Skip to content

Commit

Permalink
upgrade to latest dependencies (#1336)
Browse files Browse the repository at this point in the history 
bumping knative.dev/eventing 01d8ace...fd95228:
  > fd95228 Enable storage of EventType v1b2 (# 7594)
  > 6962251 Add a Prerequisite helper to check if the OIDC authentication feature flag is enabled (# 7609)
  > 341a8df [main] Update community files (# 7611)
  > bb5313d Remove OIDC service account, when OIDC feature is disabled again (# 7570)
  > 44ff98b Eventing TLS: Add scheme label to metrics (# 7581)
  > 8d6c6e4 Bump Go to v1.21 (# 7602)
  > 7cba45b Add TLS test for sequence (# 7600)

Signed-off-by: Knative Automation <[email protected]>
  • Loading branch information
@knative-automation
knative-automation authored Jan 23, 2024
1 parent 8fa6bf1 commit 33a01ed
Show file tree
Hide file tree
Showing 8 changed files with 67 additions and 12 deletions.
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ require (
k8s.io/client-go v0.28.5
k8s.io/code-generator v0.28.5
k8s.io/kube-openapi v0.0.0-20230928205116-a78145627833
knative.dev/eventing v0.39.1-0.20240119013412-01d8acead891
knative.dev/eventing v0.40.0
knative.dev/hack v0.0.0-20240111013919-e89096d74d85
knative.dev/pkg v0.0.0-20240116073220-b488e7be5902
knative.dev/reconciler-test v0.0.0-20240116084801-50276dfba7b3
Expand Down
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
Expand Up @@ -842,8 +842,8 @@ k8s.io/kube-openapi v0.0.0-20230928205116-a78145627833 h1:iFFEmmB7szQhJP42AvRD2+
k8s.io/kube-openapi v0.0.0-20230928205116-a78145627833/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA=
k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=
k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
knative.dev/eventing v0.39.1-0.20240119013412-01d8acead891 h1:jVbxj/8FFdC0SbRLbznJjTFVtKt+DJjBSR3kgoYH4eE=
knative.dev/eventing v0.39.1-0.20240119013412-01d8acead891/go.mod h1:sdLjctz8g4pQJwyliGRv+7NrBDPV4O7cm4QyHVOLsUA=
knative.dev/eventing v0.40.0 h1:zvMeKGBdQ5Us94Hdy7jmxpzyc1fdFnO4SS21+6nDSiU=
knative.dev/eventing v0.40.0/go.mod h1:+yUUIyvX9fn9bCSH3012kc8rG7YBbjvvxwy1Kr53dRc=
knative.dev/hack v0.0.0-20240111013919-e89096d74d85 h1:ERgPObDcW9LfaEPAeFvbW3UJcF3C3ul6B2ErNMv13OE=
knative.dev/hack v0.0.0-20240111013919-e89096d74d85/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q=
knative.dev/pkg v0.0.0-20240116073220-b488e7be5902 h1:H6+JJN23fhwYWCHY1339sY6uhIyoUwDy1a8dN233fdk=
Expand Down
22 changes: 16 additions & 6 deletions vendor/knative.dev/eventing/pkg/adapter/v2/cloudevents.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -210,11 +210,19 @@ func NewClient(cfg ClientConfig) (Client, error) {
reporter: cfg.Reporter,
crStatusEventClient: cfg.CrStatusEventClient,
oidcTokenProvider: cfg.TokenProvider,
scheme: "http",
}

if cfg.Env != nil {
client.audience = cfg.Env.GetAudience()
client.oidcServiceAccountName = cfg.Env.GetOIDCServiceAccountName()
sinkURI := cfg.Env.GetSink()
if sinkURI != "" {
parsedUrl, err := url.Parse(sinkURI)
if err == nil {
client.scheme = parsedUrl.Scheme
}
}
}

return client, nil
Expand All @@ -234,12 +242,12 @@ func setTimeOut(duration time.Duration) http.Option {
}

type client struct {
ceClient cloudevents.Client
ceOverrides *duckv1.CloudEventOverrides
reporter source.StatsReporter
crStatusEventClient *crstatusevent.CRStatusEventClient
closeIdler closeIdler

ceClient cloudevents.Client
ceOverrides *duckv1.CloudEventOverrides
reporter source.StatsReporter
crStatusEventClient *crstatusevent.CRStatusEventClient
closeIdler closeIdler
scheme string
oidcTokenProvider *auth.OIDCTokenProvider
audience *string
oidcServiceAccountName *types.NamespacedName
Expand Down Expand Up @@ -302,13 +310,15 @@ func (c *client) reportMetrics(ctx context.Context, event cloudevents.Event, res
if c.reporter == nil {
return
}

tags := MetricTagFromContext(ctx)
reportArgs := &source.ReportArgs{
Namespace: tags.Namespace,
EventSource: event.Source(),
EventType: event.Type(),
Name: tags.Name,
ResourceGroup: tags.ResourceGroup,
EventScheme: c.scheme,
}

var rres *http.RetriesResult
Expand Down
23 changes: 23 additions & 0 deletions vendor/knative.dev/eventing/pkg/auth/serviceaccount.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,6 +101,26 @@ func EnsureOIDCServiceAccountExistsForResource(ctx context.Context, serviceAccou
return nil
}

