diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml
index 771eb5f9e..997a0185b 100644
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@@ -48,6 +48,53 @@ jobs:
with:
name: konnectivity-agent
path: _output/konnectivity-agent.tar
+ kind-e2e:
+ name: kind-e2e
+ runs-on: ubuntu-20.04
+ timeout-minutes: 100
+ needs:
+ - build
+ env:
+ REGISTRY: gcr.io/k8s-staging-kas-network-proxy
+ KIND_IMAGE: kindest/node${{ matrix.k8s }}
+ TAG: master
+ CONNECTION_MODE: ${{ matrix.connection-mode }}
+ strategy:
+ fail-fast: false
+ matrix:
+ k8s: [ v1.27.11, v1.28.7, v1.29.2 ]
+ connection-mode: [ grpc, http-connect ]
+ steps:
+ - name: Install kind
+ run: |
+ curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.23.0/kind-linux-amd64
+ chmod +x ./kind
+ sudo mv ./kind /usr/local/bin/kind
+ - name: Check out code
+ uses: actions/checkout@v4
+ - name: Set up Go
+ uses: actions/setup-go@v5
+ with:
+ go-version-file: go.mod
+ id: go
+ - name: Download prebuilt konnectivity-server image
+ uses: actions/download-artifact@v4
+ with:
+ name: konnectivity-server
+ - name: Download prebuilt konnectivity-agent image
+ uses: actions/download-artifact@v4
+ with:
+ name: konnectivity-agent
+ - name: Load prebuilt konnectivity images
+ run: |
+ docker load --input konnectivity-server.tar
+ docker load --input konnectivity-agent.tar
+ - name: Fix konnectivity docker image tags
+ run: |
+ docker tag gcr.io/k8s-staging-kas-network-proxy/proxy-server:master gcr.io/k8s-staging-kas-network-proxy/proxy-server-amd64:master
+ docker tag gcr.io/k8s-staging-kas-network-proxy/proxy-agent:master gcr.io/k8s-staging-kas-network-proxy/proxy-agent-amd64:master
+ - name: Run e2e tests
+ run: make test-e2e-ci
e2e:
name: e2e
runs-on: ubuntu-20.04
diff --git a/Makefile b/Makefile
index 0307db9c8..c1da81a94 100644
--- a/Makefile
+++ b/Makefile
@@ -24,7 +24,7 @@ ALL_ARCH ?= amd64 arm arm64 ppc64le s390x
# The output type could either be docker (local), or registry.
OUTPUT_TYPE ?= docker
GO_TOOLCHAIN ?= golang
-GO_VERSION ?= 1.22.2
+GO_VERSION ?= 1.22.5
BASEIMAGE ?= gcr.io/distroless/static-debian11:nonroot
ifeq ($(GOPATH),)
@@ -54,6 +54,9 @@ TAG ?= $(shell git rev-parse HEAD)
DOCKER_CMD ?= docker
DOCKER_CLI_EXPERIMENTAL ?= enabled
PROXY_SERVER_IP ?= 127.0.0.1
+
+KIND_IMAGE ?= kindest/node
+CONNECTION_MODE ?= grpc
## --------------------------------------
## Testing
## --------------------------------------
@@ -67,19 +70,28 @@ mock_gen:
# Unit tests with faster execution (nicer for development).
.PHONY: fast-test
fast-test:
- go test -mod=vendor -race ./...
+ go test -mod=vendor -race $(shell go list ./... | grep -v -e "/e2e$$" -e "/e2e/.*")
cd konnectivity-client && go test -race ./...
# Unit tests with fuller coverage, invoked by CI system.
.PHONY: test
test:
- go test -mod=vendor -race -covermode=atomic -coverprofile=konnectivity.out ./... && go tool cover -html=konnectivity.out -o=konnectivity.html
+ go test -mod=vendor -race -covermode=atomic -coverprofile=konnectivity.out $(shell go list ./... | grep -v -e "/e2e$$" -e "/e2e/.*") && go tool cover -html=konnectivity.out -o=konnectivity.html
cd konnectivity-client && go test -race -covermode=atomic -coverprofile=client.out ./... && go tool cover -html=client.out -o=client.html
.PHONY: test-integration
test-integration: build
go test -mod=vendor -race ./tests -agent-path $(PWD)/bin/proxy-agent
+.PHONY: test-e2e
+test-e2e: docker-build
+ go test -mod=vendor ./e2e -race -agent-image ${AGENT_FULL_IMAGE}-$(TARGETARCH):${TAG} -server-image ${SERVER_FULL_IMAGE}-$(TARGETARCH):${TAG} -kind-image ${KIND_IMAGE} -mode ${CONNECTION_MODE}
+
+# e2e test runner for continuous integration that does not build a new image.
+.PHONY: test-e2e-ci
+test-e2e-ci:
+ go test -mod=vendor ./e2e -race -agent-image ${AGENT_FULL_IMAGE}-$(TARGETARCH):${TAG} -server-image ${SERVER_FULL_IMAGE}-$(TARGETARCH):${TAG} -kind-image ${KIND_IMAGE} -mode ${CONNECTION_MODE}
+
## --------------------------------------
## Binaries
## --------------------------------------
diff --git a/e2e/README.md b/e2e/README.md
new file mode 100644
index 000000000..d4394c274
--- /dev/null
+++ b/e2e/README.md
@@ -0,0 +1,23 @@
+# End-to-end tests for konnectivity-network-proxy running in a kind cluster
+
+These e2e tests deploy the KNP agent and server to a local [kind](https://kind.sigs.k8s.io/)
+cluster to verify their functionality.
+
+These can be run automatically using `make e2e-test`.
+
+## Setup in `main_test.go`
+
+Before any of the actual tests are run, the `TestMain()` function
+in `main_test.go` performs the following set up steps:
+
+- Spin up a new kind cluster with the node image provided by the `-kind-image` flag.
+- Sideload the KNP agent and server images provided with `-agent-image` and `-server-image` into the cluster.
+- Deploy the necessary RBAC and service templates for both the KNP agent and server (see `renderAndApplyManifests`).
+
+## The tests
+
+### `static_count_test.go`
+
+These tests deploy the KNP servers and agents to the previously created kind cluster.
+After the deployments are up, the tests check that both the agent and server report
+the correct number of connections on their metrics endpoints.
diff --git a/e2e/main_test.go b/e2e/main_test.go
new file mode 100644
index 000000000..efa2dbab3
--- /dev/null
+++ b/e2e/main_test.go
@@ -0,0 +1,178 @@
+package e2e
+
+import (
+ "bytes"
+ "context"
+ "flag"
+ "fmt"
+ "log"
+ "os"
+ "path"
+ "testing"
+ "text/template"
+ "time"
+
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/client-go/kubernetes/scheme"
+ "sigs.k8s.io/controller-runtime/pkg/client"
+ "sigs.k8s.io/e2e-framework/klient/wait"
+ "sigs.k8s.io/e2e-framework/klient/wait/conditions"
+ "sigs.k8s.io/e2e-framework/pkg/env"
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+ "sigs.k8s.io/e2e-framework/pkg/envfuncs"
+ "sigs.k8s.io/e2e-framework/support/kind"
+)
+
+var (
+ testenv env.Environment
+ agentImage = flag.String("agent-image", "", "The proxy agent's docker image.")
+ serverImage = flag.String("server-image", "", "The proxy server's docker image.")
+ kindImage = flag.String("kind-image", "kindest/node", "Image to use for kind nodes.")
+ connectionMode = flag.String("mode", "grpc", "Connection mode to use during e2e tests.")
+)
+
+func TestMain(m *testing.M) {
+ flag.Parse()
+ if *agentImage == "" {
+ log.Fatalf("must provide agent image with -agent-image")
+ }
+ if *serverImage == "" {
+ log.Fatalf("must provide server image with -server-image")
+ }
+
+ scheme.AddToScheme(scheme.Scheme)
+
+ testenv = env.New()
+ kindClusterName := "kind-test"
+ kindCluster := kind.NewCluster(kindClusterName).WithOpts(kind.WithImage(*kindImage))
+
+ testenv.Setup(
+ envfuncs.CreateCluster(kindCluster, kindClusterName),
+ envfuncs.LoadImageToCluster(kindClusterName, *agentImage),
+ envfuncs.LoadImageToCluster(kindClusterName, *serverImage),
+ renderAndApplyManifests,
+ )
+
+ testenv.Finish(envfuncs.DestroyCluster(kindClusterName))
+
+ os.Exit(testenv.Run(m))
+}
+
+// renderTemplate renders a template from e2e/templates into a kubernetes object.
+// Template paths are relative to e2e/templates.
+func renderTemplate(file string, params any) (client.Object, *schema.GroupVersionKind, error) {
+ b := &bytes.Buffer{}
+
+ tmp, err := template.ParseFiles(path.Join("templates/", file))
+ if err != nil {
+ return nil, nil, fmt.Errorf("could not parse template %v: %w", file, err)
+ }
+
+ err = tmp.Execute(b, params)
+ if err != nil {
+ return nil, nil, fmt.Errorf("could not execute template %v: %w", file, err)
+ }
+
+ decoder := scheme.Codecs.UniversalDeserializer()
+
+ obj, gvk, err := decoder.Decode(b.Bytes(), nil, nil)
+ if err != nil {
+ return nil, nil, fmt.Errorf("could not decode rendered yaml into kubernetes object: %w", err)
+ }
+
+ return obj.(client.Object), gvk, nil
+}
+
+type KeyValue struct {
+ Key string
+ Value string
+}
+
+type DeploymentConfig struct {
+ Replicas int
+ Image string
+ Args []KeyValue
+}
+
+func renderAndApplyManifests(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ client := cfg.Client()
+
+ // Render agent RBAC and Service templates.
+ agentServiceAccount, _, err := renderTemplate("agent/serviceaccount.yaml", struct{}{})
+ if err != nil {
+ return nil, err
+ }
+ agentClusterRole, _, err := renderTemplate("agent/clusterrole.yaml", struct{}{})
+ if err != nil {
+ return nil, err
+ }
+ agentClusterRoleBinding, _, err := renderTemplate("agent/clusterrolebinding.yaml", struct{}{})
+ if err != nil {
+ return ctx, err
+ }
+ agentService, _, err := renderTemplate("agent/service.yaml", struct{}{})
+ if err != nil {
+ return ctx, err
+ }
+
+ // Submit agent RBAC templates to k8s.
+ err = client.Resources().Create(ctx, agentServiceAccount)
+ if err != nil {
+ return ctx, err
+ }
+ err = client.Resources().Create(ctx, agentClusterRole)
+ if err != nil {
+ return ctx, err
+ }
+ err = client.Resources().Create(ctx, agentClusterRoleBinding)
+ if err != nil {
+ return ctx, err
+ }
+ err = client.Resources().Create(ctx, agentService)
+ if err != nil {
+ return ctx, err
+ }
+
+ // Render server RBAC and Service templates.
+ serverClusterRoleBinding, _, err := renderTemplate("server/clusterrolebinding.yaml", struct{}{})
+ if err != nil {
+ return ctx, err
+ }
+ serverService, _, err := renderTemplate("server/service.yaml", struct{}{})
+ if err != nil {
+ return ctx, err
+ }
+
+ // Submit server templates to k8s.
