diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml new file mode 100644 index 0000000..9f40020 --- /dev/null +++ b/.github/workflows/build.yaml @@ -0,0 +1,20 @@ +name: Build +on: + pull_request: + push: + branches: + - main + tags: + - 'v*' +jobs: + build: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: 1.22.x + - name: Build + run: ./scripts/build.sh diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml deleted file mode 100644 index c65aeff..0000000 --- a/.github/workflows/ci.yaml +++ /dev/null @@ -1,22 +0,0 @@ -name: Go - -on: [push] - -jobs: - build: - runs-on: ubuntu-latest - strategy: - matrix: - go-version: [ '1.22.2' ] - steps: - - uses: actions/checkout@v4 - - name: Setup Go ${{ matrix.go-version }} - uses: actions/setup-go@v5 - with: - go-version: ${{ matrix.go-version }} - - name: Install dependencies - run: |- - curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.59.1 - curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash - - name: CI - run: ./scripts/ci.sh diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml new file mode 100644 index 0000000..c1634c8 --- /dev/null +++ b/.github/workflows/lint.yaml @@ -0,0 +1,22 @@ +name: Lint +on: + pull_request: + push: + branches: + - main + tags: + - 'v*' +jobs: + lint: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: 1.22.x + - name: Analysis + uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1 + with: + args: -v diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..fcd6283 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,80 @@ +name: Release + +on: + push: + tags: + - 'v*' + +# GitHub settings / example values: +# +# org level vars: +# - PUBLIC_REGISTRY: docker.io +# repo level vars: +# - PUBLIC_REGISTRY_REPO: rancher +# repo level secrets: +# - PUBLIC_REGISTRY_USERNAME +# - PUBLIC_REGISTRY_PASSWORD + +jobs: + release: + permissions: + contents: write # required for creating GH release + id-token: write # required for reading vault secrets + runs-on: ubuntu-latest + steps: + - name: Read secrets + uses: rancher-eio/read-vault-secrets@main + with: + secrets: | + secret/data/github/repo/${{ github.repository }}/dockerhub/${{ github.repository_owner }}/credentials username | PUBLIC_REGISTRY_USERNAME ; + secret/data/github/repo/${{ github.repository }}/dockerhub/${{ github.repository_owner }}/credentials password | PUBLIC_REGISTRY_PASSWORD ; + - name: Login to DockerHub + uses: docker/login-action@v3 + with: + registry: ${{ vars.PUBLIC_REGISTRY }} + username: ${{ env.PUBLIC_REGISTRY_USERNAME }} + password: ${{ env.PUBLIC_REGISTRY_PASSWORD }} + - name: Setup QEMU + uses: docker/setup-qemu-action@v3 + - name: Setup Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Checkout code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + ref: ${{ github.ref_name}} + - name: Build and push all image variations + run: | + ./scripts/build.sh + make image-push + TAG="${TAG}-amd64" TARGET_PLATFORMS=linux/amd64 make image-push + TAG="${TAG}-arm64" TARGET_PLATFORMS=linux/arm64 make image-push + env: + TAG: ${{ github.ref_name }} + REPO: ${{ vars.PUBLIC_REGISTRY }}/${{ vars.PUBLIC_REGISTRY_REPO }} + - name: Create release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for creating GH release + id: goreleaser + uses: goreleaser/goreleaser-action@v6 + with: + distribution: goreleaser + version: "~> v2" + args: release --clean --verbose + - name: Upload charts to release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required for updating GH