Update kine/dynamiclistener

2024-06-07 19:41:36 +00:00 · 2019-11-13 06:05:20 +00:00 · 2019-11-13 06:05:20 +00:00 · 0a06949b9c
commit 0a06949b9c
parent 3d7781df70
12 changed files with 96 additions and 30 deletions
--- a/go.mod
+++ b/go.mod
@ -100,9 +100,9 @@ require (
 	github.com/opencontainers/runc v1.0.0-rc2.0.20190611121236-6cc515888830
 	github.com/pkg/errors v0.8.1
 	github.com/rakelkar/gonetsh v0.0.0-20190719023240-501daadcadf8 // indirect
-	github.com/rancher/dynamiclistener v0.1.1-0.20191110035254-aaa5bc0d2a07
+	github.com/rancher/dynamiclistener v0.1.1-0.20191113144757-736b5d5d8b51
 	github.com/rancher/helm-controller v0.2.2
-	github.com/rancher/kine v0.2.1
+	github.com/rancher/kine v0.2.2
 	github.com/rancher/remotedialer v0.2.0
 	github.com/rancher/wrangler v0.2.0
 	github.com/rancher/wrangler-api v0.2.0
--- a/go.sum
+++ b/go.sum
@ -584,16 +584,16 @@ github.com/rancher/cri v1.3.0-k3s.2 h1:k2XFyD+ZdsGvNfugdvqD38KSMANT3JmTFULFM2CtI
 github.com/rancher/cri v1.3.0-k3s.2/go.mod h1:Ht5T1dIKzm+4NExmb7wDVG6qR+j0xeXIjjhCv1d9geY=
 github.com/rancher/cri-tools v1.16.1-k3s.1 h1:iporgQ46noE6dtLzq6fWcIO2qjyPZy2m42d2P+UnGJg=
 github.com/rancher/cri-tools v1.16.1-k3s.1/go.mod h1:TEKhKv2EJIZp+p9jnEy4C63g8CosJzsI4kyKKkHag+8=
-github.com/rancher/dynamiclistener v0.1.1-0.20191110035254-aaa5bc0d2a07 h1:wR1hnAh7d7ZicsAwDyw2nfvGFDOvPojcfClwA8WGy5g=
-github.com/rancher/dynamiclistener v0.1.1-0.20191110035254-aaa5bc0d2a07/go.mod h1:fs/dxyNcB3YT6W9fVz4bDGfhmSQS17QQup6BIcGF++s=
+github.com/rancher/dynamiclistener v0.1.1-0.20191113144757-736b5d5d8b51 h1:+UOLT6b1Of/gSiLR1i+m81ITu79vUpIU8zpsxbY4Hlw=
+github.com/rancher/dynamiclistener v0.1.1-0.20191113144757-736b5d5d8b51/go.mod h1:fs/dxyNcB3YT6W9fVz4bDGfhmSQS17QQup6BIcGF++s=
 github.com/rancher/flannel v0.11.0-k3s.1 h1:mIwnfWDafjzQgFkZeJ1AkFrrAT3EdBaA1giE0eLJKo8=
 github.com/rancher/flannel v0.11.0-k3s.1/go.mod h1:Hn4ZV+eq0LhLZP63xZnxdGwXEoRSxs5sxELxu27M3UA=
 github.com/rancher/go-dqlite v1.1.0-k3s.1 h1:w3ghNkY5vqRnnrcqxvHkpBQr6E+R/nIwJfaGdNgJAiw=
 github.com/rancher/go-dqlite v1.1.0-k3s.1/go.mod h1:lj8UhpkZddn/Ag0tBsnkbELbxHGMpzrZLMs/nW9/DX4=
 github.com/rancher/helm-controller v0.2.2 h1:MUqisy53/Ay1EYOF2uTCYBbGpgtZLNKKrI01BdxIbQo=
 github.com/rancher/helm-controller v0.2.2/go.mod h1:0JkL0UjxddNbT4FmLoESarD4Mz8xzA5YlejqJ/U4g+8=
-github.com/rancher/kine v0.2.1 h1:pK7QJUVA+/oU6esxKa/LIlBbeLl2HGWIwmu8xrROukQ=
-github.com/rancher/kine v0.2.1/go.mod h1:SdBUuE7e3XyrJvdBxCl9TMMapF+wyZnMZSP/H59OqNE=
+github.com/rancher/kine v0.2.2 h1:dN5jZK1x3t5CqqEz05EImBjtxQm7ANeLmNJ8rA2jB90=
+github.com/rancher/kine v0.2.2/go.mod h1:SdBUuE7e3XyrJvdBxCl9TMMapF+wyZnMZSP/H59OqNE=
 github.com/rancher/kubernetes v1.16.2-k3s.1 h1:+oJEecXgQDkEOD/X8z2YUdYVonbXZtGzXsmtKDPYesg=
 github.com/rancher/kubernetes v1.16.2-k3s.1/go.mod h1:SmhGgKfQ30imqjFVj8AI+iW+zSyFsswNErKYeTfgoH0=
 github.com/rancher/kubernetes/staging/src/k8s.io/api v1.16.2-k3s.1 h1:2kK5KD6MU86txBYKG+tM6j5zbey02DaIDtwpG5JsfnI=
--- a/vendor/github.com/rancher/dynamiclistener/factory/gen.go
+++ b/vendor/github.com/rancher/dynamiclistener/factory/gen.go
@ -29,16 +29,20 @@ type TLS struct {
 	Organization []string
 }