+ err = client.Resources().Create(ctx, serverClusterRoleBinding)
+ if err != nil {
+ return ctx, err
+ }
+ err = client.Resources().Create(ctx, serverService)
+ if err != nil {
+ return ctx, err
+ }
+
+ return ctx, nil
+}
+
+func deployAndWaitForDeployment(deployment client.Object) func(context.Context, *testing.T, *envconf.Config) context.Context {
+ return func(ctx context.Context, t *testing.T, cfg *envconf.Config) context.Context {
+ client := cfg.Client()
+ err := client.Resources().Create(ctx, deployment)
+ if err != nil {
+ t.Fatalf("could not create Deployment: %v", err)
+ }
+
+ err = wait.For(
+ conditions.New(client.Resources()).DeploymentAvailable(deployment.GetName(), deployment.GetNamespace()),
+ wait.WithTimeout(1*time.Minute),
+ wait.WithInterval(10*time.Second),
+ )
+ if err != nil {
+ t.Fatalf("waiting for Deployment failed: %v", err)
+ }
+
+ return ctx
+ }
+}
diff --git a/e2e/metrics_assertions_test.go b/e2e/metrics_assertions_test.go
new file mode 100644
index 000000000..6ecdaee7b
--- /dev/null
+++ b/e2e/metrics_assertions_test.go
@@ -0,0 +1,85 @@
+package e2e
+
+import (
+ "context"
+ "fmt"
+ "net/http"
+ "testing"
+
+ corev1 "k8s.io/api/core/v1"
+
+ "github.com/prometheus/common/expfmt"
+ "sigs.k8s.io/e2e-framework/klient/k8s/resources"
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+)
+
+func getMetricsGaugeValue(url string, name string) (int, error) {
+ resp, err := http.Get(url)
+ if err != nil {
+ return 0, fmt.Errorf("could not get metrics from url %v: %w", url, err)
+ }
+
+ metricsParser := &expfmt.TextParser{}
+ metricsFamilies, err := metricsParser.TextToMetricFamilies(resp.Body)
+ if err != nil {
+ return 0, fmt.Errorf("could not parse metrics: %w", err)
+ }
+ defer resp.Body.Close()
+
+ metricFamily, exists := metricsFamilies[name]
+ if !exists {
+ return 0, fmt.Errorf("metric %v does not exist", name)
+ }
+ value := int(metricFamily.GetMetric()[0].GetGauge().GetValue())
+ return value, nil
+}
+
+func assertAgentsAreConnected(expectedConnections int, adminPort int) func(context.Context, *testing.T, *envconf.Config) context.Context {
+ return func(ctx context.Context, t *testing.T, cfg *envconf.Config) context.Context {
+ client := cfg.Client()
+
+ var agentPods *corev1.PodList
+ err := client.Resources().List(ctx, agentPods, resources.WithLabelSelector("k8s-app=konnectivity-agent"))
+ if err != nil {
+ t.Fatalf("couldn't get agent pods (label selector 'k8s-app=konnectivity-agent'): %v", err)
+ }
+
+ for _, agentPod := range agentPods.Items {
+ numConnections, err := getMetricsGaugeValue(fmt.Sprintf("%v:%v/metrics", agentPod.Status.PodIP, adminPort), "konnectivity_network_proxy_agent_open_server_connections")
+ if err != nil {
+ t.Fatalf("couldn't get agent metric 'konnectivity_network_proxy_agent_open_server_connections' for pod %v: %v", agentPod.Name, err)
+ }
+
+ if numConnections != expectedConnections {
+ t.Errorf("incorrect number of connected servers (want: %d, got: %d)", expectedConnections, numConnections)
+ }
+ }
+
+ return ctx
+ }
+}
+
+func assertServersAreConnected(expectedConnections int, adminPort int) func(context.Context, *testing.T, *envconf.Config) context.Context {
+ return func(ctx context.Context, t *testing.T, cfg *envconf.Config) context.Context {
+ client := cfg.Client()
+
+ var serverPods *corev1.PodList
+ err := client.Resources().List(ctx, serverPods, resources.WithLabelSelector("k8s-app=konnectivity-server"))
+ if err != nil {
+ t.Fatalf("couldn't get server pods (label selector 'k8s-app=konnectivity-server'): %v", err)
+ }
+
+ for _, serverPod := range serverPods.Items {
+ numConnections, err := getMetricsGaugeValue(fmt.Sprintf("%v:%v/metrics", serverPod.Status.PodIP, adminPort), "konnectivity_network_proxy_server_ready_backend_connections")
+ if err != nil {
+ t.Fatalf("couldn't get agent metric 'konnectivity_network_proxy_server_ready_backend_connections' for pod %v: %v", serverPod.Name, err)
+ }
+
+ if numConnections != expectedConnections {
+ t.Errorf("incorrect number of connected agents (want: %d, got: %d)", expectedConnections, numConnections)
+ }
+ }
+
+ return ctx
+ }
+}
diff --git a/e2e/static_count_test.go b/e2e/static_count_test.go
new file mode 100644
index 000000000..c20099d89
--- /dev/null
+++ b/e2e/static_count_test.go
@@ -0,0 +1,129 @@
+package e2e
+
+import (
+ "strconv"
+ "testing"
+
+ "sigs.k8s.io/e2e-framework/pkg/features"
+)
+
+func TestSingleServer_SingleAgent_StaticCount(t *testing.T) {
+ adminPort := 8093
+
+ serverDeploymentConfig := DeploymentConfig{
+ Replicas: 1,
+ Image: *serverImage,
+ Args: []KeyValue{
+ {"log-file", "/var/log/konnectivity-server.log"},
+ {"logtostderr", "true"},
+ {"log-file-max-size", "0"},
+ {"uds-name", "/etc/kubernetes/konnectivity-server/konnectivity-server.socket"},
+ {Key: "delete-existing-uds-file"},
+ {"cluster-cert", "/etc/kubernetes/pki/apiserver.crt"},
+ {"cluster-key", "/etc/kubernetes/pki/apiserver.key"},
+ {"server-port", "8090"},
+ {"agent-port", "8091"},
+ {"health-port", "8092"},
+ {"admin-port", strconv.Itoa(adminPort)},
+ {"keepalive-time", "1h"},
+ {"mode", "grpc"},
+ {"agent-namespace", "kube-system"},
+ {"agent-service-account", "konnectivity-agent"},
+ {"kubeconfig", "/etc/kubernetes/admin.conf"},
+ {"authentication-audience", "system:konnectivity-server"},
+ {"server-count", "1"},
+ },
+ }
+ serverDeployment, _, err := renderTemplate("server/deployment.yaml", serverDeploymentConfig)
+ if err != nil {
+ t.Fatalf("could not render server deployment: %v", err)
+ }
+
+ agentDeploymentConfig := DeploymentConfig{
+ Replicas: 1,
+ Image: *agentImage,
+ Args: []KeyValue{
+ {"logtostderr", "true"},
+ {"ca-cert", "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"},
+ {"proxy-server-host", "konnectivity-server.kube-system.svc.cluster.local"},
+ {"proxy-server-port", "8091"},
+ {"sync-interval", "1s"},
+ {"sync-interval-cap", "10s"},
+ {Key: "sync-forever"},
+ {"probe-interval", "1s"},
+ {"service-account-token-path", "/var/run/secrets/tokens/konnectivity-agent-token"},
+ {"server-count", "1"},
+ },
+ }
+ agentDeployment, _, err := renderTemplate("agent/deployment.yaml", agentDeploymentConfig)
+ if err != nil {
+ t.Fatalf("could not render agent deployment: %v", err)
+ }
+
+ feature := features.New("konnectivity server and agent deployment with single replica for each")
+ feature.Setup(deployAndWaitForDeployment(serverDeployment))
+ feature.Setup(deployAndWaitForDeployment(agentDeployment))
+ feature.Assess("konnectivity server has a connected client", assertServersAreConnected(1, adminPort))
+ feature.Assess("konnectivity agent is connected to a server", assertAgentsAreConnected(1, adminPort))
+}
+
+func TestMultiServer_MultiAgent_StaticCount(t *testing.T) {
+ adminPort := 8093
+ replicas := 3
+
+ serverDeploymentConfig := DeploymentConfig{
+ Replicas: replicas,
+ Image: *serverImage,
+ Args: []KeyValue{
+ {"log-file", "/var/log/konnectivity-server.log"},
+ {"logtostderr", "true"},
+ {"log-file-max-size", "0"},
+ {"uds-name", "/etc/kubernetes/konnectivity-server/konnectivity-server.socket"},
+ {Key: "delete-existing-uds-file"},
+ {"cluster-cert", "/etc/kubernetes/pki/apiserver.crt"},
+ {"cluster-key", "/etc/kubernetes/pki/apiserver.key"},
+ {"server-port", "8090"},
+ {"agent-port", "8091"},
+ {"health-port", "8092"},
+ {"admin-port", strconv.Itoa(adminPort)},
+ {"keepalive-time", "1h"},
+ {"mode", *connectionMode},
+ {"agent-namespace", "kube-system"},
+ {"agent-service-account", "konnectivity-agent"},
+ {"kubeconfig", "/etc/kubernetes/admin.conf"},
+ {"authentication-audience", "system:konnectivity-server"},
+ {"server-count", strconv.Itoa(replicas)},
+ },
+ }
+ serverDeployment, _, err := renderTemplate("server/deployment.yaml", serverDeploymentConfig)
+ if err != nil {
+ t.Fatalf("could not render server deployment: %v", err)
+ }
+
+ agentDeploymentConfig := DeploymentConfig{
+ Replicas: replicas,
+ Image: *agentImage,
+ Args: []KeyValue{
+ {"logtostderr", "true"},
+ {"ca-cert", "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt"},
+ {"proxy-server-host", "konnectivity-server.kube-system.svc.cluster.local"},
+ {"proxy-server-port", "8091"},
+ {"sync-interval", "1s"},
+ {"sync-interval-cap", "10s"},
+ {Key: "sync-forever"},
+ {"probe-interval", "1s"},
+ {"service-account-token-path", "/var/run/secrets/tokens/konnectivity-agent-token"},
+ {"server-count", strconv.Itoa(replicas)},
+ },
+ }
+ agentDeployment, _, err := renderTemplate("agent/deployment.yaml", agentDeploymentConfig)
+ if err != nil {
+ t.Fatalf("could not render agent deployment: %v", err)
+ }
+
+ feature := features.New("konnectivity server and agent deployment with single replica for each")
+ feature.Setup(deployAndWaitForDeployment(serverDeployment))
+ feature.Setup(deployAndWaitForDeployment(agentDeployment))
+ feature.Assess("all servers connected to all clients", assertServersAreConnected(replicas, adminPort))
+ feature.Assess("all agents connected to all servers", assertAgentsAreConnected(replicas, adminPort))
+}
diff --git a/e2e/templates/agent/clusterrole.yaml b/e2e/templates/agent/clusterrole.yaml
new file mode 100644
index 000000000..85ee7302a
--- /dev/null
+++ b/e2e/templates/agent/clusterrole.yaml
@@ -0,0 +1,10 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ name: system:konnectivity-agent
+ labels:
+ kubernetes.io/cluster-service: "true"
+rules:
+- apiGroups: ["coordination.k8s.io"]
+ resources: ["leases"]
+ verbs: ["get", "watch", "list"]
diff --git a/e2e/templates/agent/clusterrolebinding.yaml b/e2e/templates/agent/clusterrolebinding.yaml
new file mode 100644
index 000000000..57a3120c0
--- /dev/null
+++ b/e2e/templates/agent/clusterrolebinding.yaml
@@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/rbacv1
+kind: ClusterRoleBinding
+metadata:
+ name: system:konnectivity-agent
+ labels:
+ kubernetes.io/cluster-service: "true"
+subjects:
+- kind: ServiceAccount
+ name: konnectivity-agent
+ namespace: kube-system
+roleRef:
+ kind: ClusterRole
+ name: system:konnectivity-agent
+ apiGroup: rbac.authorization.k8s.io
diff --git a/e2e/templates/agent/deployment.yaml b/e2e/templates/agent/deployment.yaml
new file mode 100644
index 000000000..70a2f29d7
--- /dev/null
+++ b/e2e/templates/agent/deployment.yaml
@@ -0,0 +1,82 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ k8s-app: konnectivity-agent
+ namespace: kube-system
+ name: konnectivity-agent
+spec:
+ replicas: {{ .Replicas }}
+ selector:
+ matchLabels:
+ k8s-app: konnectivity-agent
+ template:
+ metadata:
+ labels:
+ k8s-app: konnectivity-agent
+ spec:
+ containers:
+ - name: konnectivity-agent-container
+ image: {{ .Image }}
+ resources:
+ requests:
+ cpu: 50m
+ limits:
+ memdeploymentory: 30Mi
+ command: [ "/proxy-agent"]
+ args: [
+ {{ range .Args }}
+ "--{{ .Key }}{{if ne .Value ""}}={{ .Value }}{{ end }}",
+ {{ end }}
+ ]
+ env:
+ - name: POD_NAME
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.name
+ - name: POD_NAMESPACE
+ valueFrom:
+ fieldRef:
+ fieldPath: metadata.namespace
+ - name: HOST_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.hostIP
+ livenessProbe:
+ httpGet:
+ scheme: HTTP
+ port: 8093
+ path: /healthz
+ initialDelaySeconds: 15
+ timeoutSeconds: 15
+ readinessProbe:
+ httpGet:
+ scheme: HTTP
+ port: 8093
+ path: /readyz
+ initialDelaySeconds: 15
+ timeoutSeconds: 15
+ volumeMounts:
+ - mountPath: /var/run/secrets/tokens
+ name: konnectivity-agent-token
+ serviceAccountName: konnectivity-agent
+ ports:
+ - name: serverport
+ containerPort: 8090
+ hostPort: 8090
+ - name: agentport
+ containerPort: 8091
+ hostPort: 8091
+ - name: healthport
+ containerPort: 8092
+ hostPort: 8092
+ - name: adminport
+ containerPort: 8093
+ hostPort: 8093
+ volumes:
+ - name: konnectivity-agent-token
+ projected:
+ sources:
+ - serviceAccountToken:
+ path: konnectivity-agent-token
+ audience: system:konnectivity-server
diff --git a/e2e/templates/agent/service.yaml b/e2e/templates/agent/service.yaml
new file mode 100644
index 000000000..61ab566a3
--- /dev/null
+++ b/e2e/templates/agent/service.yaml
@@ -0,0 +1,13 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: konnectivity-agent
+ namespace: kube-system
+spec:
+ selector:
+ k8s-app: konnectivity-agent
+ clusterIP: None
+ ports:
+ - protocol: TCP
+ port: 8093
+ targetPort: 8093
diff --git a/e2e/templates/agent/serviceaccount.yaml b/e2e/templates/agent/serviceaccount.yaml
new file mode 100644
index 000000000..4876d12e5
--- /dev/null
+++ b/e2e/templates/agent/serviceaccount.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: konnectivity-agent
+ namespace: kube-system
+ labels:
+ kubernetes.io/cluster-service: "true"
diff --git a/e2e/templates/server/clusterrolebinding.yaml b/e2e/templates/server/clusterrolebinding.yaml
new file mode 100644
index 000000000..1dc4fa928
--- /dev/null
+++ b/e2e/templates/server/clusterrolebinding.yaml
@@ -0,0 +1,14 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ name: system:konnectivity-server
+ labels:
+ kubernetes.io/cluster-service: "true"
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: system:auth-delegator
+subjects:
+- apiGroup: rbac.authorization.k8s.io
+ kind: User
+ name: system:konnectivity-server
diff --git a/e2e/templates/server/deployment.yaml b/e2e/templates/server/deployment.yaml
new file mode 100644
index 000000000..e1bec710b
--- /dev/null
+++ b/e2e/templates/server/deployment.yaml
@@ -0,0 +1,70 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ k8s-app: konnectivity-server
+ namespace: kube-system
+ name: konnectivity-server
+spec:
+ replicas: {{ .Replicas }}
+ selector:
+ matchLabels:
+ k8s-app: konnectivity-server
+ template:
+ metadata:
+ labels:
+ k8s-app: konnectivity-server
+ containers:
+ - name: konnectivity-server-container
+ image: {{ .Image }}
+ resources:
+ requests:
+ cpu: 1m
+ command: [ "/proxy-server"]
+ args: [
+ {{ range .Args }}
+ "--{{ .Key }}{{if ne .Value ""}}={{ .Value }}{{ end }}",
+ {{ end }}
+ ]
+ livenessProbe:
+ httpGet:
+ scheme: HTTP
+ host: 127.0.0.1
+ port: 8092
+ path: /healthz
+ initialDelaySeconds: 10
+ timeoutSeconds: 60
+ ports:
+ - name: serverport
+ containerPort: 8090
+ hostPort: 8090
+ - name: agentport
+ containerPort: 8091
+ hostPort: 8091
+ - name: healthport
+ containerPort: 8092
+ hostPort: 8092
+ - name: adminport
+ containerPort: 8093
+ hostPort: 8093
+ volumeMounts:
+ - name: varlogkonnectivityserver
+ mountPath: /var/log/konnectivity-server.log
+ readOnly: false
+ - name: kubernetes
+ mountPath: /etc/kubernetes
+ readOnly: true
+ - name: konnectivity-home
+ mountPath: /etc/kubernetes/konnectivity-server
+ volumes:
+ - name: varlogkonnectivityserver
+ hostPath:
+ path: /var/log/konnectivity-server.log
+ type: FileOrCreate
+ - name: kubernetes
+ hostPath:
+ path: /etc/kubernetes
+ - name: konnectivity-home
+ hostPath:
+ path: /etc/kubernetes/konnectivity-server
+ type: DirectoryOrCreate
diff --git a/e2e/templates/server/service.yaml b/e2e/templates/server/service.yaml
new file mode 100644
index 000000000..952bb81c8
--- /dev/null
+++ b/e2e/templates/server/service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: konnectivity-server
+ namespace: kube-system
+spec:
+ selector:
+ k8s-app: konnectivity-server
+ clusterIP: None
+ ports:
+ - protocol: TCP
+ port: 8091
+ targetPort: 8091
+ - protocol: TCP
+ port: 8093
+ targetPort: 8093
diff --git a/go.mod b/go.mod
index c196d846e..d2eeaaab1 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
module sigs.k8s.io/apiserver-network-proxy
-go 1.22
+go 1.22.5
toolchain go1.22.4
require (
@@ -22,6 +22,8 @@ require (
k8s.io/component-base v0.30.2
k8s.io/klog/v2 v2.130.0
sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.0
+ sigs.k8s.io/controller-runtime v0.18.2
+ sigs.k8s.io/e2e-framework v0.4.0
)
require (
@@ -31,6 +33,7 @@ require (
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/evanphx/json-patch v4.12.0+incompatible // indirect
+ github.com/evanphx/json-patch/v5 v5.9.0 // indirect
github.com/go-logr/logr v1.4.1 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
@@ -39,17 +42,21 @@ require (
github.com/golang/protobuf v1.5.4 // indirect