// DeleteOIDCServiceAccountIfExists makes sure the given resource does not have an OIDC service account.
// If it does that service account is deleted.
func DeleteOIDCServiceAccountIfExists(ctx context.Context, serviceAccountLister corev1listers.ServiceAccountLister, kubeclient kubernetes.Interface, gvk schema.GroupVersionKind, objectMeta metav1.ObjectMeta) error {
saName := GetOIDCServiceAccountNameForResource(gvk, objectMeta)
sa, err := serviceAccountLister.ServiceAccounts(objectMeta.Namespace).Get(saName)

if err == nil && metav1.IsControlledBy(&sa.ObjectMeta, &objectMeta) {
logging.FromContext(ctx).Debugf("OIDC Service account exists and has correct owner (%s/%s). Deleting OIDC service account", objectMeta.Name, objectMeta.Namespace)

err = kubeclient.CoreV1().ServiceAccounts(objectMeta.Namespace).Delete(ctx, sa.Name, metav1.DeleteOptions{})
if err != nil {
return fmt.Errorf("could not delete OIDC service account %s/%s for %s: %w", objectMeta.Name, objectMeta.Namespace, gvk.Kind, err)
}
} else if apierrs.IsNotFound(err) {
return nil
}

return err
}

type OIDCIdentityStatusMarker interface {
MarkOIDCIdentityCreatedSucceeded()
MarkOIDCIdentityCreatedSucceededWithReason(reason, messageFormat string, messageA ...interface{})
Expand All @@ -119,6 +139,9 @@ func SetupOIDCServiceAccount(ctx context.Context, flags feature.Flags, serviceAc
}
marker.MarkOIDCIdentityCreatedSucceeded()
} else {
if err := DeleteOIDCServiceAccountIfExists(ctx, serviceAccountLister, kubeclient, gvk, objectMeta); err != nil {
return err
}
setAuthStatus(nil)
marker.MarkOIDCIdentityCreatedSucceededWithReason(fmt.Sprintf("%s feature disabled", feature.OIDCAuthentication), "")
}
Expand Down
3 changes: 3 additions & 0 deletions vendor/knative.dev/eventing/pkg/metrics/metrics.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,9 @@ const (
// LabelEventType is the label for the name of the event type.
LabelEventType = "event_type"

// LabelEventType is the label for the name of the event type.
LabelEventScheme = "event_scheme"

// LabelEventSource is the label for the name of the event source.
LabelEventSource = "event_source"

Expand Down
7 changes: 6 additions & 1 deletion vendor/knative.dev/eventing/pkg/metrics/source/stats_reporter.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ var (
namespaceKey = tag.MustNewKey(eventingmetrics.LabelNamespaceName)
eventSourceKey = tag.MustNewKey(eventingmetrics.LabelEventSource)
eventTypeKey = tag.MustNewKey(eventingmetrics.LabelEventType)
eventScheme = tag.MustNewKey(eventingmetrics.LabelEventScheme)
sourceNameKey = tag.MustNewKey(eventingmetrics.LabelName)
sourceResourceGroupKey = tag.MustNewKey(eventingmetrics.LabelResourceGroup)
responseCodeKey = tag.MustNewKey(eventingmetrics.LabelResponseCode)
Expand All @@ -62,6 +63,7 @@ var (
type ReportArgs struct {
Namespace string
EventType string
EventScheme string
EventSource string
Name string
ResourceGroup string
Expand Down Expand Up @@ -122,6 +124,7 @@ func (r *reporter) generateTag(args *ReportArgs, responseCode int) (context.Cont
tag.Insert(namespaceKey, args.Namespace),
tag.Insert(eventSourceKey, args.EventSource),
tag.Insert(eventTypeKey, args.EventType),
tag.Insert(eventScheme, args.EventScheme),
tag.Insert(sourceNameKey, args.Name),
tag.Insert(sourceResourceGroupKey, args.ResourceGroup),
metrics.MaybeInsertIntTag(responseCodeKey, responseCode, responseCode > 0),
Expand All @@ -135,12 +138,14 @@ func register() {
namespaceKey,
eventSourceKey,
eventTypeKey,
eventScheme,
sourceNameKey,
sourceResourceGroupKey,
responseCodeKey,
responseCodeClassKey,
responseError,
responseTimeout}
responseTimeout,
}

// Create view to see our measurements.
if err := view.Register(
Expand Down
14 changes: 14 additions & 0 deletions vendor/knative.dev/eventing/test/rekt/features/featureflags/featureflags.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,20 @@ func TransportEncryptionStrict() feature.ShouldRun {
}
}

func AuthenticationOIDCEnabled() feature.ShouldRun {
return func(ctx context.Context, t feature.T) (feature.PrerequisiteResult, error) {
flags, err := getFeatureFlags(ctx, "config-features")
if err != nil {
return feature.PrerequisiteResult{}, err
}

return feature.PrerequisiteResult{
ShouldRun: flags.IsOIDCAuthentication(),
Reason: flags.String(),
}, nil
}
}

func IstioDisabled() feature.ShouldRun {
return func(ctx context.Context, t feature.T) (feature.PrerequisiteResult, error) {
flags, err := getFeatureFlags(ctx, "config-features")
Expand Down
4 changes: 2 additions & 2 deletions vendor/modules.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1084,8 +1084,8 @@ k8s.io/utils/pointer
k8s.io/utils/ptr
k8s.io/utils/strings/slices
k8s.io/utils/trace
# knative.dev/eventing v0.39.1-0.20240119013412-01d8acead891
## explicit; go 1.19
# knative.dev/eventing v0.40.0
## explicit; go 1.21
knative.dev/eventing/cmd/heartbeats
knative.dev/eventing/pkg/adapter/v2
knative.dev/eventing/pkg/adapter/v2/util/crstatusevent
Expand Down

0 comments on commit 33a01ed

Please sign in to comment.