-func collectCNs(secret *v1.Secret) (domains []string, ips []net.IP, hash string, err error) {
-	var (
-		cns    []string
-		digest = sha256.New()
-	)
+func cns(secret *v1.Secret) (cns []string) {
 	for k, v := range secret.Annotations {
 		if strings.HasPrefix(k, cnPrefix) {
 			cns = append(cns, v)
 		}
 	}
+	return
+}
+
+func collectCNs(secret *v1.Secret) (domains []string, ips []net.IP, hash string, err error) {
+	var (
+		cns    = cns(secret)
+		digest = sha256.New()
+	)

 	sort.Strings(cns)

@ -56,6 +60,10 @@ func collectCNs(secret *v1.Secret) (domains []string, ips []net.IP, hash string,
 	return
 }

+func (t *TLS) Merge(secret, other *v1.Secret) (*v1.Secret, bool, error) {
+	return t.AddCN(secret, cns(other)...)
+}
+
 func (t *TLS) AddCN(secret *v1.Secret, cn ...string) (*v1.Secret, bool, error) {
 	var (
 		err error
--- a/vendor/github.com/rancher/dynamiclistener/listener.go
+++ b/vendor/github.com/rancher/dynamiclistener/listener.go
@ -6,6 +6,7 @@ import (
 	"crypto/x509"
 	"net"
 	"net/http"
+	"strings"
 	"sync"

 	"github.com/rancher/dynamiclistener/factory"
@ -18,6 +19,10 @@ type TLSStorage interface {
 	Update(secret *v1.Secret) error
 }

+type SetFactory interface {
+	SetFactory(tls *factory.TLS)
+}
+
 type Config struct {
 	CN           string
 	Organization []string
@ -47,6 +52,10 @@ func NewListener(l net.Listener, storage TLSStorage, caCert *x509.Certificate, c
 	}
 	dynamicListener.tlsConfig.GetCertificate = dynamicListener.getCertificate

+	if setter, ok := storage.(SetFactory); ok {
+		setter.SetFactory(dynamicListener.factory)
+	}
+
 	return tls.NewListener(dynamicListener, &dynamicListener.tlsConfig), dynamicListener.cacheHandler(), nil
 }

@ -60,9 +69,16 @@ type listener struct {
 	tlsConfig tls.Config
 	cert      *tls.Certificate
 	sans      []string
+	init      sync.Once
 }

 func (l *listener) Accept() (net.Conn, error) {
+	l.init.Do(func() {
+		if len(l.sans) > 0 {
+			l.updateCert(l.sans...)
+		}
+	})
+
 	conn, err := l.Listener.Accept()
 	if err != nil {
 		return conn, err
@ -79,8 +95,10 @@ func (l *listener) Accept() (net.Conn, error) {
 		return conn, nil
 	}

-	if err := l.updateCert(host); err != nil {
-		logrus.Infof("failed to create TLS cert for: %s", host)
+	if !strings.Contains(host, ":") {
+		if err := l.updateCert(host); err != nil {
+			logrus.Infof("failed to create TLS cert for: %s", host)
+		}
 	}

 	return conn, nil
@ -96,7 +114,7 @@ func (l *listener) getCertificate(hello *tls.ClientHelloInfo) (*tls.Certificate,
 	return l.loadCert()
 }

-func (l *listener) updateCert(cn string) error {
+func (l *listener) updateCert(cn ...string) error {
 	l.RLock()
 	defer l.RUnlock()

@ -105,7 +123,7 @@ func (l *listener) updateCert(cn string) error {
 		return err
 	}

-	if !factory.NeedsUpdate(secret, append(l.sans, cn)...) {
+	if !factory.NeedsUpdate(secret, cn...) {
 		return nil
 	}

@ -114,7 +132,7 @@ func (l *listener) updateCert(cn string) error {
 	defer l.RLock()
 	defer l.Unlock()