github.com/google/gnostic-models v0.6.8 // indirect
github.com/google/gofuzz v1.2.0 // indirect
- github.com/imdario/mergo v0.3.6 // indirect
+ github.com/gorilla/websocket v1.5.0 // indirect
+ github.com/imdario/mergo v0.3.15 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
+ github.com/moby/spdystream v0.2.0 // indirect
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
+ github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/procfs v0.12.0 // indirect
+ github.com/vladimirvivien/gexe v0.2.0 // indirect
golang.org/x/oauth2 v0.19.0 // indirect
golang.org/x/sys v0.21.0 // indirect
golang.org/x/term v0.21.0 // indirect
@@ -63,7 +70,7 @@ require (
k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
- sigs.k8s.io/yaml v1.3.0 // indirect
+ sigs.k8s.io/yaml v1.4.0 // indirect
)
replace sigs.k8s.io/apiserver-network-proxy/konnectivity-client => ./konnectivity-client
diff --git a/go.sum b/go.sum
index 5381e5c70..37407c802 100644
--- a/go.sum
+++ b/go.sum
@@ -1,3 +1,5 @@
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
+github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
@@ -13,8 +15,12 @@ github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxER
github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
github.com/evanphx/json-patch v4.12.0+incompatible h1:4onqiflcdA9EOZ4RxV643DvftH5pOlLGNtQ5lPWQu84=
github.com/evanphx/json-patch v4.12.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
+github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg=
+github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ=
github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
+github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg=
github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
@@ -39,8 +45,11 @@ github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJY
github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28=
-github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
+github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
+github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
+github.com/imdario/mergo v0.3.15 h1:M8XP7IuFNsqUx6VPK2P9OSmsYsI/YFaGil0uD21V3dM=
+github.com/imdario/mergo v0.3.15/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY=
github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
@@ -58,6 +67,8 @@ github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
+github.com/moby/spdystream v0.2.0 h1:cjW1zVyyoiM0T7b6UoySUFqzXMoqRckQtXwGPiBhOM8=
+github.com/moby/spdystream v0.2.0/go.mod h1:f7i0iNDQJ059oMTcWxx8MA/zKFIuD/lY+0GqbN2Wy8c=
github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
@@ -65,10 +76,12 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/onsi/ginkgo/v2 v2.15.0 h1:79HwNRBAZHOEwrczrgSOPy+eFTTlIGELKy5as+ClttY=
-github.com/onsi/ginkgo/v2 v2.15.0/go.mod h1:HlxMHtYF57y6Dpf+mc5529KKmSq9h2FpCF+/ZkwUxKM=
-github.com/onsi/gomega v1.31.0 h1:54UJxxj6cPInHS3a35wm6BK/F9nHYueZ1NVujHDrnXE=
-github.com/onsi/gomega v1.31.0/go.mod h1:DW9aCi7U6Yi40wNVAvT6kzFnEVEI5n3DloYBiKiT6zk=
+github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus=
+github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
+github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8=
+github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs=
+github.com/onsi/gomega v1.32.0 h1:JRYU78fJ1LPxlckP6Txi/EYqJvjtMrDC04/MM5XRHPk=
+github.com/onsi/gomega v1.32.0/go.mod h1:a4x4gW6Pz2yK1MAmvluYme5lvYTn61afQ2ETw/8n4Lg=
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -97,15 +110,23 @@ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/vladimirvivien/gexe v0.2.0 h1:nbdAQ6vbZ+ZNsolCgSVb9Fno60kzSuvtzVh6Ytqi/xY=
+github.com/vladimirvivien/gexe v0.2.0/go.mod h1:LHQL00w/7gDUKIak24n801ABp8C+ni6eBht9vGVst8w=
github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
go.uber.org/mock v0.4.0 h1:VcM4ZOtdbR4f6VXfiOpwpVJDL6lCReaZ6mw31wqh7KU=
go.uber.org/mock v0.4.0/go.mod h1:a6FSlNadKUHUa9IP5Vyt1zh4fC7uAwxMutEAscFbkZc=
+go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
+go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
+go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e h1:+WEEuIdZHnUeJJmEUjyYC2gfUMj69yZXw17EnHg/otA=
+golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e/go.mod h1:Kr81I6Kryrl9sr8s2FK3vxD90NdsKWRuOIl2O4CvYbA=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
@@ -161,6 +182,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
k8s.io/api v0.30.2 h1:+ZhRj+28QT4UOH+BKznu4CBgPWgkXO7XAvMcMl0qKvI=
k8s.io/api v0.30.2/go.mod h1:ULg5g9JvOev2dG0u2hig4Z7tQ2hHIuS+m8MNZ+X6EmI=
+k8s.io/apiextensions-apiserver v0.30.0 h1:jcZFKMqnICJfRxTgnC4E+Hpcq8UEhT8B2lhBcQ+6uAs=
+k8s.io/apiextensions-apiserver v0.30.0/go.mod h1:N9ogQFGcrbWqAY9p2mUAL5mGxsLqwgtUce127VtRX5Y=
k8s.io/apimachinery v0.30.2 h1:fEMcnBj6qkzzPGSVsAZtQThU62SmQ4ZymlXRC5yFSCg=
k8s.io/apimachinery v0.30.2/go.mod h1:iexa2somDaxdnj7bha06bhb43Zpa6eWH8N8dbqVjTUc=
k8s.io/client-go v0.30.2 h1:sBIVJdojUNPDU/jObC+18tXWcTJVcwyqS9diGdWHk50=
@@ -173,9 +196,13 @@ k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7F
k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
k8s.io/utils v0.0.0-20230726121419-3b25d923346b h1:sgn3ZU783SCgtaSJjpcVVlRqd6GSnlTLKgpAAttJvpI=
k8s.io/utils v0.0.0-20230726121419-3b25d923346b/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+sigs.k8s.io/controller-runtime v0.18.2 h1:RqVW6Kpeaji67CY5nPEfRz6ZfFMk0lWQlNrLqlNpx+Q=
+sigs.k8s.io/controller-runtime v0.18.2/go.mod h1:tuAt1+wbVsXIT8lPtk5RURxqAnq7xkpv2Mhttslg7Hw=
+sigs.k8s.io/e2e-framework v0.4.0 h1:4yYmFDNNoTnazqmZJXQ6dlQF1vrnDbutmxlyvBpC5rY=
+sigs.k8s.io/e2e-framework v0.4.0/go.mod h1:JilFQPF1OL1728ABhMlf9huse7h+uBJDXl9YeTs49A8=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
-sigs.k8s.io/yaml v1.3.0 h1:a2VclLzOGrwOHDiV8EfBGhvjHvP46CtW5j6POvhYGGo=
-sigs.k8s.io/yaml v1.3.0/go.mod h1:GeOyir5tyXNByN85N/dRIT9es5UQNerPYEKK56eTBm8=
+sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
+sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
diff --git a/vendor/github.com/evanphx/json-patch/v5/LICENSE b/vendor/github.com/evanphx/json-patch/v5/LICENSE
new file mode 100644
index 000000000..df76d7d77
--- /dev/null
+++ b/vendor/github.com/evanphx/json-patch/v5/LICENSE
@@ -0,0 +1,25 @@
+Copyright (c) 2014, Evan Phoenix
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+* Redistributions of source code must retain the above copyright notice, this
+ list of conditions and the following disclaimer.
+* Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+* Neither the name of the Evan Phoenix nor the names of its contributors
+ may be used to endorse or promote products derived from this software
+ without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/evanphx/json-patch/v5/errors.go b/vendor/github.com/evanphx/json-patch/v5/errors.go
new file mode 100644
index 000000000..75304b443
--- /dev/null
+++ b/vendor/github.com/evanphx/json-patch/v5/errors.go
@@ -0,0 +1,38 @@
+package jsonpatch
+
+import "fmt"
+
+// AccumulatedCopySizeError is an error type returned when the accumulated size
+// increase caused by copy operations in a patch operation has exceeded the
+// limit.
+type AccumulatedCopySizeError struct {
+ limit int64
+ accumulated int64
+}
+
+// NewAccumulatedCopySizeError returns an AccumulatedCopySizeError.
+func NewAccumulatedCopySizeError(l, a int64) *AccumulatedCopySizeError {
+ return &AccumulatedCopySizeError{limit: l, accumulated: a}
+}
+
+// Error implements the error interface.
+func (a *AccumulatedCopySizeError) Error() string {
+ return fmt.Sprintf("Unable to complete the copy, the accumulated size increase of copy is %d, exceeding the limit %d", a.accumulated, a.limit)
+}
+
+// ArraySizeError is an error type returned when the array size has exceeded
+// the limit.
+type ArraySizeError struct {
+ limit int
+ size int
+}
+
+// NewArraySizeError returns an ArraySizeError.
+func NewArraySizeError(l, s int) *ArraySizeError {
+ return &ArraySizeError{limit: l, size: s}
+}
+
+// Error implements the error interface.
+func (a *ArraySizeError) Error() string {
+ return fmt.Sprintf("Unable to create array of size %d, limit is %d", a.size, a.limit)
+}
diff --git a/vendor/github.com/evanphx/json-patch/v5/internal/json/decode.go b/vendor/github.com/evanphx/json-patch/v5/internal/json/decode.go
new file mode 100644
index 000000000..e9bb0efe7
--- /dev/null
+++ b/vendor/github.com/evanphx/json-patch/v5/internal/json/decode.go
@@ -0,0 +1,1385 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Represents JSON data structure using native Go types: booleans, floats,
+// strings, arrays, and maps.
+
+package json
+
+import (
+ "encoding"
+ "encoding/base64"
+ "fmt"
+ "reflect"
+ "strconv"
+ "strings"
+ "sync"
+ "unicode"
+ "unicode/utf16"
+ "unicode/utf8"
+)
+
+// Unmarshal parses the JSON-encoded data and stores the result
+// in the value pointed to by v. If v is nil or not a pointer,
+// Unmarshal returns an InvalidUnmarshalError.
+//
+// Unmarshal uses the inverse of the encodings that
+// Marshal uses, allocating maps, slices, and pointers as necessary,
+// with the following additional rules:
+//
+// To unmarshal JSON into a pointer, Unmarshal first handles the case of
+// the JSON being the JSON literal null. In that case, Unmarshal sets
+// the pointer to nil. Otherwise, Unmarshal unmarshals the JSON into
+// the value pointed at by the pointer. If the pointer is nil, Unmarshal
+// allocates a new value for it to point to.
+//
+// To unmarshal JSON into a value implementing the Unmarshaler interface,
+// Unmarshal calls that value's UnmarshalJSON method, including
+// when the input is a JSON null.
+// Otherwise, if the value implements encoding.TextUnmarshaler
+// and the input is a JSON quoted string, Unmarshal calls that value's
+// UnmarshalText method with the unquoted form of the string.
+//
+// To unmarshal JSON into a struct, Unmarshal matches incoming object
+// keys to the keys used by Marshal (either the struct field name or its tag),
+// preferring an exact match but also accepting a case-insensitive match. By
+// default, object keys which don't have a corresponding struct field are
+// ignored (see Decoder.DisallowUnknownFields for an alternative).
+//
+// To unmarshal JSON into an interface value,
+// Unmarshal stores one of these in the interface value:
+//
+// bool, for JSON booleans
+// float64, for JSON numbers
+// string, for JSON strings
+// []interface{}, for JSON arrays
+// map[string]interface{}, for JSON objects
+// nil for JSON null
+//
+// To unmarshal a JSON array into a slice, Unmarshal resets the slice length
+// to zero and then appends each element to the slice.
+// As a special case, to unmarshal an empty JSON array into a slice,
+// Unmarshal replaces the slice with a new empty slice.
+//
+// To unmarshal a JSON array into a Go array, Unmarshal decodes
+// JSON array elements into corresponding Go array elements.
+// If the Go array is smaller than the JSON array,
+// the additional JSON array elements are discarded.
+// If the JSON array is smaller than the Go array,
+// the additional Go array elements are set to zero values.
+//
+// To unmarshal a JSON object into a map, Unmarshal first establishes a map to
+// use. If the map is nil, Unmarshal allocates a new map. Otherwise Unmarshal
+// reuses the existing map, keeping existing entries. Unmarshal then stores
+// key-value pairs from the JSON object into the map. The map's key type must
+// either be any string type, an integer, implement json.Unmarshaler, or
+// implement encoding.TextUnmarshaler.
+//
+// If the JSON-encoded data contain a syntax error, Unmarshal returns a SyntaxError.
+//
+// If a JSON value is not appropriate for a given target type,
+// or if a JSON number overflows the target type, Unmarshal
+// skips that field and completes the unmarshaling as best it can.
+// If no more serious errors are encountered, Unmarshal returns
+// an UnmarshalTypeError describing the earliest such error. In any
+// case, it's not guaranteed that all the remaining fields following
+// the problematic one will be unmarshaled into the target object.
+//
+// The JSON null value unmarshals into an interface, map, pointer, or slice
+// by setting that Go value to nil. Because null is often used in JSON to mean
+// “not present,” unmarshaling a JSON null into any other Go type has no effect
+// on the value and produces no error.
+//
+// When unmarshaling quoted strings, invalid UTF-8 or
+// invalid UTF-16 surrogate pairs are not treated as an error.
+// Instead, they are replaced by the Unicode replacement
+// character U+FFFD.
+func Unmarshal(data []byte, v any) error {
+ // Check for well-formedness.
+ // Avoids filling out half a data structure
+ // before discovering a JSON syntax error.
+ d := ds.Get().(*decodeState)
+ defer ds.Put(d)
+ //var d decodeState
+ d.useNumber = true
+ err := checkValid(data, &d.scan)
+ if err != nil {
+ return err
+ }
+
+ d.init(data)
+ return d.unmarshal(v)
+}
+
+var ds = sync.Pool{
+ New: func() any {
+ return new(decodeState)
+ },
+}
+
+func UnmarshalWithKeys(data []byte, v any) ([]string, error) {
+ // Check for well-formedness.
+ // Avoids filling out half a data structure
+ // before discovering a JSON syntax error.
+
+ d := ds.Get().(*decodeState)
+ defer ds.Put(d)
+ //var d decodeState
+ d.useNumber = true
+ err := checkValid(data, &d.scan)
+ if err != nil {
+ return nil, err
+ }
+
+ d.init(data)
+ err = d.unmarshal(v)
+ if err != nil {
+ return nil, err
+ }
+
+ return d.lastKeys, nil
+}
+
+func UnmarshalValid(data []byte, v any) error {
+ // Check for well-formedness.
+ // Avoids filling out half a data structure
+ // before discovering a JSON syntax error.
+ d := ds.Get().(*decodeState)
+ defer ds.Put(d)
+ //var d decodeState
+ d.useNumber = true
+
+ d.init(data)
+ return d.unmarshal(v)
+}
+
+func UnmarshalValidWithKeys(data []byte, v any) ([]string, error) {
+ // Check for well-formedness.
+ // Avoids filling out half a data structure
+ // before discovering a JSON syntax error.
+
+ d := ds.Get().(*decodeState)
+ defer ds.Put(d)
+ //var d decodeState
+ d.useNumber = true
+
+ d.init(data)
+ err := d.unmarshal(v)
+ if err != nil {
+ return nil, err
+ }
+
+ return d.lastKeys, nil
+}
+
+// Unmarshaler is the interface implemented by types
+// that can unmarshal a JSON description of themselves.
+// The input can be assumed to be a valid encoding of
+// a JSON value. UnmarshalJSON must copy the JSON data
+// if it wishes to retain the data after returning.
+//
+// By convention, to approximate the behavior of Unmarshal itself,
+// Unmarshalers implement UnmarshalJSON([]byte("null")) as a no-op.
+type Unmarshaler interface {
+ UnmarshalJSON([]byte) error
+}
+
+// An UnmarshalTypeError describes a JSON value that was
+// not appropriate for a value of a specific Go type.
+type UnmarshalTypeError struct {
+ Value string // description of JSON value - "bool", "array", "number -5"
+ Type reflect.Type // type of Go value it could not be assigned to
+ Offset int64 // error occurred after reading Offset bytes
+ Struct string // name of the struct type containing the field
+ Field string // the full path from root node to the field
+}
+
+func (e *UnmarshalTypeError) Error() string {
+ if e.Struct != "" || e.Field != "" {
+ return "json: cannot unmarshal " + e.Value + " into Go struct field " + e.Struct + "." + e.Field + " of type " + e.Type.String()
+ }
+ return "json: cannot unmarshal " + e.Value + " into Go value of type " + e.Type.String()
+}
+
+// An UnmarshalFieldError describes a JSON object key that
+// led to an unexported (and therefore unwritable) struct field.
+//
+// Deprecated: No longer used; kept for compatibility.
+type UnmarshalFieldError struct {
+ Key string
+ Type reflect.Type
+ Field reflect.StructField
+}
+
+func (e *UnmarshalFieldError) Error() string {
+ return "json: cannot unmarshal object key " + strconv.Quote(e.Key) + " into unexported field " + e.Field.Name + " of type " + e.Type.String()
+}
+
+// An InvalidUnmarshalError describes an invalid argument passed to Unmarshal.
+// (The argument to Unmarshal must be a non-nil pointer.)