release + REPO: cnrancher/rancher-flat-network-operator # Docker repository to reference in `values.yaml` of the Helm chart release + TAG: ${{ github.ref_name }} # image tag to be referenced in `values.yaml` of the Helm chart release + run: | + version=$(echo '${{ steps.goreleaser.outputs.metadata }}' | jq -r '.version') + echo "Publishing helm charts (version: $version)" + + # Both version and appVersion are set to the same value in the Chart.yaml (excluding the 'v' prefix) + CHART_VERSION=$version GIT_TAG=$version make charts + + for f in $(find bin/ -name '*.tgz'); do + echo "Uploading $f to GitHub release $TAG" + gh release upload $TAG $f + done + echo "Charts successfully uploaded to GitHub release $TAG" diff --git a/.github/workflows/unit.yaml b/.github/workflows/unit.yaml new file mode 100644 index 0000000..8dbdc81 --- /dev/null +++ b/.github/workflows/unit.yaml @@ -0,0 +1,18 @@ +name: Unit tests +on: + pull_request: + push: + branches: + - main +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: 1.22.x + - name: Run tests + run: | + ./scripts/test.sh diff --git a/.github/workflows/verify.yaml b/.github/workflows/verify.yaml new file mode 100644 index 0000000..59c658f --- /dev/null +++ b/.github/workflows/verify.yaml @@ -0,0 +1,18 @@ +name: Verify +on: + pull_request: + push: + branches: + - main +jobs: + test: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: 1.22.x + - name: Run validate script + run: | + ./scripts/validate.sh diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000..cd1df5f --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,95 @@ +run: + timeout: 5m + go: "1.22" + skip-files: + - "zz_generated_*" + tests: false + allow-parallel-runners: true + +# output: +# format: github-actions + +linters: + disable-all: true + enable: + - dupl # check duplicated code + - goconst # check strings that can turn into constants + - gofmt # check fmt + - goimports # check imports + - gosec # check for security problems + - govet # check vet + - importas # check consistent import aliasing + - ineffassign # check ineffectual assignments + - misspell # check for misspelled English words + - nakedret # check naked returns in functions + - prealloc # check preallocated slice declarations + - revive # replacement for golint + - unconvert # check redundant type conversions + - whitespace # check for trailing whitespace and tabs + +linters-settings: + revive: + rules: + # The following rules are recommended https://github.com/mgechev/revive#recommended-configuration + - name: blank-imports + - name: context-as-argument + - name: context-keys-type + - name: dot-imports + - name: error-return + - name: error-strings + - name: error-naming + - name: exported + - name: increment-decrement + - name: var-naming + - name: var-declaration + - name: package-comments + - name: range + - name: receiver-naming + - name: time-naming + - name: indent-error-flow + - name: errorf + - name: empty-block + - name: superfluous-else + - name: unused-parameter + - name: unreachable-code + - name: redefines-builtin-id + - name: unexported-return + importas: + no-unaliased: true + alias: + # Kubernetes + - pkg: k8s.io/api/core/v1 + alias: corev1 + - pkg: k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1 + alias: apiextensionsv1 + - pkg: k8s.io/apimachinery/pkg/apis/meta/v1 + alias: metav1 + - pkg: k8s.io/apimachinery/pkg/util/runtime + alias: utilruntime + - pkg: sigs.k8s.io/controller-runtime/pkg/client + alias: runtimeclient + # Rancher EKS