-	secret, updated, err := l.factory.AddCN(secret, append(l.sans, cn)...)
+	secret, updated, err := l.factory.AddCN(secret, append(l.sans, cn...)...)
 	if err != nil {
 		return err
 	}
--- a/vendor/github.com/rancher/dynamiclistener/storage/kubernetes/controller.go
+++ b/vendor/github.com/rancher/dynamiclistener/storage/kubernetes/controller.go
@ -6,6 +6,7 @@ import (
 	"time"

 	"github.com/rancher/dynamiclistener"
+	"github.com/rancher/dynamiclistener/factory"
 	"github.com/rancher/wrangler-api/pkg/generated/controllers/core"
 	v1controller "github.com/rancher/wrangler-api/pkg/generated/controllers/core/v1"
 	"github.com/rancher/wrangler/pkg/start"
@ -54,6 +55,11 @@ type storage struct {
 	storage         dynamiclistener.TLSStorage
 	secrets         v1controller.SecretClient
 	ctx             context.Context
+	tls             *factory.TLS
+}
+
+func (s *storage) SetFactory(tls *factory.TLS) {
+	s.tls = tls
 }

 func (s *storage) init(secrets v1controller.SecretController) {
@ -105,6 +111,12 @@ func (s *storage) saveInK8s(secret *v1.Secret) (*v1.Secret, error) {
 		return secret, nil
 	}

+	if existing, err := s.storage.Get(); err == nil && s.tls != nil {
+		if newSecret, updated, err := s.tls.Merge(secret, existing); err == nil && updated {
+			secret = newSecret
+		}
+	}
+
 	targetSecret, err := s.targetSecret()
 	if err != nil {
 		return nil, err
--- a/vendor/github.com/rancher/kine/pkg/drivers/dqlite/dqlite.go
+++ b/vendor/github.com/rancher/kine/pkg/drivers/dqlite/dqlite.go
@ -91,7 +91,6 @@ func New(ctx context.Context, datasourceName string) (server.Backend, error) {
 	if err != nil {
 		return nil, err
 	}
-
 	if err := migrate(ctx, generic.DB); err != nil {
 		return nil, errors.Wrap(err, "failed to migrate DB from sqlite")
 	}
@ -103,6 +102,12 @@ func New(ctx context.Context, datasourceName string) (server.Backend, error) {
 		}
 		return false
 	}
+	generic.TranslateErr = func(err error) error {
+		if strings.Contains(err.Error(), "UNIQUE constraint") {
+			return server.ErrKeyExists
+		}
+		return err
+	}

 	return backend, nil
 }
--- a/vendor/github.com/rancher/kine/pkg/drivers/generic/generic.go
+++ b/vendor/github.com/rancher/kine/pkg/drivers/generic/generic.go
@ -12,7 +12,6 @@ import (

 	"github.com/Rican7/retry/backoff"
 	"github.com/Rican7/retry/strategy"
-
 	"github.com/sirupsen/logrus"
 )

@ -63,6 +62,7 @@ func (s Stripped) String() string {
 }

 type ErrRetry func(error) bool
+type TranslateErr func(error) error

 type Generic struct {
 	sync.Mutex
@ -83,6 +83,7 @@ type Generic struct {
 	FillSQL               string
 	InsertLastInsertIDSQL string
 	Retry                 ErrRetry
+	TranslateErr          TranslateErr
 }

 func q(sql, param string, numbered bool) string {
@ -308,6 +309,14 @@ func (d *Generic) IsFill(key string) bool {
 }

 func (d *Generic) Insert(ctx context.Context, key string, create, delete bool, createRevision, previousRevision int64, ttl int64, value, prevValue []byte) (id int64, err error) {
+	if d.TranslateErr != nil {
+		defer func() {
+			if err != nil {
+				err = d.TranslateErr(err)
+			}
+		}()
+	}
+
 	cVal := 0
 	dVal := 0
 	if create {
@ -320,7 +329,7 @@ func (d *Generic) Insert(ctx context.Context, key string, create, delete bool, c
 	if d.LastInsertID {
 		row, err := d.execute(ctx, d.InsertLastInsertIDSQL, key, cVal, dVal, createRevision, previousRevision, ttl, value, prevValue)
 		if err != nil {
-			return 00, err
+			return 0, err
 		}
 		return row.LastInsertId()
 	}
--- a/vendor/github.com/rancher/kine/pkg/drivers/mysql/mysql.go
+++ b/vendor/github.com/rancher/kine/pkg/drivers/mysql/mysql.go
@ -23,7 +23,7 @@ var (
 		`create table if not exists kine
 			(
 				id INTEGER AUTO_INCREMENT,
-				name TEXT,
+				name VARCHAR(630),
 				created INTEGER,
 				deleted INTEGER,
 				create_revision INTEGER,
@ -34,8 +34,8 @@ var (
 				PRIMARY KEY (id)
 			);`,
 	}
-	nameIdx     = "create index kine_name_index on kine (name(100))"
-	revisionIdx = "create unique index kine_name_prev_revision_uindex on kine (name(100), prev_revision)"
+	nameIdx     = "create index kine_name_index on kine (name)"
+	revisionIdx = "create unique index kine_name_prev_revision_uindex on kine (name, prev_revision)"
 	createDB    = "create database if not exists "
 )