+type InvalidUnmarshalError struct {
+ Type reflect.Type
+}
+
+func (e *InvalidUnmarshalError) Error() string {
+ if e.Type == nil {
+ return "json: Unmarshal(nil)"
+ }
+
+ if e.Type.Kind() != reflect.Pointer {
+ return "json: Unmarshal(non-pointer " + e.Type.String() + ")"
+ }
+ return "json: Unmarshal(nil " + e.Type.String() + ")"
+}
+
+func (d *decodeState) unmarshal(v any) error {
+ rv := reflect.ValueOf(v)
+ if rv.Kind() != reflect.Pointer || rv.IsNil() {
+ return &InvalidUnmarshalError{reflect.TypeOf(v)}
+ }
+
+ d.scan.reset()
+ d.scanWhile(scanSkipSpace)
+ // We decode rv not rv.Elem because the Unmarshaler interface
+ // test must be applied at the top level of the value.
+ err := d.value(rv)
+ if err != nil {
+ return d.addErrorContext(err)
+ }
+ return d.savedError
+}
+
+// A Number represents a JSON number literal.
+type Number string
+
+// String returns the literal text of the number.
+func (n Number) String() string { return string(n) }
+
+// Float64 returns the number as a float64.
+func (n Number) Float64() (float64, error) {
+ return strconv.ParseFloat(string(n), 64)
+}
+
+// Int64 returns the number as an int64.
+func (n Number) Int64() (int64, error) {
+ return strconv.ParseInt(string(n), 10, 64)
+}
+
+// An errorContext provides context for type errors during decoding.
+type errorContext struct {
+ Struct reflect.Type
+ FieldStack []string
+}
+
+// decodeState represents the state while decoding a JSON value.
+type decodeState struct {
+ data []byte
+ off int // next read offset in data
+ opcode int // last read result
+ scan scanner
+ errorContext *errorContext
+ savedError error
+ useNumber bool
+ disallowUnknownFields bool
+ lastKeys []string
+}
+
+// readIndex returns the position of the last byte read.
+func (d *decodeState) readIndex() int {
+ return d.off - 1
+}
+
+// phasePanicMsg is used as a panic message when we end up with something that
+// shouldn't happen. It can indicate a bug in the JSON decoder, or that
+// something is editing the data slice while the decoder executes.
+const phasePanicMsg = "JSON decoder out of sync - data changing underfoot?"
+
+func (d *decodeState) init(data []byte) *decodeState {
+ d.data = data
+ d.off = 0
+ d.savedError = nil
+ if d.errorContext != nil {
+ d.errorContext.Struct = nil
+ // Reuse the allocated space for the FieldStack slice.
+ d.errorContext.FieldStack = d.errorContext.FieldStack[:0]
+ }
+ return d
+}
+
+// saveError saves the first err it is called with,
+// for reporting at the end of the unmarshal.
+func (d *decodeState) saveError(err error) {
+ if d.savedError == nil {
+ d.savedError = d.addErrorContext(err)
+ }
+}
+
+// addErrorContext returns a new error enhanced with information from d.errorContext
+func (d *decodeState) addErrorContext(err error) error {
+ if d.errorContext != nil && (d.errorContext.Struct != nil || len(d.errorContext.FieldStack) > 0) {
+ switch err := err.(type) {
+ case *UnmarshalTypeError:
+ err.Struct = d.errorContext.Struct.Name()
+ err.Field = strings.Join(d.errorContext.FieldStack, ".")
+ }
+ }
+ return err
+}
+
+// skip scans to the end of what was started.
+func (d *decodeState) skip() {
+ s, data, i := &d.scan, d.data, d.off
+ depth := len(s.parseState)
+ for {
+ op := s.step(s, data[i])
+ i++
+ if len(s.parseState) < depth {
+ d.off = i
+ d.opcode = op
+ return
+ }
+ }
+}
+
+// scanNext processes the byte at d.data[d.off].
+func (d *decodeState) scanNext() {
+ if d.off < len(d.data) {
+ d.opcode = d.scan.step(&d.scan, d.data[d.off])
+ d.off++
+ } else {
+ d.opcode = d.scan.eof()
+ d.off = len(d.data) + 1 // mark processed EOF with len+1
+ }
+}
+
+// scanWhile processes bytes in d.data[d.off:] until it
+// receives a scan code not equal to op.
+func (d *decodeState) scanWhile(op int) {
+ s, data, i := &d.scan, d.data, d.off
+ for i < len(data) {
+ newOp := s.step(s, data[i])
+ i++
+ if newOp != op {
+ d.opcode = newOp
+ d.off = i
+ return
+ }
+ }
+
+ d.off = len(data) + 1 // mark processed EOF with len+1
+ d.opcode = d.scan.eof()
+}
+
+// rescanLiteral is similar to scanWhile(scanContinue), but it specialises the
+// common case where we're decoding a literal. The decoder scans the input
+// twice, once for syntax errors and to check the length of the value, and the
+// second to perform the decoding.
+//
+// Only in the second step do we use decodeState to tokenize literals, so we
+// know there aren't any syntax errors. We can take advantage of that knowledge,
+// and scan a literal's bytes much more quickly.
+func (d *decodeState) rescanLiteral() {
+ data, i := d.data, d.off
+Switch:
+ switch data[i-1] {
+ case '"': // string
+ for ; i < len(data); i++ {
+ switch data[i] {
+ case '\\':
+ i++ // escaped char
+ case '"':
+ i++ // tokenize the closing quote too
+ break Switch
+ }
+ }
+ case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '-': // number
+ for ; i < len(data); i++ {
+ switch data[i] {
+ case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
+ '.', 'e', 'E', '+', '-':
+ default:
+ break Switch
+ }
+ }
+ case 't': // true
+ i += len("rue")
+ case 'f': // false
+ i += len("alse")
+ case 'n': // null
+ i += len("ull")
+ }
+ if i < len(data) {
+ d.opcode = stateEndValue(&d.scan, data[i])
+ } else {
+ d.opcode = scanEnd
+ }
+ d.off = i + 1
+}
+
+// value consumes a JSON value from d.data[d.off-1:], decoding into v, and
+// reads the following byte ahead. If v is invalid, the value is discarded.
+// The first byte of the value has been read already.
+func (d *decodeState) value(v reflect.Value) error {
+ switch d.opcode {
+ default:
+ panic(phasePanicMsg)
+
+ case scanBeginArray:
+ if v.IsValid() {
+ if err := d.array(v); err != nil {
+ return err
+ }
+ } else {
+ d.skip()
+ }
+ d.scanNext()
+
+ case scanBeginObject:
+ if v.IsValid() {
+ if err := d.object(v); err != nil {
+ return err
+ }
+ } else {
+ d.skip()
+ }
+ d.scanNext()
+
+ case scanBeginLiteral:
+ // All bytes inside literal return scanContinue op code.
+ start := d.readIndex()
+ d.rescanLiteral()
+
+ if v.IsValid() {
+ if err := d.literalStore(d.data[start:d.readIndex()], v, false); err != nil {
+ return err
+ }
+ }
+ }
+ return nil
+}
+
+type unquotedValue struct{}
+
+// valueQuoted is like value but decodes a
+// quoted string literal or literal null into an interface value.
+// If it finds anything other than a quoted string literal or null,
+// valueQuoted returns unquotedValue{}.
+func (d *decodeState) valueQuoted() any {
+ switch d.opcode {
+ default:
+ panic(phasePanicMsg)
+
+ case scanBeginArray, scanBeginObject:
+ d.skip()
+ d.scanNext()
+
+ case scanBeginLiteral:
+ v := d.literalInterface()
+ switch v.(type) {
+ case nil, string:
+ return v
+ }
+ }
+ return unquotedValue{}
+}
+
+// indirect walks down v allocating pointers as needed,
+// until it gets to a non-pointer.
+// If it encounters an Unmarshaler, indirect stops and returns that.
+// If decodingNull is true, indirect stops at the first settable pointer so it
+// can be set to nil.
+func indirect(v reflect.Value, decodingNull bool) (Unmarshaler, encoding.TextUnmarshaler, reflect.Value) {
+ // Issue #24153 indicates that it is generally not a guaranteed property
+ // that you may round-trip a reflect.Value by calling Value.Addr().Elem()
+ // and expect the value to still be settable for values derived from
+ // unexported embedded struct fields.
+ //
+ // The logic below effectively does this when it first addresses the value
+ // (to satisfy possible pointer methods) and continues to dereference
+ // subsequent pointers as necessary.
+ //
+ // After the first round-trip, we set v back to the original value to
+ // preserve the original RW flags contained in reflect.Value.
+ v0 := v
+ haveAddr := false
+
+ // If v is a named type and is addressable,
+ // start with its address, so that if the type has pointer methods,
+ // we find them.
+ if v.Kind() != reflect.Pointer && v.Type().Name() != "" && v.CanAddr() {
+ haveAddr = true
+ v = v.Addr()
+ }
+ for {
+ // Load value from interface, but only if the result will be
+ // usefully addressable.
+ if v.Kind() == reflect.Interface && !v.IsNil() {
+ e := v.Elem()
+ if e.Kind() == reflect.Pointer && !e.IsNil() && (!decodingNull || e.Elem().Kind() == reflect.Pointer) {
+ haveAddr = false
+ v = e
+ continue
+ }
+ }
+
+ if v.Kind() != reflect.Pointer {
+ break
+ }
+
+ if decodingNull && v.CanSet() {
+ break
+ }
+
+ // Prevent infinite loop if v is an interface pointing to its own address:
+ // var v interface{}
+ // v = &v
+ if v.Elem().Kind() == reflect.Interface && v.Elem().Elem() == v {
+ v = v.Elem()
+ break
+ }
+ if v.IsNil() {
+ v.Set(reflect.New(v.Type().Elem()))
+ }
+ if v.Type().NumMethod() > 0 && v.CanInterface() {
+ if u, ok := v.Interface().(Unmarshaler); ok {
+ return u, nil, reflect.Value{}
+ }
+ if !decodingNull {
+ if u, ok := v.Interface().(encoding.TextUnmarshaler); ok {
+ return nil, u, reflect.Value{}
+ }
+ }
+ }
+
+ if haveAddr {
+ v = v0 // restore original value after round-trip Value.Addr().Elem()
+ haveAddr = false
+ } else {
+ v = v.Elem()
+ }
+ }
+ return nil, nil, v
+}
+
+// array consumes an array from d.data[d.off-1:], decoding into v.
+// The first byte of the array ('[') has been read already.
+func (d *decodeState) array(v reflect.Value) error {
+ // Check for unmarshaler.
+ u, ut, pv := indirect(v, false)
+ if u != nil {
+ start := d.readIndex()
+ d.skip()
+ return u.UnmarshalJSON(d.data[start:d.off])
+ }
+ if ut != nil {
+ d.saveError(&UnmarshalTypeError{Value: "array", Type: v.Type(), Offset: int64(d.off)})
+ d.skip()
+ return nil
+ }
+ v = pv
+
+ // Check type of target.
+ switch v.Kind() {
+ case reflect.Interface:
+ if v.NumMethod() == 0 {
+ // Decoding into nil interface? Switch to non-reflect code.
+ ai := d.arrayInterface()
+ v.Set(reflect.ValueOf(ai))
+ return nil
+ }
+ // Otherwise it's invalid.
+ fallthrough
+ default:
+ d.saveError(&UnmarshalTypeError{Value: "array", Type: v.Type(), Offset: int64(d.off)})
+ d.skip()
+ return nil
+ case reflect.Array, reflect.Slice:
+ break
+ }
+
+ i := 0
+ for {
+ // Look ahead for ] - can only happen on first iteration.
+ d.scanWhile(scanSkipSpace)
+ if d.opcode == scanEndArray {
+ break
+ }
+
+ // Get element of array, growing if necessary.
+ if v.Kind() == reflect.Slice {
+ // Grow slice if necessary
+ if i >= v.Cap() {
+ newcap := v.Cap() + v.Cap()/2
+ if newcap < 4 {
+ newcap = 4
+ }
+ newv := reflect.MakeSlice(v.Type(), v.Len(), newcap)
+ reflect.Copy(newv, v)
+ v.Set(newv)
+ }
+ if i >= v.Len() {
+ v.SetLen(i + 1)
+ }
+ }
+
+ if i < v.Len() {
+ // Decode into element.
+ if err := d.value(v.Index(i)); err != nil {
+ return err
+ }
+ } else {
+ // Ran out of fixed array: skip.
+ if err := d.value(reflect.Value{}); err != nil {
+ return err
+ }
+ }
+ i++
+
+ // Next token must be , or ].
+ if d.opcode == scanSkipSpace {
+ d.scanWhile(scanSkipSpace)
+ }
+ if d.opcode == scanEndArray {
+ break
+ }
+ if d.opcode != scanArrayValue {
+ panic(phasePanicMsg)
+ }
+ }
+
+ if i < v.Len() {
+ if v.Kind() == reflect.Array {
+ // Array. Zero the rest.
+ z := reflect.Zero(v.Type().Elem())
+ for ; i < v.Len(); i++ {
+ v.Index(i).Set(z)
+ }
+ } else {
+ v.SetLen(i)
+ }
+ }
+ if i == 0 && v.Kind() == reflect.Slice {
+ v.Set(reflect.MakeSlice(v.Type(), 0, 0))
+ }
+ return nil
+}
+
+var nullLiteral = []byte("null")
+var textUnmarshalerType = reflect.TypeOf((*encoding.TextUnmarshaler)(nil)).Elem()
+
+// object consumes an object from d.data[d.off-1:], decoding into v.
+// The first byte ('{') of the object has been read already.
+func (d *decodeState) object(v reflect.Value) error {
+ // Check for unmarshaler.
+ u, ut, pv := indirect(v, false)
+ if u != nil {
+ start := d.readIndex()
+ d.skip()
+ return u.UnmarshalJSON(d.data[start:d.off])
+ }
+ if ut != nil {
+ d.saveError(&UnmarshalTypeError{Value: "object", Type: v.Type(), Offset: int64(d.off)})
+ d.skip()
+ return nil
+ }
+ v = pv
+ t := v.Type()
+
+ // Decoding into nil interface? Switch to non-reflect code.
+ if v.Kind() == reflect.Interface && v.NumMethod() == 0 {
+ oi := d.objectInterface()
+ v.Set(reflect.ValueOf(oi))
+ return nil
+ }
+
+ var fields structFields
+
+ // Check type of target:
+ // struct or
+ // map[T1]T2 where T1 is string, an integer type,
+ // or an encoding.TextUnmarshaler
+ switch v.Kind() {
+ case reflect.Map:
+ // Map key must either have string kind, have an integer kind,
+ // or be an encoding.TextUnmarshaler.
+ switch t.Key().Kind() {
+ case reflect.String,
+ reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64,
+ reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ default:
+ if !reflect.PointerTo(t.Key()).Implements(textUnmarshalerType) {
+ d.saveError(&UnmarshalTypeError{Value: "object", Type: t, Offset: int64(d.off)})
+ d.skip()
+ return nil
+ }
+ }
+ if v.IsNil() {
+ v.Set(reflect.MakeMap(t))
+ }
+ case reflect.Struct:
+ fields = cachedTypeFields(t)
+ // ok
+ default:
+ d.saveError(&UnmarshalTypeError{Value: "object", Type: t, Offset: int64(d.off)})
+ d.skip()
+ return nil
+ }
+
+ var mapElem reflect.Value
+ var origErrorContext errorContext
+ if d.errorContext != nil {
+ origErrorContext = *d.errorContext
+ }
+
+ var keys []string
+
+ for {
+ // Read opening " of string key or closing }.
+ d.scanWhile(scanSkipSpace)
+ if d.opcode == scanEndObject {
+ // closing } - can only happen on first iteration.
+ break
+ }
+ if d.opcode != scanBeginLiteral {
+ panic(phasePanicMsg)
+ }
+
+ // Read key.