operator + - pkg: github.com/rancher/eks-operator/pkg/apis/eks.cattle.io/v1 + alias: eksv1 + - pkg: github.com/rancher/eks-operator/pkg/generated/controllers/eks.cattle.io/v1 + alias: ekscontrollers + - pkg: github.com/rancher/eks-operator/pkg/eks + alias: awsservices + # Core Rancher + - pkg: github.com/rancher/rancher/pkg/apis/management.cattle.io/v3 + alias: managementv3 + +issues: + exclude-rules: + - linters: + - revive + text: "var-naming: don't use an underscore in package name" + path: 'mock(\w+)/doc.go$' + - path: 'pkg/cni/types/types.go$' + text: "don't use ALL_CAPS in Go names" + linters: + - revive + - path: 'pkg/codegen/main.go' + text: "Expect WriteFile permissions to be 0600 or less" + linters: + - gosec diff --git a/Dockerfile.dapper b/Dockerfile.dapper deleted file mode 100644 index b1f5346..0000000 --- a/Dockerfile.dapper +++ /dev/null @@ -1,24 +0,0 @@ -FROM registry.suse.com/bci/golang:1.21 - -ARG DAPPER_HOST_ARCH -ENV ARCH=${DAPPER_HOST_ARCH} - -RUN zypper ref && \ - zypper -n up && \ - zypper -n in vim wget git tar gzip && \ - zypper clean - -RUN curl -sL https://get.helm.sh/helm-v3.12.1-linux-${ARCH}.tar.gz | \ - tar xvzf - -C /usr/local/bin --strip-components=1 -# pre-copy/cache go.mod for pre-downloading dependencies -COPY go.mod go.sum ./ -RUN go mod download && go mod verify - -ENV DAPPER_ENV REPO TAG DRONE_TAG CROSS -ENV DAPPER_SOURCE /go/src/github.com/cnrancher/rancher-flat-network-operator/ -ENV DAPPER_OUTPUT ./bin ./dist -ENV DAPPER_DOCKER_SOCKET true -WORKDIR ${DAPPER_SOURCE} - -ENTRYPOINT ["./scripts/entry.sh"] -CMD ["ci"] diff --git a/Makefile b/Makefile deleted file mode 100755 index 2c22aa2..0000000 --- a/Makefile +++ /dev/null @@ -1,24 +0,0 @@ -SCRIPTS := build test ci validate image -.PHONY: $(SCRIPTS) clean generate help - -.dapper: - @echo Downloading dapper - @curl -sL https://releases.rancher.com/dapper/latest/dapper-`uname -s`-`uname -m` > .dapper.tmp - @chmod +x .dapper.tmp - @./.dapper.tmp -v - @mv .dapper.tmp .dapper - -$(SCRIPTS): .dapper - @./.dapper $@ - -clean: - @./scripts/clean.sh - -generate: - @go generate ./main.go - -help: - @echo "Usage:" - @echo " make build - Build executable files in 'bin' folder" - @echo " make test - Run unit test" - @echo " make generate - Generate codes & CRDs" diff --git a/charts/README.md b/charts/README.md new file mode 100644 index 0000000..ce96468 --- /dev/null +++ b/charts/README.md @@ -0,0 +1 @@ +# Rancher FlatNetwork Chart Template diff --git a/pkg/admission/ping.go b/pkg/admission/ping.go index 142e193..7aad3a6 100644 --- a/pkg/admission/ping.go +++ b/pkg/admission/ping.go @@ -6,11 +6,11 @@ import ( "os" ) -func pingHandler(w http.ResponseWriter, req *http.Request) { +func pingHandler(w http.ResponseWriter, _ *http.Request) { w.Write([]byte("pong\n")) } -func hostnameHandler(w http.ResponseWriter, req *http.Request) { +func hostnameHandler(w http.ResponseWriter, _ *http.Request) { n, err := os.Hostname() if err != nil { err := fmt.Errorf("failed to get hostname: %w", err) diff --git a/pkg/admission/server.go b/pkg/admission/server.go index 7bb4523..ba6f162 100644 --- a/pkg/admission/server.go +++ b/pkg/admission/server.go @@ -3,8 +3,11 @@ package admission import ( "context" "crypto/tls" + "errors" "fmt" + "net" "net/http" + "time" "github.com/sirupsen/logrus" @@ -53,14 +56,22 @@ func (s *Server) Run(ctx context.Context) error { http.HandleFunc("/hostname", hostnameHandler) http.HandleFunc("/validate", handler.ValidateHandler) httpServer = &http.Server{ + BaseContext: func(net.Listener) context.Context { + return ctx + }, Addr: addr, TLSConfig: &tls.Config{ Certificates: []tls.Certificate{ pair, }, + MinVersion: tls.VersionTLS12, }, + ReadHeaderTimeout: time.Second * 10, } if err = httpServer.ListenAndServeTLS("", ""); err != nil { + if errors.Is(err, http.ErrServerClosed) { + return nil + } return fmt.Errorf("failed to start admission web server: %w", err) } logrus.Infof("start listen flat-network admission webhook server on %v", addr) diff --git a/pkg/admission/webhook/webhook.go b/pkg/admission/webhook/webhook.go index 08a2e15..3bd5684 100644 --- a/pkg/admission/webhook/webhook.go +++ b/pkg/admission/webhook/webhook.go @@ -154,13 +154,21 @@ func writeResponse(w http.ResponseWriter, a any) { w.Write(resp) } +const ( + kindDeployment = "Deployment" + kindDaemonSet = "DaemonSet" + kindStatefulSet = "StatefulSet" + kindCronJob = "CronJob" + kindJob = "Job" +) + func (h *Handler) validateAdmissionReview(ar *admissionv1.AdmissionReview) (bool, error) { logrus.Debugf("webhook validateAdmissionReview: %s %s %#v %#v", ar.Request.Name, ar.Request.Namespace, ar.Request.Kind, ar.Request.Resource) switch ar.Request.Kind.Kind { case "FlatNetworkSubnet": return h.validateMacvlanSubnet(ar) - case "Deployment", "DaemonSet", "StatefulSet", "CronJob", "Job": + case kindDeployment, kindDaemonSet, kindStatefulSet, kindCronJob, kindJob: return h.validateWorkload(ar) default: } diff --git a/pkg/admission/webhook/workload.go b/pkg/admission/webhook/workload.go index a7a7585..0f9ff75 100644 --- a/pkg/admission/webhook/workload.go +++ b/pkg/admission/webhook/workload.go @@ -29,15 +29,15 @@ type WorkloadReview struct { func (ar *WorkloadReview) PodTemplateAnnotations(key string) string { switch ar.AdmissionReview.Request.Kind.Kind { - case "Deployment": + case kindDeployment: return ar.Deployment.Spec.Template.Annotations[key] - case "DaemonSet": + case kindDaemonSet: return ar.DaemonSet.Spec.Template.Annotations[key] - case "StatefulSet": + case kindStatefulSet: return ar.StatefulSet.Spec.Template.Annotations[key] - case "CronJob": + case kindCronJob: return ar.CronJob.Spec.JobTemplate.Spec.Template.Annotations[key] - case "Job": + case kindJob: return ar.Job.Spec.Template.Annotations[key] default: return "" @@ -141,7 +141,7 @@ func (h *Handler) validateAnnotationIP(workload *WorkloadReview) error { func parseAnnotationIPs(s string) ([]net.IP, error) { ret := []net.IP{} - if s == "" || s == "auto" { + if s == "" || s == flatnetworkv1.AllocateModeAuto { return ret, nil } ip := net.ParseIP(s) @@ -253,7 +253,7 @@ func (h *Handler) validateAnnotationMac(workload *WorkloadReview) error { func parseAnnotationMacs(s string) ([]net.HardwareAddr, error) { ret := []net.HardwareAddr{} - if s == "" || s == "auto" { + if s == "" || s == flatnetworkv1.AllocateModeAuto { return ret, nil } diff --git a/pkg/apis/flatnetwork.pandaria.io/v1/types.go b/pkg/apis/flatnetwork.pandaria.io/v1/types.go index 50d4261..2715ac8 100644 --- a/pkg/apis/flatnetwork.pandaria.io/v1/types.go +++ b/pkg/apis/flatnetwork.pandaria.io/v1/types.go @@ -27,6 +27,9 @@ const ( LabelWorkloadSelector = "workload.user.cattle.io/workloadselector" LabelProjectID = "field.cattle.io/projectId" + + AllocateModeAuto = "auto" + AllocateModeSpecific = "specific" ) // +genclient diff --git a/pkg/cni/commands/add.go b/pkg/cni/commands/add.go index a01fbc4..56f94a8 100644 --- a/pkg/cni/commands/add.go +++ b/pkg/cni/commands/add.go @@ -167,7 +167,7 @@ func Add(args *skel.CmdArgs) error { utils.Print(n), err) } logrus.Debugf("merged IPAM config: %v", string(ipamConf)) - r, err := ipam.ExecAdd(n.IPAM.Type, []byte(ipamConf)) + r, err := ipam.ExecAdd(n.IPAM.Type, ipamConf) if err != nil { return fmt.Errorf("failed to execute ipam add, type: [%v] conf [%v]: %w", n.IPAM.Type, string(ipamConf), err) @@ -176,7 +176,7 @@ func Add(args *skel.CmdArgs) error { // Invoke ipam del if err to avoid ip leak defer func() { if err != nil { - ipam.ExecDel(n.IPAM.Type, []byte(ipamConf)) + ipam.ExecDel(n.IPAM.Type, ipamConf) } }() diff --git a/pkg/cni/kubeclient/kubeclient.go b/pkg/cni/kubeclient/kubeclient.go index be79d47..a7e8e50 100644 --- a/pkg/cni/kubeclient/kubeclient.go +++ b/pkg/cni/kubeclient/kubeclient.go @@ -10,7 +10,7 @@ import ( "github.com/containernetworking/cni/pkg/skel" cnitypes "github.com/containernetworking/cni/pkg/types" "gopkg.in/k8snetworkplumbingwg/multus-cni.v4/pkg/types" - v1 "k8s.io/api/core/v1" + corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" @@ -31,14 +31,14 @@ type defaultKubeClient struct { var _ KubeClient = &defaultKubeClient{} type KubeClient interface { - GetPod(context.Context, string, string) (*v1.Pod, error) + GetPod(context.Context, string, string) (*corev1.Pod, error) GetFlatNetworkIP(context.Context, string, string) (*flv1.FlatNetworkIP, error) UpdateFlatNetworkIP(context.Context, string, *flv1.FlatNetworkIP) (*flv1.FlatNetworkIP, error) GetFlatNetworkSubnet(context.Context, string) (*flv1.FlatNetworkSubnet, error) } -func (d *defaultKubeClient) GetPod(ctx context.Context, namespace, name string) (*v1.Pod, error) { +func (d *defaultKubeClient) GetPod(ctx context.Context, namespace, name string) (*corev1.Pod, error) { return d.client.CoreV1().Pods(namespace).Get(ctx, name, metav1.GetOptions{}) } diff --git a/pkg/codegen/main.go b/pkg/codegen/main.go index f1c7571..e95c211 100755 --- a/pkg/codegen/main.go +++ b/pkg/codegen/main.go @@ -14,7 +14,7 @@ import ( corev1 "k8s.io/api/core/v1" discoveryv1 "k8s.io/api/discovery/v1" networkingv1 "k8s.io/api/networking/v1" - v1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" + apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/runtime/schema" @@ -79,7 +79,7 @@ func main() { ipConfig := newCRD(&flatnetworkv1.FlatNetworkIP{}, func(c crd.CRD) crd.CRD { if c.Schema == nil { - c.Schema = &v1.JSONSchemaProps{} + c.Schema = &apiextensionsv1.JSONSchemaProps{} } c.ShortNames = []string{ "flatnetworkip", @@ -90,7 +90,7 @@ func main() { }) subnetConfig := newCRD(&flatnetworkv1.FlatNetworkSubnet{}, func(c crd.CRD) crd.CRD { if c.Schema == nil { - c.Schema = &v1.JSONSchemaProps{} + c.Schema = &apiextensionsv1.JSONSchemaProps{} } c.ShortNames = []string{ "flatnetworksubnet", diff --git a/pkg/controller/flatnetworkip/flatnetworkip.go b/pkg/controller/flatnetworkip/flatnetworkip.go index 0824167..f353b3c 100644 --- a/pkg/controller/flatnetworkip/flatnetworkip.go +++ b/pkg/controller/flatnetworkip/flatnetworkip.go @@ -257,7 +257,7 @@ func (h *handler) onIPCreate(ip *flv1.FlatNetworkIP) (*flv1.FlatNetworkIP, error macString := ip.Status.MAC.String() if macString == "" { - macString = "auto" + macString = flv1.AllocateModeAuto } logrus.WithFields(fieldsIP(ip)). Infof("allocated IP subnet [%v] MAC [%v] address [%v]", diff --git a/pkg/controller/flatnetworkip/remove.go b/pkg/controller/flatnetworkip/remove.go index c987920..feaf1f6 100644 --- a/pkg/controller/flatnetworkip/remove.go +++ b/pkg/controller/flatnetworkip/remove.go @@ -13,7 +13,7 @@ import ( "k8s.io/client-go/util/retry" ) -func (h *handler) handleIPRemove(s string, ip *flv1.FlatNetworkIP) (*flv1.FlatNetworkIP, error) { +func (h *handler) handleIPRemove(_ string, ip *flv1.FlatNetworkIP) (*flv1.FlatNetworkIP, error) { if ip == nil || ip.Name == "" { return ip, nil } diff --git a/pkg/controller/pod/pod.go b/pkg/controller/pod/pod.go index 9c47547..f636150 100644 --- a/pkg/controller/pod/pod.go +++ b/pkg/controller/pod/pod.go @@ -86,7 +86,7 @@ func (h *handler) handleError( } // sync ensures flat-network IP resource exists. -func (h *handler) sync(name string, pod *corev1.Pod) (*corev1.Pod, error) { +func (h *handler) sync(_ string, pod *corev1.Pod) (*corev1.Pod, error) { // Skip non-flat-network pods if !utils.IsPodEnabledFlatNetwork(pod) { return pod, nil @@ -177,7 +177,7 @@ func (h *handler) updatePodLabel(pod *corev1.Pod, ip *flv1.FlatNetworkIP) error labels[flv1.LabelSubnet] = annotationSubnet labels[flv1.LabelSelectedIP] = "" labels[flv1.LabelSelectedMac] = "" - labels[flv1.LabelFlatNetworkIPType] = "specific" + labels[flv1.LabelFlatNetworkIPType] = flv1.AllocateModeSpecific if ip.Status.Addr != nil { // IPv6 address contains invalid char ':' @@ -187,8 +187,8 @@ func (h *handler) updatePodLabel(pod *corev1.Pod, ip *flv1.FlatNetworkIP) error if ip.Status.MAC != nil { labels[flv1.LabelSelectedMac] = strings.ReplaceAll(ip.Status.MAC.String(), ":", "_") } - if annotationIP == "auto" { - labels[flv1.LabelFlatNetworkIPType] = "auto" + if annotationIP == flv1.AllocateModeAuto { + labels[flv1.LabelFlatNetworkIPType] = flv1.AllocateModeAuto } skip := true for k, v := range labels { diff --git a/pkg/controller/pod/utils.go b/pkg/controller/pod/utils.go index c6087e4..fc7121f 100644 --- a/pkg/controller/pod/utils.go +++ b/pkg/controller/pod/utils.go @@ -1,7 +1,7 @@ package pod import ( - "crypto/sha1" + "crypto/sha256" "fmt" "net" "strings" @@ -20,15 +20,15 @@ func (h *handler) newFlatNetworkIP(pod *corev1.Pod) (*flv1.FlatNetworkIP, error) annotationIP := pod.Annotations[flv1.AnnotationIP] annotationMAC := pod.Annotations[flv1.AnnotationMac] annotationSubnet := pod.Annotations[flv1.AnnotationSubnet] - flatNetworkIPType := "specific" + flatNetworkIPType := flv1.AllocateModeSpecific var ( ipAddrs []net.IP macAddrs []net.HardwareAddr ) switch annotationIP { - case "auto": - flatNetworkIPType = "auto" + case flv1.AllocateModeAuto: + flatNetworkIPType = annotationIP default: spec := strings.Split(annotationIP, "-") for _, s := range spec { @@ -96,7 +96,7 @@ func (h *handler) newFlatNetworkIP(pod *corev1.Pod) (*flv1.FlatNetworkIP, error) } func calcHash(ip, mac string) string { - return fmt.Sprintf("hash-%x", sha1.Sum([]byte(ip+mac))) + return fmt.Sprintf("hash-%x", sha256.Sum256([]byte(ip+mac))) } func flatNetworkIPUpdated(a, b *flv1.FlatNetworkIP) bool { diff --git a/pkg/controller/service/endpoint.go b/pkg/controller/service/endpoint.go index 3b25178..d08c1e1 100644 --- a/pkg/controller/service/endpoint.go +++ b/pkg/controller/service/endpoint.go @@ -66,7 +66,6 @@ func (h *handler) syncCoreV1Endpoints( endpoints.Name, utils.Print(addrs)) return nil }); err != nil { - return fmt.Errorf("failed to update corev1.Endpoints: %w", err) } diff --git a/pkg/controller/service/service.go b/pkg/controller/service/service.go index 67980f4..d04c29b 100644 --- a/pkg/controller/service/service.go +++ b/pkg/controller/service/service.go @@ -57,7 +57,7 @@ func Register( wctx.Core.Service().OnChange(ctx, handlerName, h.syncService) } -func (h *handler) syncService(name string, svc *corev1.Service) (*corev1.Service, error) { +func (h *handler) syncService(_ string, svc *corev1.Service) (*corev1.Service, error) { if svc == nil || svc.Name == "" || svc.DeletionTimestamp != nil { return svc, nil } diff --git a/pkg/controller/service/utils.go b/pkg/controller/service/utils.go index a049763..9b921b0 100644 --- a/pkg/controller/service/utils.go +++ b/pkg/controller/service/utils.go @@ -373,7 +373,7 @@ type endpointReource struct { } func (r *endpointReource) getEndpointSliceAddressType() (discoveryv1.AddressType, error) { - var t discoveryv1.AddressType = "" + var t discoveryv1.AddressType for _, e := range r.endpoints { if len(e.Addresses) == 0 { continue diff --git a/pkg/controller/workload/workload.go b/pkg/controller/workload/workload.go index e9584d6..9b1685c 100644 --- a/pkg/controller/workload/workload.go +++ b/pkg/controller/workload/workload.go @@ -37,7 +37,7 @@ type handler struct { jobClient batchcontroller.JobClient } -var workloadHandler *handler = nil +var workloadHandler *handler func Register( ctx context.Context, @@ -57,7 +57,7 @@ func Register( wctx.Apps.StatefulSet().OnChange(ctx, handlerName, syncWorkload) } -func syncWorkload[T Workload](name string, w T) (T, error) { +func syncWorkload[T Workload](_ string, w T) (T, error) { if workloadHandler == nil { err := fmt.Errorf("failed to sync workload: handler not initialized") logrus.WithFields(fieldsWorkload(w)).Error(err) @@ -96,12 +96,12 @@ func getFlatNetworkLabel(w metav1.Object) (isFlatNetworkEnabled bool, labels map subnet string ) switch a[flv1.LabelFlatNetworkIPType] { - case "auto": - ipType = "auto" + case flv1.AllocateModeAuto: + ipType = flv1.AllocateModeAuto isFlatNetworkEnabled = true case "": default: - ipType = "specific" + ipType = flv1.AllocateModeSpecific isFlatNetworkEnabled = true } subnet = a[flv1.AnnotationSubnet] diff --git a/pkg/controller/wrangler/context.go b/pkg/controller/wrangler/context.go index 16106cf..a64e0df 100644 --- a/pkg/controller/wrangler/context.go +++ b/pkg/controller/wrangler/context.go @@ -123,16 +123,16 @@ func NewContextOrDie( return c } -func (w *Context) SupportDiscoveryV1() bool { - return w.supportDiscoveryV1 +func (c *Context) SupportDiscoveryV1() bool { + return c.supportDiscoveryV1 } -func (w *Context) SupportIngressV1() bool { - return w.supportIngressV1 +func (c *Context) SupportIngressV1() bool { + return c.supportIngressV1 } -func (w *Context) OnLeader(f func(ctx context.Context) error) { - w.leadership.OnLeader(f) +func (c *Context) OnLeader(f func(ctx context.Context) error) { + c.leadership.OnLeader(f) } func (c *Context) WaitForCacheSyncOrDie(ctx context.Context) { diff --git a/pkg/logserver/server.go b/pkg/logserver/server.go index 5cc86f7..f4414bb 100644 --- a/pkg/logserver/server.go +++ b/pkg/logserver/server.go @@ -6,6 +6,7 @@ import ( "net" "net/http" "os" + "time" "github.com/sirupsen/logrus" ) @@ -42,6 +43,7 @@ func (s *Server) ListenAndServe(ctx context.Context) error { BaseContext: func(net.Listener) context.Context { return ctx }, + ReadHeaderTimeout: time.Second * 30, } http.HandleFunc("/v1/loglevel", s.loglevel) socketListener, err := net.Listen("unix", s.SocketLocation) diff --git a/scripts/ci.sh b/scripts/ci.sh deleted file mode 100755 index b1036e1..0000000 --- a/scripts/ci.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/usr/bin/env bash - -set -euo pipefail - -cd $(dirname $0) - -./validate.sh -./test.sh -./build.sh -./package.sh