Merge pull request #89 from gardener/support-k8s-v1.22

Support for Kubernetes v1.22

charts/cert-management/templates/crds.yaml → charts/cert-management/templates/crds-v1beta1.yaml

@@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-{{- if .Values.createCRDs.issuers }}
+{{- if and (not (.Capabilities.APIVersions.Has "apiextensions.k8s.io/v1")) .Values.createCRDs.issuers }}
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
@@ -216,7 +216,7 @@ spec:
       storage: true
 {{- end }}
 ---
-{{- if .Values.createCRDs.certificates }}
+{{- if and (not (.Capabilities.APIVersions.Has "apiextensions.k8s.io/v1")) .Values.createCRDs.certificates }}
 ---
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition

cmd/cert-controller-manager/main.go

@@ -12,6 +12,7 @@ import (
 
 	coordinationv1 "k8s.io/api/coordination/v1"
 	corev1 "k8s.io/api/core/v1"
+	networkingv1 "k8s.io/api/networking/v1"
 	networkingv1beta1 "k8s.io/api/networking/v1beta1"
 
 	"github.com/gardener/controller-manager-library/pkg/controllermanager"
@@ -56,6 +57,7 @@ func init() {
 		MustRegister()
 
 	resources.Register(networkingv1beta1.SchemeBuilder)
+	resources.Register(networkingv1.SchemeBuilder)
 	resources.Register(corev1.SchemeBuilder)
 	resources.Register(dnsapi.SchemeBuilder)
 	resources.Register(v1alpha1.SchemeBuilder)

examples/40-ingress-echoheaders.yaml

@@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
-apiVersion: networking.k8s.io/v1beta1
+apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   name: echoheaders
@@ -22,6 +22,9 @@ spec:
       http:
         paths:
           - backend:
-              serviceName: echoheaders
-              servicePort: 80
+              service:
+                name: echoheaders
+                port:
+                  number: 80
             path: /
+            pathType: Prefix

go.mod

@@ -5,7 +5,7 @@ go 1.16
 require (
 	github.com/ahmetb/gen-crd-api-reference-docs v0.2.0
 	github.com/emicklei/go-restful v2.11.1+incompatible // indirect
-	github.com/gardener/controller-manager-library v0.2.1-0.20210824121449-a0a838101d52
+	github.com/gardener/controller-manager-library v0.2.1-0.20210831082646-8ac5ffdda775
 	github.com/gardener/external-dns-management v0.7.21
 	github.com/go-acme/lego/v4 v4.1.3
 	github.com/go-openapi/spec v0.19.4 // indirect

go.sum

@@ -191,8 +191,8 @@ github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMo
 github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
 github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
 github.com/gardener/controller-manager-library v0.2.1-0.20201009144316-bfa57b871e60/go.mod h1:XMp1tPcX3SP/dMd+3id418f5Cqu44vydeTkBRbW8EvQ=
-github.com/gardener/controller-manager-library v0.2.1-0.20210824121449-a0a838101d52 h1:xS8jAUcSpmRj8Axr5cCrMeoTiM1/vIWlNv9Rh1nCD18=
-github.com/gardener/controller-manager-library v0.2.1-0.20210824121449-a0a838101d52/go.mod h1:E1Abd/nMB9pbwEiEHPADjsPgbJRJG90WlU28yim2DG4=
+github.com/gardener/controller-manager-library v0.2.1-0.20210831082646-8ac5ffdda775 h1:9fvyRE5d4rc7jSfA1WzEdSIRZOgD3pEglibNB6FkMDQ=
+github.com/gardener/controller-manager-library v0.2.1-0.20210831082646-8ac5ffdda775/go.mod h1:E1Abd/nMB9pbwEiEHPADjsPgbJRJG90WlU28yim2DG4=
 github.com/gardener/external-dns-management v0.7.21 h1:fuRFc2fGs1hkR7CJ3D7IiDplTE5pfuZj+otmTP/YKjc=
 github.com/gardener/external-dns-management v0.7.21/go.mod h1:QJM0IUSQhbK25ftg4ZvFHQuGuT7ScX6Xw4hCxO0j0IM=
 github.com/ghodss/yaml v0.0.0-20150909031657-73d445a93680/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=

pkg/controller/source/ingress/handler.go

@@ -10,7 +10,8 @@ import (
 	"fmt"
 	"strings"
 