+ start := d.readIndex()
+ d.rescanLiteral()
+ item := d.data[start:d.readIndex()]
+ key, ok := unquoteBytes(item)
+ if !ok {
+ panic(phasePanicMsg)
+ }
+
+ keys = append(keys, string(key))
+
+ // Figure out field corresponding to key.
+ var subv reflect.Value
+ destring := false // whether the value is wrapped in a string to be decoded first
+
+ if v.Kind() == reflect.Map {
+ elemType := t.Elem()
+ if !mapElem.IsValid() {
+ mapElem = reflect.New(elemType).Elem()
+ } else {
+ mapElem.Set(reflect.Zero(elemType))
+ }
+ subv = mapElem
+ } else {
+ var f *field
+ if i, ok := fields.nameIndex[string(key)]; ok {
+ // Found an exact name match.
+ f = &fields.list[i]
+ } else {
+ // Fall back to the expensive case-insensitive
+ // linear search.
+ for i := range fields.list {
+ ff := &fields.list[i]
+ if ff.equalFold(ff.nameBytes, key) {
+ f = ff
+ break
+ }
+ }
+ }
+ if f != nil {
+ subv = v
+ destring = f.quoted
+ for _, i := range f.index {
+ if subv.Kind() == reflect.Pointer {
+ if subv.IsNil() {
+ // If a struct embeds a pointer to an unexported type,
+ // it is not possible to set a newly allocated value
+ // since the field is unexported.
+ //
+ // See https://golang.org/issue/21357
+ if !subv.CanSet() {
+ d.saveError(fmt.Errorf("json: cannot set embedded pointer to unexported struct: %v", subv.Type().Elem()))
+ // Invalidate subv to ensure d.value(subv) skips over
+ // the JSON value without assigning it to subv.
+ subv = reflect.Value{}
+ destring = false
+ break
+ }
+ subv.Set(reflect.New(subv.Type().Elem()))
+ }
+ subv = subv.Elem()
+ }
+ subv = subv.Field(i)
+ }
+ if d.errorContext == nil {
+ d.errorContext = new(errorContext)
+ }
+ d.errorContext.FieldStack = append(d.errorContext.FieldStack, f.name)
+ d.errorContext.Struct = t
+ } else if d.disallowUnknownFields {
+ d.saveError(fmt.Errorf("json: unknown field %q", key))
+ }
+ }
+
+ // Read : before value.
+ if d.opcode == scanSkipSpace {
+ d.scanWhile(scanSkipSpace)
+ }
+ if d.opcode != scanObjectKey {
+ panic(phasePanicMsg)
+ }
+ d.scanWhile(scanSkipSpace)
+
+ if destring {
+ switch qv := d.valueQuoted().(type) {
+ case nil:
+ if err := d.literalStore(nullLiteral, subv, false); err != nil {
+ return err
+ }
+ case string:
+ if err := d.literalStore([]byte(qv), subv, true); err != nil {
+ return err
+ }
+ default:
+ d.saveError(fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal unquoted value into %v", subv.Type()))
+ }
+ } else {
+ if err := d.value(subv); err != nil {
+ return err
+ }
+ }
+
+ // Write value back to map;
+ // if using struct, subv points into struct already.
+ if v.Kind() == reflect.Map {
+ kt := t.Key()
+ var kv reflect.Value
+ switch {
+ case reflect.PointerTo(kt).Implements(textUnmarshalerType):
+ kv = reflect.New(kt)
+ if err := d.literalStore(item, kv, true); err != nil {
+ return err
+ }
+ kv = kv.Elem()
+ case kt.Kind() == reflect.String:
+ kv = reflect.ValueOf(key).Convert(kt)
+ default:
+ switch kt.Kind() {
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ s := string(key)
+ n, err := strconv.ParseInt(s, 10, 64)
+ if err != nil || reflect.Zero(kt).OverflowInt(n) {
+ d.saveError(&UnmarshalTypeError{Value: "number " + s, Type: kt, Offset: int64(start + 1)})
+ break
+ }
+ kv = reflect.ValueOf(n).Convert(kt)
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ s := string(key)
+ n, err := strconv.ParseUint(s, 10, 64)
+ if err != nil || reflect.Zero(kt).OverflowUint(n) {
+ d.saveError(&UnmarshalTypeError{Value: "number " + s, Type: kt, Offset: int64(start + 1)})
+ break
+ }
+ kv = reflect.ValueOf(n).Convert(kt)
+ default:
+ panic("json: Unexpected key type") // should never occur
+ }
+ }
+ if kv.IsValid() {
+ v.SetMapIndex(kv, subv)
+ }
+ }
+
+ // Next token must be , or }.
+ if d.opcode == scanSkipSpace {
+ d.scanWhile(scanSkipSpace)
+ }
+ if d.errorContext != nil {
+ // Reset errorContext to its original state.
+ // Keep the same underlying array for FieldStack, to reuse the
+ // space and avoid unnecessary allocs.
+ d.errorContext.FieldStack = d.errorContext.FieldStack[:len(origErrorContext.FieldStack)]
+ d.errorContext.Struct = origErrorContext.Struct
+ }
+ if d.opcode == scanEndObject {
+ break
+ }
+ if d.opcode != scanObjectValue {
+ panic(phasePanicMsg)
+ }
+ }
+
+ if v.Kind() == reflect.Map {
+ d.lastKeys = keys
+ }
+ return nil
+}
+
+// convertNumber converts the number literal s to a float64 or a Number
+// depending on the setting of d.useNumber.
+func (d *decodeState) convertNumber(s string) (any, error) {
+ if d.useNumber {
+ return Number(s), nil
+ }
+ f, err := strconv.ParseFloat(s, 64)
+ if err != nil {
+ return nil, &UnmarshalTypeError{Value: "number " + s, Type: reflect.TypeOf(0.0), Offset: int64(d.off)}
+ }
+ return f, nil
+}
+
+var numberType = reflect.TypeOf(Number(""))
+
+// literalStore decodes a literal stored in item into v.
+//
+// fromQuoted indicates whether this literal came from unwrapping a
+// string from the ",string" struct tag option. this is used only to
+// produce more helpful error messages.
+func (d *decodeState) literalStore(item []byte, v reflect.Value, fromQuoted bool) error {
+ // Check for unmarshaler.
+ if len(item) == 0 {
+ //Empty string given
+ d.saveError(fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type()))
+ return nil
+ }
+ isNull := item[0] == 'n' // null
+ u, ut, pv := indirect(v, isNull)
+ if u != nil {
+ return u.UnmarshalJSON(item)
+ }
+ if ut != nil {
+ if item[0] != '"' {
+ if fromQuoted {
+ d.saveError(fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type()))
+ return nil
+ }
+ val := "number"
+ switch item[0] {
+ case 'n':
+ val = "null"
+ case 't', 'f':
+ val = "bool"
+ }
+ d.saveError(&UnmarshalTypeError{Value: val, Type: v.Type(), Offset: int64(d.readIndex())})
+ return nil
+ }
+ s, ok := unquoteBytes(item)
+ if !ok {
+ if fromQuoted {
+ return fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type())
+ }
+ panic(phasePanicMsg)
+ }
+ return ut.UnmarshalText(s)
+ }
+
+ v = pv
+
+ switch c := item[0]; c {
+ case 'n': // null
+ // The main parser checks that only true and false can reach here,
+ // but if this was a quoted string input, it could be anything.
+ if fromQuoted && string(item) != "null" {
+ d.saveError(fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type()))
+ break
+ }
+ switch v.Kind() {
+ case reflect.Interface, reflect.Pointer, reflect.Map, reflect.Slice:
+ v.Set(reflect.Zero(v.Type()))
+ // otherwise, ignore null for primitives/string
+ }
+ case 't', 'f': // true, false
+ value := item[0] == 't'
+ // The main parser checks that only true and false can reach here,
+ // but if this was a quoted string input, it could be anything.
+ if fromQuoted && string(item) != "true" && string(item) != "false" {
+ d.saveError(fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type()))
+ break
+ }
+ switch v.Kind() {
+ default:
+ if fromQuoted {
+ d.saveError(fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type()))
+ } else {
+ d.saveError(&UnmarshalTypeError{Value: "bool", Type: v.Type(), Offset: int64(d.readIndex())})
+ }
+ case reflect.Bool:
+ v.SetBool(value)
+ case reflect.Interface:
+ if v.NumMethod() == 0 {
+ v.Set(reflect.ValueOf(value))
+ } else {
+ d.saveError(&UnmarshalTypeError{Value: "bool", Type: v.Type(), Offset: int64(d.readIndex())})
+ }
+ }
+
+ case '"': // string
+ s, ok := unquoteBytes(item)
+ if !ok {
+ if fromQuoted {
+ return fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type())
+ }
+ panic(phasePanicMsg)
+ }
+ switch v.Kind() {
+ default:
+ d.saveError(&UnmarshalTypeError{Value: "string", Type: v.Type(), Offset: int64(d.readIndex())})
+ case reflect.Slice:
+ if v.Type().Elem().Kind() != reflect.Uint8 {
+ d.saveError(&UnmarshalTypeError{Value: "string", Type: v.Type(), Offset: int64(d.readIndex())})
+ break
+ }
+ b := make([]byte, base64.StdEncoding.DecodedLen(len(s)))
+ n, err := base64.StdEncoding.Decode(b, s)
+ if err != nil {
+ d.saveError(err)
+ break
+ }
+ v.SetBytes(b[:n])
+ case reflect.String:
+ if v.Type() == numberType && !isValidNumber(string(s)) {
+ return fmt.Errorf("json: invalid number literal, trying to unmarshal %q into Number", item)
+ }
+ v.SetString(string(s))
+ case reflect.Interface:
+ if v.NumMethod() == 0 {
+ v.Set(reflect.ValueOf(string(s)))
+ } else {
+ d.saveError(&UnmarshalTypeError{Value: "string", Type: v.Type(), Offset: int64(d.readIndex())})
+ }
+ }
+
+ default: // number
+ if c != '-' && (c < '0' || c > '9') {
+ if fromQuoted {
+ return fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type())
+ }
+ panic(phasePanicMsg)
+ }
+ s := string(item)
+ switch v.Kind() {
+ default:
+ if v.Kind() == reflect.String && v.Type() == numberType {
+ // s must be a valid number, because it's
+ // already been tokenized.
+ v.SetString(s)
+ break
+ }
+ if fromQuoted {
+ return fmt.Errorf("json: invalid use of ,string struct tag, trying to unmarshal %q into %v", item, v.Type())
+ }
+ d.saveError(&UnmarshalTypeError{Value: "number", Type: v.Type(), Offset: int64(d.readIndex())})
+ case reflect.Interface:
+ n, err := d.convertNumber(s)
+ if err != nil {
+ d.saveError(err)
+ break
+ }
+ if v.NumMethod() != 0 {
+ d.saveError(&UnmarshalTypeError{Value: "number", Type: v.Type(), Offset: int64(d.readIndex())})
+ break
+ }
+ v.Set(reflect.ValueOf(n))
+
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ n, err := strconv.ParseInt(s, 10, 64)
+ if err != nil || v.OverflowInt(n) {
+ d.saveError(&UnmarshalTypeError{Value: "number " + s, Type: v.Type(), Offset: int64(d.readIndex())})
+ break
+ }
+ v.SetInt(n)
+
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ n, err := strconv.ParseUint(s, 10, 64)
+ if err != nil || v.OverflowUint(n) {
+ d.saveError(&UnmarshalTypeError{Value: "number " + s, Type: v.Type(), Offset: int64(d.readIndex())})
+ break
+ }
+ v.SetUint(n)
+
+ case reflect.Float32, reflect.Float64:
+ n, err := strconv.ParseFloat(s, v.Type().Bits())
+ if err != nil || v.OverflowFloat(n) {
+ d.saveError(&UnmarshalTypeError{Value: "number " + s, Type: v.Type(), Offset: int64(d.readIndex())})
+ break
+ }
+ v.SetFloat(n)
+ }
+ }
+ return nil
+}
+
+// The xxxInterface routines build up a value to be stored
+// in an empty interface. They are not strictly necessary,
+// but they avoid the weight of reflection in this common case.
+
+// valueInterface is like value but returns interface{}
+func (d *decodeState) valueInterface() (val any) {
+ switch d.opcode {
+ default:
+ panic(phasePanicMsg)
+ case scanBeginArray:
+ val = d.arrayInterface()
+ d.scanNext()
+ case scanBeginObject:
+ val = d.objectInterface()
+ d.scanNext()
+ case scanBeginLiteral:
+ val = d.literalInterface()
+ }
+ return
+}
+
+// arrayInterface is like array but returns []interface{}.
+func (d *decodeState) arrayInterface() []any {
+ var v = make([]any, 0)
+ for {
+ // Look ahead for ] - can only happen on first iteration.
+ d.scanWhile(scanSkipSpace)
+ if d.opcode == scanEndArray {
+ break
+ }
+
+ v = append(v, d.valueInterface())
+
+ // Next token must be , or ].
+ if d.opcode == scanSkipSpace {
+ d.scanWhile(scanSkipSpace)
+ }
+ if d.opcode == scanEndArray {
+ break
+ }
+ if d.opcode != scanArrayValue {
+ panic(phasePanicMsg)
+ }
+ }
+ return v
+}
+
+// objectInterface is like object but returns map[string]interface{}.
+func (d *decodeState) objectInterface() map[string]any {
+ m := make(map[string]any)
+ for {
+ // Read opening " of string key or closing }.
+ d.scanWhile(scanSkipSpace)
+ if d.opcode == scanEndObject {
+ // closing } - can only happen on first iteration.
+ break
+ }
+ if d.opcode != scanBeginLiteral {
+ panic(phasePanicMsg)
+ }
+
+ // Read string key.
+ start := d.readIndex()
+ d.rescanLiteral()
+ item := d.data[start:d.readIndex()]
+ key, ok := unquote(item)
+ if !ok {
+ panic(phasePanicMsg)
+ }
+
+ // Read : before value.
+ if d.opcode == scanSkipSpace {
+ d.scanWhile(scanSkipSpace)
+ }
+ if d.opcode != scanObjectKey {
+ panic(phasePanicMsg)
+ }
+ d.scanWhile(scanSkipSpace)
+
+ // Read value.
+ m[key] = d.valueInterface()
+
+ // Next token must be , or }.
+ if d.opcode == scanSkipSpace {
+ d.scanWhile(scanSkipSpace)
+ }
+ if d.opcode == scanEndObject {
+ break
+ }
+ if d.opcode != scanObjectValue {
+ panic(phasePanicMsg)
+ }
+ }
+ return m
+}
+
+// literalInterface consumes and returns a literal from d.data[d.off-1:] and
+// it reads the following byte ahead. The first byte of the literal has been
+// read already (that's how the caller knows it's a literal).
+func (d *decodeState) literalInterface() any {
+ // All bytes inside literal return scanContinue op code.
+ start := d.readIndex()
+ d.rescanLiteral()
+
+ item := d.data[start:d.readIndex()]
+
+ switch c := item[0]; c {
+ case 'n': // null
+ return nil
+
+ case 't', 'f': // true, false
+ return c == 't'
+
+ case '"': // string
+ s, ok := unquote(item)
+ if !ok {
+ panic(phasePanicMsg)
+ }
+ return s
+
+ default: // number
+ if c != '-' && (c < '0' || c > '9') {
+ panic(phasePanicMsg)
+ }
+ n, err := d.convertNumber(string(item))
+ if err != nil {
+ d.saveError(err)
+ }
+ return n
+ }
+}
+
+// getu4 decodes \uXXXX from the beginning of s, returning the hex value,
+// or it returns -1.