@ -63,6 +63,12 @@ func New(dataSourceName string, tlsInfo tls.Config) (server.Backend, error) {
 		return nil, err
 	}
 	dialect.LastInsertID = true
+	dialect.TranslateErr = func(err error) error {
+		if err, ok := err.(*mysql.MySQLError); ok && err.Number == 1062 {
+			return server.ErrKeyExists
+		}
+		return err
+	}
 	if err := setup(dialect.DB); err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/rancher/kine/pkg/drivers/pgsql/pgsql.go
+++ b/vendor/github.com/rancher/kine/pkg/drivers/pgsql/pgsql.go
@ -25,7 +25,7 @@ var (
 		`create table if not exists kine
 			(
 				id SERIAL PRIMARY KEY,
- 				name TEXT,
+				name VARCHAR(630),
 				created INTEGER,
 				deleted INTEGER,
 				create_revision INTEGER,
@ -54,6 +54,12 @@ func New(dataSourceName string, tlsInfo tls.Config) (server.Backend, error) {
 	if err != nil {
 		return nil, err
 	}
+	dialect.TranslateErr = func(err error) error {
+		if err, ok := err.(*pq.Error); ok && err.Code == "23505" {
+			return server.ErrKeyExists
+		}
+		return err
+	}

 	if err := setup(dialect.DB); err != nil {
 		return nil, err
--- a/vendor/github.com/rancher/kine/pkg/drivers/sqlite/sqlite.go
+++ b/vendor/github.com/rancher/kine/pkg/drivers/sqlite/sqlite.go
@ -5,6 +5,7 @@ import (
 	"database/sql"
 	"os"

+	"github.com/mattn/go-sqlite3"
 	"github.com/rancher/kine/pkg/drivers/generic"
 	"github.com/rancher/kine/pkg/logstructured"
 	"github.com/rancher/kine/pkg/logstructured/sqllog"
@ -51,6 +52,12 @@ func NewVariant(driverName, dataSourceName string) (server.Backend, *generic.Gen
 		return nil, nil, err
 	}
 	dialect.LastInsertID = true
+	dialect.TranslateErr = func(err error) error {
+		if err, ok := err.(sqlite3.Error); ok && err.ExtendedCode == sqlite3.ErrConstraintUnique {
+			return server.ErrKeyExists
+		}
+		return err
+	}

 	if err := setup(dialect.DB); err != nil {
 		return nil, nil, err
--- a/vendor/github.com/rancher/kine/pkg/logstructured/logstructured.go
+++ b/vendor/github.com/rancher/kine/pkg/logstructured/logstructured.go
@ -108,11 +108,6 @@ func (l *LogStructured) Create(ctx context.Context, key string, value []byte, le
 	}

 	revRet, errRet = l.log.Append(ctx, createEvent)
-	if errRet != nil {
-		if _, prevEvent, err := l.get(ctx, key, 0, true); err == nil && prevEvent != nil && !prevEvent.Delete {
-			return 0, server.ErrKeyExists
-		}
-	}
 	return
 }

--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -748,7 +748,7 @@ github.com/prometheus/procfs/internal/util
 # github.com/rakelkar/gonetsh v0.0.0-20190719023240-501daadcadf8
 github.com/rakelkar/gonetsh/netroute
 github.com/rakelkar/gonetsh/netsh
-# github.com/rancher/dynamiclistener v0.1.1-0.20191110035254-aaa5bc0d2a07
+# github.com/rancher/dynamiclistener v0.1.1-0.20191113144757-736b5d5d8b51
 github.com/rancher/dynamiclistener
 github.com/rancher/dynamiclistener/factory
 github.com/rancher/dynamiclistener/storage/file
@ -769,7 +769,7 @@ github.com/rancher/helm-controller/pkg/generated/informers/externalversions/helm
 github.com/rancher/helm-controller/pkg/generated/listers/helm.cattle.io/v1
 github.com/rancher/helm-controller/pkg/generated/informers/externalversions/internalinterfaces
 github.com/rancher/helm-controller/pkg/apis/helm.cattle.io
-# github.com/rancher/kine v0.2.1
+# github.com/rancher/kine v0.2.2
 github.com/rancher/kine/pkg/client
 github.com/rancher/kine/pkg/endpoint
 github.com/rancher/kine/pkg/drivers/dqlite