get().AbsPath("/swagger-2.0.0.pb-v1").Do().Raw()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
} else {
|
|
return nil, err
|
|
}
|
|
}
|
|
document := &openapi_v2.Document{}
|
|
err = proto.Unmarshal(data, document)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return document, nil
|
|
}
|
|
|
|
// withRetries retries the given recovery function in case the groups supported by the server change after ServerGroup() returns.
|
|
func withRetries(maxRetries int, f func() ([]*metav1.APIResourceList, error)) ([]*metav1.APIResourceList, error) {
|
|
var result []*metav1.APIResourceList
|
|
var err error
|
|
for i := 0; i < maxRetries; i++ {
|
|
result, err = f()
|
|
if err == nil {
|
|
return result, nil
|
|
}
|
|
if _, ok := err.(*ErrGroupDiscoveryFailed); !ok {
|
|
return nil, err
|
|
}
|
|
}
|
|
return result, err
|
|
}
|
|
|
|
func setDiscoveryDefaults(config *restclient.Config) error {
|
|
config.APIPath = ""
|
|
config.GroupVersion = nil
|
|
codec := runtime.NoopEncoder{Decoder: scheme.Codecs.UniversalDecoder()}
|
|
config.NegotiatedSerializer = serializer.NegotiatedSerializerWrapper(runtime.SerializerInfo{Serializer: codec})
|
|
if len(config.UserAgent) == 0 {
|
|
config.UserAgent = restclient.DefaultKubernetesUserAgent()
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// NewDiscoveryClientForConfig creates a new DiscoveryClient for the given config. This client
|
|
// can be used to discover supported resources in the API server.
|
|
func NewDiscoveryClientForConfig(c *restclient.Config) (*DiscoveryClient, error) {
|
|
config := *c
|
|
if err := setDiscoveryDefaults(&config); err != nil {
|
|
return nil, err
|
|
}
|
|
client, err := restclient.UnversionedRESTClientFor(&config)
|
|
return &DiscoveryClient{restClient: client, LegacyPrefix: "/api"}, err
|
|
}
|
|
|
|
// NewDiscoveryClientForConfigOrDie creates a new DiscoveryClient for the given config. If
|
|
// there is an error, it panics.
|
|
func NewDiscoveryClientForConfigOrDie(c *restclient.Config) *DiscoveryClient {
|
|
client, err := NewDiscoveryClientForConfig(c)
|
|
if err != nil {
|
|
panic(err)
|
|
}
|
|
return client
|
|
|
|
}
|
|
|
|
// NewDiscoveryClient returns a new DiscoveryClient for the given RESTClient.
|
|
func NewDiscoveryClient(c restclient.Interface) *DiscoveryClient {
|
|
return &DiscoveryClient{restClient: c, LegacyPrefix: "/api"}
|
|
}
|
|
|
|
// RESTClient returns a RESTClient that is used to communicate
|
|
// with API server by this client implementation.
|
|
func (c *DiscoveryClient) RESTClient() restclient.Interface {
|
|
if c == nil {
|
|
return nil
|
|
}
|
|
return c.restClient
|
|
}
|