+func getu4(s []byte) rune {
+ if len(s) < 6 || s[0] != '\\' || s[1] != 'u' {
+ return -1
+ }
+ var r rune
+ for _, c := range s[2:6] {
+ switch {
+ case '0' <= c && c <= '9':
+ c = c - '0'
+ case 'a' <= c && c <= 'f':
+ c = c - 'a' + 10
+ case 'A' <= c && c <= 'F':
+ c = c - 'A' + 10
+ default:
+ return -1
+ }
+ r = r*16 + rune(c)
+ }
+ return r
+}
+
+// unquote converts a quoted JSON string literal s into an actual string t.
+// The rules are different than for Go, so cannot use strconv.Unquote.
+func unquote(s []byte) (t string, ok bool) {
+ s, ok = unquoteBytes(s)
+ t = string(s)
+ return
+}
+
+func unquoteBytes(s []byte) (t []byte, ok bool) {
+ if len(s) < 2 || s[0] != '"' || s[len(s)-1] != '"' {
+ return
+ }
+ s = s[1 : len(s)-1]
+
+ // Check for unusual characters. If there are none,
+ // then no unquoting is needed, so return a slice of the
+ // original bytes.
+ r := 0
+ for r < len(s) {
+ c := s[r]
+ if c == '\\' || c == '"' || c < ' ' {
+ break
+ }
+ if c < utf8.RuneSelf {
+ r++
+ continue
+ }
+ rr, size := utf8.DecodeRune(s[r:])
+ if rr == utf8.RuneError && size == 1 {
+ break
+ }
+ r += size
+ }
+ if r == len(s) {
+ return s, true
+ }
+
+ b := make([]byte, len(s)+2*utf8.UTFMax)
+ w := copy(b, s[0:r])
+ for r < len(s) {
+ // Out of room? Can only happen if s is full of
+ // malformed UTF-8 and we're replacing each
+ // byte with RuneError.
+ if w >= len(b)-2*utf8.UTFMax {
+ nb := make([]byte, (len(b)+utf8.UTFMax)*2)
+ copy(nb, b[0:w])
+ b = nb
+ }
+ switch c := s[r]; {
+ case c == '\\':
+ r++
+ if r >= len(s) {
+ return
+ }
+ switch s[r] {
+ default:
+ return
+ case '"', '\\', '/', '\'':
+ b[w] = s[r]
+ r++
+ w++
+ case 'b':
+ b[w] = '\b'
+ r++
+ w++
+ case 'f':
+ b[w] = '\f'
+ r++
+ w++
+ case 'n':
+ b[w] = '\n'
+ r++
+ w++
+ case 'r':
+ b[w] = '\r'
+ r++
+ w++
+ case 't':
+ b[w] = '\t'
+ r++
+ w++
+ case 'u':
+ r--
+ rr := getu4(s[r:])
+ if rr < 0 {
+ return
+ }
+ r += 6
+ if utf16.IsSurrogate(rr) {
+ rr1 := getu4(s[r:])
+ if dec := utf16.DecodeRune(rr, rr1); dec != unicode.ReplacementChar {
+ // A valid pair; consume.
+ r += 6
+ w += utf8.EncodeRune(b[w:], dec)
+ break
+ }
+ // Invalid surrogate; fall back to replacement rune.
+ rr = unicode.ReplacementChar
+ }
+ w += utf8.EncodeRune(b[w:], rr)
+ }
+
+ // Quote, control characters are invalid.
+ case c == '"', c < ' ':
+ return
+
+ // ASCII
+ case c < utf8.RuneSelf:
+ b[w] = c
+ r++
+ w++
+
+ // Coerce to well-formed UTF-8.
+ default:
+ rr, size := utf8.DecodeRune(s[r:])
+ r += size
+ w += utf8.EncodeRune(b[w:], rr)
+ }
+ }
+ return b[0:w], true
+}
diff --git a/vendor/github.com/evanphx/json-patch/v5/internal/json/encode.go b/vendor/github.com/evanphx/json-patch/v5/internal/json/encode.go
new file mode 100644
index 000000000..2e6eca448
--- /dev/null
+++ b/vendor/github.com/evanphx/json-patch/v5/internal/json/encode.go
@@ -0,0 +1,1486 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package json implements encoding and decoding of JSON as defined in
+// RFC 7159. The mapping between JSON and Go values is described
+// in the documentation for the Marshal and Unmarshal functions.
+//
+// See "JSON and Go" for an introduction to this package:
+// https://golang.org/doc/articles/json_and_go.html
+package json
+
+import (
+ "bytes"
+ "encoding"
+ "encoding/base64"
+ "fmt"
+ "math"
+ "reflect"
+ "sort"
+ "strconv"
+ "strings"
+ "sync"
+ "unicode"
+ "unicode/utf8"
+)
+
+// Marshal returns the JSON encoding of v.
+//
+// Marshal traverses the value v recursively.
+// If an encountered value implements the Marshaler interface
+// and is not a nil pointer, Marshal calls its MarshalJSON method
+// to produce JSON. If no MarshalJSON method is present but the
+// value implements encoding.TextMarshaler instead, Marshal calls
+// its MarshalText method and encodes the result as a JSON string.
+// The nil pointer exception is not strictly necessary
+// but mimics a similar, necessary exception in the behavior of
+// UnmarshalJSON.
+//
+// Otherwise, Marshal uses the following type-dependent default encodings:
+//
+// Boolean values encode as JSON booleans.
+//
+// Floating point, integer, and Number values encode as JSON numbers.
+//
+// String values encode as JSON strings coerced to valid UTF-8,
+// replacing invalid bytes with the Unicode replacement rune.
+// So that the JSON will be safe to embed inside HTML " that closes the next token. If
+ // non-empty, the subsequent call to Next will return a raw or RCDATA text
+ // token: one that treats "" as text instead of an element.
+ // rawTag's contents are lower-cased.
+ rawTag string
+ // textIsRaw is whether the current text token's data is not escaped.
+ textIsRaw bool
+ // convertNUL is whether NUL bytes in the current token's data should
+ // be converted into \ufffd replacement characters.
+ convertNUL bool
+ // allowCDATA is whether CDATA sections are allowed in the current context.
+ allowCDATA bool
+}
+
+// AllowCDATA sets whether or not the tokenizer recognizes as
+// the text "foo". The default value is false, which means to recognize it as
+// a bogus comment "" instead.
+//
+// Strictly speaking, an HTML5 compliant tokenizer should allow CDATA if and
+// only if tokenizing foreign content, such as MathML and SVG. However,
+// tracking foreign-contentness is difficult to do purely in the tokenizer,
+// as opposed to the parser, due to HTML integration points: an element
+// can contain a that is foreign-to-SVG but not foreign-to-
+// HTML. For strict compliance with the HTML5 tokenization algorithm, it is the
+// responsibility of the user of a tokenizer to call AllowCDATA as appropriate.
+// In practice, if using the tokenizer without caring whether MathML or SVG
+// CDATA is text or comments, such as tokenizing HTML to find all the anchor
+// text, it is acceptable to ignore this responsibility.
+func (z *Tokenizer) AllowCDATA(allowCDATA bool) {
+ z.allowCDATA = allowCDATA
+}
+
+// NextIsNotRawText instructs the tokenizer that the next token should not be
+// considered as 'raw text'. Some elements, such as script and title elements,
+// normally require the next token after the opening tag to be 'raw text' that
+// has no child elements. For example, tokenizing "a<b>c</b>d "
+// yields a start tag token for "", a text token for "a<b>c</b>d", and
+// an end tag token for " ". There are no distinct start tag or end tag
+// tokens for the "" and " ".
+//
+// This tokenizer implementation will generally look for raw text at the right
+// times. Strictly speaking, an HTML5 compliant tokenizer should not look for
+// raw text if in foreign content: generally needs raw text, but a
+// <title> inside an <svg> does not. Another example is that a <textarea>
+// generally needs raw text, but a <textarea> is not allowed as an immediate
+// child of a <select>; in normal parsing, a <textarea> implies </select>, but
+// one cannot close the implicit element when parsing a <select>'s InnerHTML.
+// Similarly to AllowCDATA, tracking the correct moment to override raw-text-
+// ness is difficult to do purely in the tokenizer, as opposed to the parser.
+// For strict compliance with the HTML5 tokenization algorithm, it is the
+// responsibility of the user of a tokenizer to call NextIsNotRawText as
+// appropriate. In practice, like AllowCDATA, it is acceptable to ignore this
+// responsibility for basic usage.
+//
+// Note that this 'raw text' concept is different from the one offered by the
+// Tokenizer.Raw method.
+func (z *Tokenizer) NextIsNotRawText() {
+ z.rawTag = ""
+}
+
+// Err returns the error associated with the most recent ErrorToken token.
+// This is typically io.EOF, meaning the end of tokenization.
+func (z *Tokenizer) Err() error {
+ if z.tt != ErrorToken {
+ return nil
+ }
+ return z.err
+}
+
+// readByte returns the next byte from the input stream, doing a buffered read
+// from z.r into z.buf if necessary. z.buf[z.raw.start:z.raw.end] remains a contiguous byte
+// slice that holds all the bytes read so far for the current token.
+// It sets z.err if the underlying reader returns an error.
+// Pre-condition: z.err == nil.
+func (z *Tokenizer) readByte() byte {
+ if z.raw.end >= len(z.buf) {
+ // Our buffer is exhausted and we have to read from z.r. Check if the
+ // previous read resulted in an error.
+ if z.readErr != nil {
+ z.err = z.readErr
+ return 0
+ }
+ // We copy z.buf[z.raw.start:z.raw.end] to the beginning of z.buf. If the length
+ // z.raw.end - z.raw.start is more than half the capacity of z.buf, then we
+ // allocate a new buffer before the copy.
+ c := cap(z.buf)
+ d := z.raw.end - z.raw.start
+ var buf1 []byte
+ if 2*d > c {
+ buf1 = make([]byte, d, 2*c)
+ } else {
+ buf1 = z.buf[:d]
+ }
+ copy(buf1, z.buf[z.raw.start:z.raw.end])
+ if x := z.raw.start; x != 0 {
+ // Adjust the data/attr spans to refer to the same contents after the copy.
+ z.data.start -= x
+ z.data.end -= x
+ z.pendingAttr[0].start -= x
+ z.pendingAttr[0].end -= x
+ z.pendingAttr[1].start -= x
+ z.pendingAttr[1].end -= x
+ for i := range z.attr {
+ z.attr[i][0].start -= x
+ z.attr[i][0].end -= x
+ z.attr[i][1].start -= x
+ z.attr[i][1].end -= x
+ }
+ }
+ z.raw.start, z.raw.end, z.buf = 0, d, buf1[:d]
+ // Now that we have copied the live bytes to the start of the buffer,
+ // we read from z.r into the remainder.
+ var n int
+ n, z.readErr = readAtLeastOneByte(z.r, buf1[d:cap(buf1)])
+ if n == 0 {
+ z.err = z.readErr
+ return 0
+ }
+ z.buf = buf1[:d+n]
+ }
+ x := z.buf[z.raw.end]
+ z.raw.end++
+ if z.maxBuf > 0 && z.raw.end-z.raw.start >= z.maxBuf {
+ z.err = ErrBufferExceeded
+ return 0
+ }
+ return x
+}
+
+// Buffered returns a slice containing data buffered but not yet tokenized.
+func (z *Tokenizer) Buffered() []byte {
+ return z.buf[z.raw.end:]
+}
+
+// readAtLeastOneByte wraps an io.Reader so that reading cannot return (0, nil).
+// It returns io.ErrNoProgress if the underlying r.Read method returns (0, nil)
+// too many times in succession.
+func readAtLeastOneByte(r io.Reader, b []byte) (int, error) {
+ for i := 0; i < 100; i++ {
+ if n, err := r.Read(b); n != 0 || err != nil {
+ return n, err
+ }
+ }
+ return 0, io.ErrNoProgress
+}
+
+// skipWhiteSpace skips past any white space.
+func (z *Tokenizer) skipWhiteSpace() {
+ if z.err != nil {
+ return
+ }
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case ' ', '\n', '\r', '\t', '\f':
+ // No-op.
+ default:
+ z.raw.end--
+ return
+ }
+ }
+}
+
+// readRawOrRCDATA reads until the next "</foo>", where "foo" is z.rawTag and
+// is typically something like "script" or "textarea".
+func (z *Tokenizer) readRawOrRCDATA() {
+ if z.rawTag == "script" {
+ z.readScript()
+ z.textIsRaw = true
+ z.rawTag = ""
+ return
+ }
+loop:
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ break loop
+ }
+ if c != '<' {
+ continue loop
+ }
+ c = z.readByte()
+ if z.err != nil {
+ break loop
+ }
+ if c != '/' {
+ z.raw.end--
+ continue loop
+ }
+ if z.readRawEndTag() || z.err != nil {
+ break loop
+ }
+ }
+ z.data.end = z.raw.end
+ // A textarea's or title's RCDATA can contain escaped entities.
+ z.textIsRaw = z.rawTag != "textarea" && z.rawTag != "title"
+ z.rawTag = ""
+}
+
+// readRawEndTag attempts to read a tag like "</foo>", where "foo" is z.rawTag.
+// If it succeeds, it backs up the input position to reconsume the tag and
+// returns true. Otherwise it returns false. The opening "</" has already been
+// consumed.
+func (z *Tokenizer) readRawEndTag() bool {
+ for i := 0; i < len(z.rawTag); i++ {
+ c := z.readByte()
+ if z.err != nil {
+ return false
+ }
+ if c != z.rawTag[i] && c != z.rawTag[i]-('a'-'A') {
+ z.raw.end--
+ return false
+ }
+ }
+ c := z.readByte()
+ if z.err != nil {
+ return false
+ }
+ switch c {
+ case ' ', '\n', '\r', '\t', '\f', '/', '>':
+ // The 3 is 2 for the leading "</" plus 1 for the trailing character c.
+ z.raw.end -= 3 + len(z.rawTag)
+ return true
+ }
+ z.raw.end--
+ return false
+}
+
+// readScript reads until the next </script> tag, following the byzantine
+// rules for escaping/hiding the closing tag.