-	api "k8s.io/api/networking/v1beta1"
+	networkingv1 "k8s.io/api/networking/v1"
+	networkingv1beta1 "k8s.io/api/networking/v1beta1"
 
 	"github.com/gardener/controller-manager-library/pkg/controllermanager/controller"
 	"github.com/gardener/controller-manager-library/pkg/logger"
@@ -44,29 +45,31 @@ func NewIngressSource(_ controller.Interface) (source.CertSource, error) {
 func (s *CIngressSource) GetCertsInfo(logger logger.LogContext, obj resources.Object, current *source.CertCurrentState) (*source.CertsInfo, error) {
 	info := s.NewCertsInfo(logger, obj)
 
-	data := obj.Data().(*api.Ingress)
-	annotValue, _ := resources.GetAnnotation(data, AnnotationPurposeKey)
-	labelValue, _ := resources.GetLabel(data, DeprecatedLabelNamePurpose)
+	annotValue, _ := resources.GetAnnotation(obj.Data(), AnnotationPurposeKey)
+	labelValue, _ := resources.GetLabel(obj.Data(), DeprecatedLabelNamePurpose)
 	managed := annotValue == AnnotationPurposeValueManaged || labelValue == DeprecatedLabelValueManaged
-	if !managed || data.Spec.TLS == nil {
+	tlsDataArray, err := extractTLSData(obj)
+	if err != nil {
+		return info, err
+	}
+	if !managed || tlsDataArray == nil {
 		return info, nil
 	}
 
-	cn, _ := resources.GetAnnotation(data, source.AnnotCommonName)
+	cn, _ := resources.GetAnnotation(obj.Data(), source.AnnotCommonName)
 	cn = strings.TrimSpace(cn)
 	var issuer *string
-	annotatedIssuer, ok := resources.GetAnnotation(data, source.AnnotIssuer)
+	annotatedIssuer, ok := resources.GetAnnotation(obj.Data(), source.AnnotIssuer)
 	if ok {
 		issuer = &annotatedIssuer
 	}
-	var err error
-	for _, tls := range data.Spec.TLS {
+	for _, tls := range tlsDataArray {
 		if tls.SecretName == "" {
 			err = fmt.Errorf("tls entry for hosts %s has no secretName", source.DomainsString(tls.Hosts))
 			continue
 		}
 		var domains []string
-		dnsnames, ok := resources.GetAnnotation(data, source.AnnotCertDNSNames)
+		dnsnames, ok := resources.GetAnnotation(obj.Data(), source.AnnotCertDNSNames)
 		if ok {
 			if cn != "" {
 				domains = []string{cn}
@@ -85,6 +88,41 @@ func (s *CIngressSource) GetCertsInfo(logger logger.LogContext, obj resources.Ob
 	return info, err
 }
 
+type tlsData struct {
+	SecretName string
+	Hosts      []string
+}
+
+func extractTLSData(obj resources.Object) ([]*tlsData, error) {
+	array := []*tlsData{}
+	switch data := obj.Data().(type) {
+	case *networkingv1beta1.Ingress:
+		if data.Spec.TLS == nil {
+			return nil, nil
+		}
+		for _, item := range data.Spec.TLS {
+			array = append(array, &tlsData{
+				SecretName: item.SecretName,
+				Hosts:      item.Hosts,
+			})
+		}
+		return array, nil
+	case *networkingv1.Ingress:
+		if data.Spec.TLS == nil {
+			return nil, nil
+		}
+		for _, item := range data.Spec.TLS {
+			array = append(array, &tlsData{
+				SecretName: item.SecretName,
+				Hosts:      item.Hosts,
+			})
+		}
+		return array, nil
+	default:
+		return nil, fmt.Errorf("unexpected ingress type: %#v", obj.Data())
+	}
+}
+
 func mergeCommonName(cn string, hosts []string) []string {
 	if cn == "" {
 		return hosts

vendor/modules.txt

@@ -31,7 +31,7 @@ github.com/evanphx/json-patch/v5
 github.com/fatih/color
 # github.com/fsnotify/fsnotify v1.4.9
 github.com/fsnotify/fsnotify
-# github.com/gardener/controller-manager-library v0.2.1-0.20210824121449-a0a838101d52
+# github.com/gardener/controller-manager-library v0.2.1-0.20210831082646-8ac5ffdda775
 ## explicit
 github.com/gardener/controller-manager-library/hack
 github.com/gardener/controller-manager-library/pkg/certmgmt