+func (z *Tokenizer) readScript() {
+ defer func() {
+ z.data.end = z.raw.end
+ }()
+ var c byte
+
+scriptData:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ if c == '<' {
+ goto scriptDataLessThanSign
+ }
+ goto scriptData
+
+scriptDataLessThanSign:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case '/':
+ goto scriptDataEndTagOpen
+ case '!':
+ goto scriptDataEscapeStart
+ }
+ z.raw.end--
+ goto scriptData
+
+scriptDataEndTagOpen:
+ if z.readRawEndTag() || z.err != nil {
+ return
+ }
+ goto scriptData
+
+scriptDataEscapeStart:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ if c == '-' {
+ goto scriptDataEscapeStartDash
+ }
+ z.raw.end--
+ goto scriptData
+
+scriptDataEscapeStartDash:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ if c == '-' {
+ goto scriptDataEscapedDashDash
+ }
+ z.raw.end--
+ goto scriptData
+
+scriptDataEscaped:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case '-':
+ goto scriptDataEscapedDash
+ case '<':
+ goto scriptDataEscapedLessThanSign
+ }
+ goto scriptDataEscaped
+
+scriptDataEscapedDash:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case '-':
+ goto scriptDataEscapedDashDash
+ case '<':
+ goto scriptDataEscapedLessThanSign
+ }
+ goto scriptDataEscaped
+
+scriptDataEscapedDashDash:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case '-':
+ goto scriptDataEscapedDashDash
+ case '<':
+ goto scriptDataEscapedLessThanSign
+ case '>':
+ goto scriptData
+ }
+ goto scriptDataEscaped
+
+scriptDataEscapedLessThanSign:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ if c == '/' {
+ goto scriptDataEscapedEndTagOpen
+ }
+ if 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' {
+ goto scriptDataDoubleEscapeStart
+ }
+ z.raw.end--
+ goto scriptData
+
+scriptDataEscapedEndTagOpen:
+ if z.readRawEndTag() || z.err != nil {
+ return
+ }
+ goto scriptDataEscaped
+
+scriptDataDoubleEscapeStart:
+ z.raw.end--
+ for i := 0; i < len("script"); i++ {
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ if c != "script"[i] && c != "SCRIPT"[i] {
+ z.raw.end--
+ goto scriptDataEscaped
+ }
+ }
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case ' ', '\n', '\r', '\t', '\f', '/', '>':
+ goto scriptDataDoubleEscaped
+ }
+ z.raw.end--
+ goto scriptDataEscaped
+
+scriptDataDoubleEscaped:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case '-':
+ goto scriptDataDoubleEscapedDash
+ case '<':
+ goto scriptDataDoubleEscapedLessThanSign
+ }
+ goto scriptDataDoubleEscaped
+
+scriptDataDoubleEscapedDash:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case '-':
+ goto scriptDataDoubleEscapedDashDash
+ case '<':
+ goto scriptDataDoubleEscapedLessThanSign
+ }
+ goto scriptDataDoubleEscaped
+
+scriptDataDoubleEscapedDashDash:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch c {
+ case '-':
+ goto scriptDataDoubleEscapedDashDash
+ case '<':
+ goto scriptDataDoubleEscapedLessThanSign
+ case '>':
+ goto scriptData
+ }
+ goto scriptDataDoubleEscaped
+
+scriptDataDoubleEscapedLessThanSign:
+ c = z.readByte()
+ if z.err != nil {
+ return
+ }
+ if c == '/' {
+ goto scriptDataDoubleEscapeEnd
+ }
+ z.raw.end--
+ goto scriptDataDoubleEscaped
+
+scriptDataDoubleEscapeEnd:
+ if z.readRawEndTag() {
+ z.raw.end += len("</script>")
+ goto scriptDataEscaped
+ }
+ if z.err != nil {
+ return
+ }
+ goto scriptDataDoubleEscaped
+}
+
+// readComment reads the next comment token starting with "<!--". The opening
+// "<!--" has already been consumed.
+func (z *Tokenizer) readComment() {
+ // When modifying this function, consider manually increasing the
+ // maxSuffixLen constant in func TestComments, from 6 to e.g. 9 or more.
+ // That increase should only be temporary, not committed, as it
+ // exponentially affects the test running time.
+
+ z.data.start = z.raw.end
+ defer func() {
+ if z.data.end < z.data.start {
+ // It's a comment with no data, like <!-->.
+ z.data.end = z.data.start
+ }
+ }()
+
+ var dashCount int
+ beginning := true
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ z.data.end = z.calculateAbruptCommentDataEnd()
+ return
+ }
+ switch c {
+ case '-':
+ dashCount++
+ continue
+ case '>':
+ if dashCount >= 2 || beginning {
+ z.data.end = z.raw.end - len("-->")
+ return
+ }
+ case '!':
+ if dashCount >= 2 {
+ c = z.readByte()
+ if z.err != nil {
+ z.data.end = z.calculateAbruptCommentDataEnd()
+ return
+ } else if c == '>' {
+ z.data.end = z.raw.end - len("--!>")
+ return
+ } else if c == '-' {
+ dashCount = 1
+ beginning = false
+ continue
+ }
+ }
+ }
+ dashCount = 0
+ beginning = false
+ }
+}
+
+func (z *Tokenizer) calculateAbruptCommentDataEnd() int {
+ raw := z.Raw()
+ const prefixLen = len("<!--")
+ if len(raw) >= prefixLen {
+ raw = raw[prefixLen:]
+ if hasSuffix(raw, "--!") {
+ return z.raw.end - 3
+ } else if hasSuffix(raw, "--") {
+ return z.raw.end - 2
+ } else if hasSuffix(raw, "-") {
+ return z.raw.end - 1
+ }
+ }
+ return z.raw.end
+}
+
+func hasSuffix(b []byte, suffix string) bool {
+ if len(b) < len(suffix) {
+ return false
+ }
+ b = b[len(b)-len(suffix):]
+ for i := range b {
+ if b[i] != suffix[i] {
+ return false
+ }
+ }
+ return true
+}
+
+// readUntilCloseAngle reads until the next ">".
+func (z *Tokenizer) readUntilCloseAngle() {
+ z.data.start = z.raw.end
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ z.data.end = z.raw.end
+ return
+ }
+ if c == '>' {
+ z.data.end = z.raw.end - len(">")
+ return
+ }
+ }
+}
+
+// readMarkupDeclaration reads the next token starting with "<!". It might be
+// a "<!--comment-->", a "<!DOCTYPE foo>", a "<![CDATA[section]]>" or
+// "<!a bogus comment". The opening "<!" has already been consumed.
+func (z *Tokenizer) readMarkupDeclaration() TokenType {
+ z.data.start = z.raw.end
+ var c [2]byte
+ for i := 0; i < 2; i++ {
+ c[i] = z.readByte()
+ if z.err != nil {
+ z.data.end = z.raw.end
+ return CommentToken
+ }
+ }
+ if c[0] == '-' && c[1] == '-' {
+ z.readComment()
+ return CommentToken
+ }
+ z.raw.end -= 2
+ if z.readDoctype() {
+ return DoctypeToken
+ }
+ if z.allowCDATA && z.readCDATA() {
+ z.convertNUL = true
+ return TextToken
+ }
+ // It's a bogus comment.
+ z.readUntilCloseAngle()
+ return CommentToken
+}
+
+// readDoctype attempts to read a doctype declaration and returns true if
+// successful. The opening "<!" has already been consumed.
+func (z *Tokenizer) readDoctype() bool {
+ const s = "DOCTYPE"
+ for i := 0; i < len(s); i++ {
+ c := z.readByte()
+ if z.err != nil {
+ z.data.end = z.raw.end
+ return false
+ }
+ if c != s[i] && c != s[i]+('a'-'A') {
+ // Back up to read the fragment of "DOCTYPE" again.
+ z.raw.end = z.data.start
+ return false
+ }
+ }
+ if z.skipWhiteSpace(); z.err != nil {
+ z.data.start = z.raw.end
+ z.data.end = z.raw.end
+ return true
+ }
+ z.readUntilCloseAngle()
+ return true
+}
+
+// readCDATA attempts to read a CDATA section and returns true if
+// successful. The opening "<!" has already been consumed.
+func (z *Tokenizer) readCDATA() bool {
+ const s = "[CDATA["
+ for i := 0; i < len(s); i++ {
+ c := z.readByte()
+ if z.err != nil {
+ z.data.end = z.raw.end
+ return false
+ }
+ if c != s[i] {
+ // Back up to read the fragment of "[CDATA[" again.
+ z.raw.end = z.data.start
+ return false
+ }
+ }
+ z.data.start = z.raw.end
+ brackets := 0
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ z.data.end = z.raw.end
+ return true
+ }
+ switch c {
+ case ']':
+ brackets++
+ case '>':
+ if brackets >= 2 {
+ z.data.end = z.raw.end - len("]]>")
+ return true
+ }
+ brackets = 0
+ default:
+ brackets = 0
+ }
+ }
+}
+
+// startTagIn returns whether the start tag in z.buf[z.data.start:z.data.end]
+// case-insensitively matches any element of ss.
+func (z *Tokenizer) startTagIn(ss ...string) bool {
+loop:
+ for _, s := range ss {
+ if z.data.end-z.data.start != len(s) {
+ continue loop
+ }
+ for i := 0; i < len(s); i++ {
+ c := z.buf[z.data.start+i]
+ if 'A' <= c && c <= 'Z' {
+ c += 'a' - 'A'
+ }
+ if c != s[i] {
+ continue loop
+ }
+ }
+ return true
+ }
+ return false
+}
+
+// readStartTag reads the next start tag token. The opening "<a" has already
+// been consumed, where 'a' means anything in [A-Za-z].
+func (z *Tokenizer) readStartTag() TokenType {
+ z.readTag(true)
+ if z.err != nil {
+ return ErrorToken
+ }
+ // Several tags flag the tokenizer's next token as raw.
+ c, raw := z.buf[z.data.start], false
+ if 'A' <= c && c <= 'Z' {
+ c += 'a' - 'A'
+ }
+ switch c {
+ case 'i':
+ raw = z.startTagIn("iframe")
+ case 'n':
+ raw = z.startTagIn("noembed", "noframes", "noscript")
+ case 'p':
+ raw = z.startTagIn("plaintext")
+ case 's':
+ raw = z.startTagIn("script", "style")
+ case 't':
+ raw = z.startTagIn("textarea", "title")
+ case 'x':
+ raw = z.startTagIn("xmp")
+ }
+ if raw {
+ z.rawTag = strings.ToLower(string(z.buf[z.data.start:z.data.end]))
+ }
+ // Look for a self-closing token like "<br/>".
+ if z.err == nil && z.buf[z.raw.end-2] == '/' {
+ return SelfClosingTagToken
+ }
+ return StartTagToken
+}
+
+// readTag reads the next tag token and its attributes. If saveAttr, those
+// attributes are saved in z.attr, otherwise z.attr is set to an empty slice.
+// The opening "<a" or "</a" has already been consumed, where 'a' means anything
+// in [A-Za-z].
+func (z *Tokenizer) readTag(saveAttr bool) {
+ z.attr = z.attr[:0]
+ z.nAttrReturned = 0
+ // Read the tag name and attribute key/value pairs.
+ z.readTagName()
+ if z.skipWhiteSpace(); z.err != nil {
+ return
+ }
+ for {
+ c := z.readByte()
+ if z.err != nil || c == '>' {
+ break
+ }
+ z.raw.end--
+ z.readTagAttrKey()
+ z.readTagAttrVal()
+ // Save pendingAttr if saveAttr and that attribute has a non-empty key.
+ if saveAttr && z.pendingAttr[0].start != z.pendingAttr[0].end {
+ z.attr = append(z.attr, z.pendingAttr)
+ }
+ if z.skipWhiteSpace(); z.err != nil {
+ break
+ }
+ }
+}
+
+// readTagName sets z.data to the "div" in "<div k=v>". The reader (z.raw.end)
+// is positioned such that the first byte of the tag name (the "d" in "<div")
+// has already been consumed.
+func (z *Tokenizer) readTagName() {
+ z.data.start = z.raw.end - 1
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ z.data.end = z.raw.end
+ return
+ }
+ switch c {
+ case ' ', '\n', '\r', '\t', '\f':
+ z.data.end = z.raw.end - 1
+ return
+ case '/', '>':
+ z.raw.end--
+ z.data.end = z.raw.end
+ return
+ }
+ }
+}
+
+// readTagAttrKey sets z.pendingAttr[0] to the "k" in "<div k=v>".
+// Precondition: z.err == nil.
+func (z *Tokenizer) readTagAttrKey() {
+ z.pendingAttr[0].start = z.raw.end
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ z.pendingAttr[0].end = z.raw.end
+ return
+ }
+ switch c {
+ case '=':
+ if z.pendingAttr[0].start+1 == z.raw.end {
+ // WHATWG 13.2.5.32, if we see an equals sign before the attribute name
+ // begins, we treat it as a character in the attribute name and continue.
+ continue
+ }
+ fallthrough
+ case ' ', '\n', '\r', '\t', '\f', '/', '>':
+ // WHATWG 13.2.5.33 Attribute name state
+ // We need to reconsume the char in the after attribute name state to support the / character
+ z.raw.end--
+ z.pendingAttr[0].end = z.raw.end
+ return
+ }
+ }
+}
+
+// readTagAttrVal sets z.pendingAttr[1] to the "v" in "<div k=v>".
+func (z *Tokenizer) readTagAttrVal() {
+ z.pendingAttr[1].start = z.raw.end
+ z.pendingAttr[1].end = z.raw.end
+ if z.skipWhiteSpace(); z.err != nil {
+ return
+ }
+ c := z.readByte()
+ if z.err != nil {
+ return
+ }
+ if c == '/' {
+ // WHATWG 13.2.5.34 After attribute name state
+ // U+002F SOLIDUS (/) - Switch to the self-closing start tag state.
+ return
+ }
+ if c != '=' {
+ z.raw.end--
+ return
+ }
+ if z.skipWhiteSpace(); z.err != nil {
+ return
+ }
+ quote := z.readByte()
+ if z.err != nil {
+ return
+ }
+ switch quote {
+ case '>':
+ z.raw.end--
+ return
+
+ case '\'', '"':
+ z.pendingAttr[1].start = z.raw.end
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ z.pendingAttr[1].end = z.raw.end
+ return
+ }
+ if c == quote {
+ z.pendingAttr[1].end = z.raw.end - 1
+ return
+ }
+ }
+
+ default:
+ z.pendingAttr[1].start = z.raw.end - 1
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ z.pendingAttr[1].end = z.raw.end
+ return
+ }
+ switch c {
+ case ' ', '\n', '\r', '\t', '\f':
+ z.pendingAttr[1].end = z.raw.end - 1
+ return
+ case '>':
+ z.raw.end--
+ z.pendingAttr[1].end = z.raw.end
+ return
+ }
+ }
+ }
+}
+
+// Next scans the next token and returns its type.
+func (z *Tokenizer) Next() TokenType {
+ z.raw.start = z.raw.end
+ z.data.start = z.raw.end
+ z.data.end = z.raw.end
+ if z.err != nil {
+ z.tt = ErrorToken
+ return z.tt
+ }
+ if z.rawTag != "" {
+ if z.rawTag == "plaintext" {
+ // Read everything up to EOF.
+ for z.err == nil {
+ z.readByte()
+ }
+ z.data.end = z.raw.end
+ z.textIsRaw = true
+ } else {
+ z.readRawOrRCDATA()
+ }
+ if z.data.end > z.data.start {
+ z.tt = TextToken
+ z.convertNUL = true
+ return z.tt
+ }
+ }
+ z.textIsRaw = false
+ z.convertNUL = false
+
+loop:
+ for {
+ c := z.readByte()
+ if z.err != nil {
+ break loop
+ }
+ if c != '<' {
+ continue loop
+ }
+
+ // Check if the '<' we have just read is part of a tag, comment
+ // or doctype. If not, it's part of the accumulated text token.
+ c = z.readByte()
+ if z.err != nil {
+ break loop
+ }
+ var tokenType TokenType
+ switch {
+ case 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z':
+ tokenType = StartTagToken
+ case c == '/':
+ tokenType = EndTagToken
+ case c == '!' || c == '?':
+ // We use CommentToken to mean any of "<!--actual comments-->",
+ // "<!DOCTYPE declarations>" and "<?xml processing instructions?>".
+ tokenType = CommentToken
+ default:
+ // Reconsume the current character.
+ z.raw.end--
+ continue
+ }
+
+ // We have a non-text token, but we might have accumulated some text
+ // before that. If so, we return the text first, and return the non-
+ // text token on the subsequent call to Next.
+ if x := z.raw.end - len("<a"); z.raw.start < x {
+ z.raw.end = x
+ z.data.end = x
+ z.tt = TextToken
+ return z.tt
+ }
+ switch tokenType {
+ case StartTagToken:
+ z.tt = z.readStartTag()
+ return z.tt
+ case EndTagToken:
+ c = z.readByte()
+ if z.err != nil {
+ break loop
+ }
+ if c == '>' {
+ // "</>" does not generate a token at all. Generate an empty comment
+ // to allow passthrough clients to pick up the data using Raw.
+ // Reset the tokenizer state and start again.
+ z.tt = CommentToken
+ return z.tt
+ }
+ if 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' {
+ z.readTag(false)
+ if z.err != nil {
+ z.tt = ErrorToken
+ } else {
+ z.tt = EndTagToken
+ }
+ return z.tt
+ }
+ z.raw.end--
+ z.readUntilCloseAngle()
+ z.tt = CommentToken
+ return z.tt
+ case CommentToken:
+ if c == '!' {
+ z.tt = z.readMarkupDeclaration()
+ return z.tt
+ }
+ z.raw.end--
+ z.readUntilCloseAngle()
+ z.tt = CommentToken
+ return z.tt
+ }
+ }
+ if z.raw.start < z.raw.end {
+ z.data.end = z.raw.end
+ z.tt = TextToken
+ return z.tt
+ }
+ z.tt = ErrorToken
+ return z.tt
+}
+
+// Raw returns the unmodified text of the current token. Calling Next, Token,
+// Text, TagName or TagAttr may change the contents of the returned slice.
+//
+// The token stream's raw bytes partition the byte stream (up until an
+// ErrorToken). There are no overlaps or gaps between two consecutive token's
+// raw bytes. One implication is that the byte offset of the current token is
+// the sum of the lengths of all previous tokens' raw bytes.
+func (z *Tokenizer) Raw() []byte {
+ return z.buf[z.raw.start:z.raw.end]
+}
+
+// convertNewlines converts "\r" and "\r\n" in s to "\n".
+// The conversion happens in place, but the resulting slice may be shorter.
+func convertNewlines(s []byte) []byte {
+ for i, c := range s {
+ if c != '\r' {
+ continue
+ }
+
+ src := i + 1
+ if src >= len(s) || s[src] != '\n' {
+ s[i] = '\n'
+ continue
+ }
+
+ dst := i
+ for src < len(s) {
+ if s[src] == '\r' {
+ if src+1 < len(s) && s[src+1] == '\n' {
+ src++
+ }
+ s[dst] = '\n'
+ } else {
+ s[dst] = s[src]
+ }
+ src++
+ dst++
+ }
+ return s[:dst]
+ }
+ return s
+}
+
+var (
+ nul = []byte("\x00")
+ replacement = []byte("\ufffd")
+)
+
+// Text returns the unescaped text of a text, comment or doctype token. The
+// contents of the returned slice may change on the next call to Next.
+func (z *Tokenizer) Text() []byte {
+ switch z.tt {
+ case TextToken, CommentToken, DoctypeToken:
+ s := z.buf[z.data.start:z.data.end]
+ z.data.start = z.raw.end
+ z.data.end = z.raw.end
+ s = convertNewlines(s)
+ if (z.convertNUL || z.tt == CommentToken) && bytes.Contains(s, nul) {
+ s = bytes.Replace(s, nul, replacement, -1)
+ }
+ if !z.textIsRaw {
+ s = unescape(s, false)
+ }
+ return s
+ }
+ return nil
+}
+
+// TagName returns the lower-cased name of a tag token (the `img` out of
+// `<IMG SRC="foo">`) and whether the tag has attributes.
+// The contents of the returned slice may change on the next call to Next.
+func (z *Tokenizer) TagName() (name []byte, hasAttr bool) {
+ if z.data.start < z.data.end {
+ switch z.tt {
+ case StartTagToken, EndTagToken, SelfClosingTagToken:
+ s := z.buf[z.data.start:z.data.end]
+ z.data.start = z.raw.end
+ z.data.end = z.raw.end
+ return lower(s), z.nAttrReturned < len(z.attr)
+ }
+ }
+ return nil, false
+}
+
+// TagAttr returns the lower-cased key and unescaped value of the next unparsed
+// attribute for the current tag token and whether there are more attributes.
+// The contents of the returned slices may change on the next call to Next.
+func (z *Tokenizer) TagAttr() (key, val []byte, moreAttr bool) {
+ if z.nAttrReturned < len(z.attr) {
+ switch z.tt {
+ case StartTagToken, SelfClosingTagToken:
+ x := z.attr[z.nAttrReturned]
+ z.nAttrReturned++
+ key = z.buf[x[0].start:x[0].end]
+ val = z.buf[x[1].start:x[1].end]
+ return lower(key), unescape(convertNewlines(val), true), z.nAttrReturned < len(z.attr)
+ }
+ }
+ return nil, nil, false
+}
+
+// Token returns the current Token. The result's Data and Attr values remain
+// valid after subsequent Next calls.
+func (z *Tokenizer) Token() Token {
+ t := Token{Type: z.tt}
+ switch z.tt {
+ case TextToken, CommentToken, DoctypeToken:
+ t.Data = string(z.Text())
+ case StartTagToken, SelfClosingTagToken, EndTagToken:
+ name, moreAttr := z.TagName()
+ for moreAttr {
+ var key, val []byte
+ key, val, moreAttr = z.TagAttr()
+ t.Attr = append(t.Attr, Attribute{"", atom.String(key), string(val)})
+ }
+ if a := atom.Lookup(name); a != 0 {
+ t.DataAtom, t.Data = a, a.String()
+ } else {
+ t.DataAtom, t.Data = 0, string(name)
+ }
+ }
+ return t
+}
+
+// SetMaxBuf sets a limit on the amount of data buffered during tokenization.
+// A value of 0 means unlimited.
+func (z *Tokenizer) SetMaxBuf(n int) {
+ z.maxBuf = n
+}
+
+// NewTokenizer returns a new HTML Tokenizer for the given Reader.
+// The input is assumed to be UTF-8 encoded.
+func NewTokenizer(r io.Reader) *Tokenizer {
+ return NewTokenizerFragment(r, "")
+}
+
+// NewTokenizerFragment returns a new HTML Tokenizer for the given Reader, for
+// tokenizing an existing element's InnerHTML fragment. contextTag is that
+// element's tag, such as "div" or "iframe".
+//
+// For example, how the InnerHTML "a<b" is tokenized depends on whether it is
+// for a <p> tag or a <script> tag.
+//
+// The input is assumed to be UTF-8 encoded.
+func NewTokenizerFragment(r io.Reader, contextTag string) *Tokenizer {
+ z := &Tokenizer{
+ r: r,
+ buf: make([]byte, 0, 4096),
+ }
+ if contextTag != "" {
+ switch s := strings.ToLower(contextTag); s {
+ case "iframe", "noembed", "noframes", "noscript", "plaintext", "script", "style", "title", "textarea", "xmp":
+ z.rawTag = s
+ }
+ }
+ return z
+}
diff --git a/vendor/golang.org/x/net/internal/socks/client.go b/vendor/golang.org/x/net/internal/socks/client.go
new file mode 100644
index 000000000..3d6f516a5
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socks/client.go
@@ -0,0 +1,168 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package socks
+
+import (
+ "context"
+ "errors"
+ "io"
+ "net"
+ "strconv"
+ "time"
+)
+
+var (
+ noDeadline = time.Time{}
+ aLongTimeAgo = time.Unix(1, 0)
+)
+
+func (d *Dialer) connect(ctx context.Context, c net.Conn, address string) (_ net.Addr, ctxErr error) {
+ host, port, err := splitHostPort(address)
+ if err != nil {
+ return nil, err
+ }
+ if deadline, ok := ctx.Deadline(); ok && !deadline.IsZero() {
+ c.SetDeadline(deadline)
+ defer c.SetDeadline(noDeadline)
+ }
+ if ctx != context.Background() {
+ errCh := make(chan error, 1)
+ done := make(chan struct{})
+ defer func() {
+ close(done)
+ if ctxErr == nil {
+ ctxErr = <-errCh
+ }
+ }()
+ go func() {
+ select {
+ case <-ctx.Done():
+ c.SetDeadline(aLongTimeAgo)
+ errCh <- ctx.Err()
+ case <-done:
+ errCh <- nil
+ }
+ }()
+ }
+
+ b := make([]byte, 0, 6+len(host)) // the size here is just an estimate
+ b = append(b, Version5)
+ if len(d.AuthMethods) == 0 || d.Authenticate == nil {
+ b = append(b, 1, byte(AuthMethodNotRequired))
+ } else {
+ ams := d.AuthMethods
+ if len(ams) > 255 {
+ return nil, errors.New("too many authentication methods")
+ }
+ b = append(b, byte(len(ams)))
+ for _, am := range ams {
+ b = append(b, byte(am))
+ }
+ }
+ if _, ctxErr = c.Write(b); ctxErr != nil {
+ return
+ }
+
+ if _, ctxErr = io.ReadFull(c, b[:2]); ctxErr != nil {
+ return
+ }
+ if b[0] != Version5 {
+ return nil, errors.New("unexpected protocol version " + strconv.Itoa(int(b[0])))
+ }
+ am := AuthMethod(b[1])
+ if am == AuthMethodNoAcceptableMethods {
+ return nil, errors.New("no acceptable authentication methods")
+ }
+ if d.Authenticate != nil {
+ if ctxErr = d.Authenticate(ctx, c, am); ctxErr != nil {
+ return
+ }
+ }
+
+ b = b[:0]
+ b = append(b, Version5, byte(d.cmd), 0)
+ if ip := net.ParseIP(host); ip != nil {
+ if ip4 := ip.To4(); ip4 != nil {
+ b = append(b, AddrTypeIPv4)
+ b = append(b, ip4...)
+ } else if ip6 := ip.To16(); ip6 != nil {
+ b = append(b, AddrTypeIPv6)
+ b = append(b, ip6...)
+ } else {
+ return nil, errors.New("unknown address type")
+ }
+ } else {
+ if len(host) > 255 {
+ return nil, errors.New("FQDN too long")
+ }
+ b = append(b, AddrTypeFQDN)
+ b = append(b, byte(len(host)))
+ b = append(b, host...)
+ }
+ b = append(b, byte(port>>8), byte(port))
+ if _, ctxErr = c.Write(b); ctxErr != nil {
+ return
+ }
+
+ if _, ctxErr = io.ReadFull(c, b[:4]); ctxErr != nil {
+ return
+ }
+ if b[0] != Version5 {
+ return nil, errors.New("unexpected protocol version " + strconv.Itoa(int(b[0])))
+ }
+ if cmdErr := Reply(b[1]); cmdErr != StatusSucceeded {
+ return nil, errors.New("unknown error " + cmdErr.String())
+ }
+ if b[2] != 0 {
+ return nil, errors.New("non-zero reserved field")
+ }
+ l := 2
+ var a Addr
+ switch b[3] {
+ case AddrTypeIPv4:
+ l += net.IPv4len
+ a.IP = make(net.IP, net.IPv4len)
+ case AddrTypeIPv6:
+ l += net.IPv6len
+ a.IP = make(net.IP, net.IPv6len)
+ case AddrTypeFQDN:
+ if _, err := io.ReadFull(c, b[:1]); err != nil {
+ return nil, err
+ }
+ l += int(b[0])
+ default:
+ return nil, errors.New("unknown address type " + strconv.Itoa(int(b[3])))
+ }
+ if cap(b) < l {
+ b = make([]byte, l)
+ } else {
+ b = b[:l]
+ }
+ if _, ctxErr = io.ReadFull(c, b); ctxErr != nil {
+ return
+ }
+ if a.IP != nil {
+ copy(a.IP, b)
+ } else {
+ a.Name = string(b[:len(b)-2])
+ }
+ a.Port = int(b[len(b)-2])<<8 | int(b[len(b)-1])
+ return &a, nil
+}
+
+func splitHostPort(address string) (string, int, error) {
+ host, port, err := net.SplitHostPort(address)
+ if err != nil {
+ return "", 0, err
+ }
+ portnum, err := strconv.Atoi(port)
+ if err != nil {
+ return "", 0, err
+ }
+ if 1 > portnum || portnum > 0xffff {
+ return "", 0, errors.New("port number out of range " + port)
+ }
+ return host, portnum, nil
+}
diff --git a/vendor/golang.org/x/net/internal/socks/socks.go b/vendor/golang.org/x/net/internal/socks/socks.go
new file mode 100644
index 000000000..84fcc32b6
--- /dev/null
+++ b/vendor/golang.org/x/net/internal/socks/socks.go
@@ -0,0 +1,317 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package socks provides a SOCKS version 5 client implementation.
+//
+// SOCKS protocol version 5 is defined in RFC 1928.
+// Username/Password authentication for SOCKS version 5 is defined in
+// RFC 1929.
+package socks
+
+import (
+ "context"
+ "errors"
+ "io"
+ "net"
+ "strconv"
+)
+
+// A Command represents a SOCKS command.
+type Command int
+
+func (cmd Command) String() string {
+ switch cmd {
+ case CmdConnect:
+ return "socks connect"
+ case cmdBind:
+ return "socks bind"
+ default:
+ return "socks " + strconv.Itoa(int(cmd))
+ }
+}
+
+// An AuthMethod represents a SOCKS authentication method.
+type AuthMethod int
+
+// A Reply represents a SOCKS command reply code.
+type Reply int
+
+func (code Reply) String() string {
+ switch code {
+ case StatusSucceeded:
+ return "succeeded"
+ case 0x01:
+ return "general SOCKS server failure"
+ case 0x02:
+ return "connection not allowed by ruleset"
+ case 0x03:
+ return "network unreachable"
+ case 0x04:
+ return "host unreachable"
+ case 0x05:
+ return "connection refused"
+ case 0x06:
+ return "TTL expired"
+ case 0x07:
+ return "command not supported"
+ case 0x08:
+ return "address type not supported"
+ default:
+ return "unknown code: " + strconv.Itoa(int(code))
+ }
+}
+
+// Wire protocol constants.
+const (
+ Version5 = 0x05
+
+ AddrTypeIPv4 = 0x01
+ AddrTypeFQDN = 0x03
+ AddrTypeIPv6 = 0x04
+
+ CmdConnect Command = 0x01 // establishes an active-open forward proxy connection
+ cmdBind Command = 0x02 // establishes a passive-open forward proxy connection
+
+ AuthMethodNotRequired AuthMethod = 0x00 // no authentication required
+ AuthMethodUsernamePassword AuthMethod = 0x02 // use username/password
+ AuthMethodNoAcceptableMethods AuthMethod = 0xff // no acceptable authentication methods
+
+ StatusSucceeded Reply = 0x00
+)
+
+// An Addr represents a SOCKS-specific address.
+// Either Name or IP is used exclusively.
+type Addr struct {
+ Name string // fully-qualified domain name
+ IP net.IP
+ Port int
+}
+
+func (a *Addr) Network() string { return "socks" }
+
+func (a *Addr) String() string {
+ if a == nil {
+ return "<nil>"
+ }
+ port := strconv.Itoa(a.Port)
+ if a.IP == nil {
+ return net.JoinHostPort(a.Name, port)
+ }
+ return net.JoinHostPort(a.IP.String(), port)
+}
+
+// A Conn represents a forward proxy connection.
+type Conn struct {
+ net.Conn
+
+ boundAddr net.Addr
+}
+
+// BoundAddr returns the address assigned by the proxy server for
+// connecting to the command target address from the proxy server.
+func (c *Conn) BoundAddr() net.Addr {
+ if c == nil {
+ return nil
+ }
+ return c.boundAddr
+}
+
+// A Dialer holds SOCKS-specific options.
+type Dialer struct {
+ cmd Command // either CmdConnect or cmdBind
+ proxyNetwork string // network between a proxy server and a client
+ proxyAddress string // proxy server address
+
+ // ProxyDial specifies the optional dial function for
+ // establishing the transport connection.
+ ProxyDial func(context.Context, string, string) (net.Conn, error)
+
+ // AuthMethods specifies the list of request authentication
+ // methods.
+ // If empty, SOCKS client requests only AuthMethodNotRequired.
+ AuthMethods []AuthMethod
+
+ // Authenticate specifies the optional authentication
+ // function. It must be non-nil when AuthMethods is not empty.
+ // It must return an error when the authentication is failed.
+ Authenticate func(context.Context, io.ReadWriter, AuthMethod) error
+}
+
+// DialContext connects to the provided address on the provided
+// network.
+//
+// The returned error value may be a net.OpError. When the Op field of
+// net.OpError contains "socks", the Source field contains a proxy
+// server address and the Addr field contains a command target
+// address.
+//
+// See func Dial of the net package of standard library for a
+// description of the network and address parameters.
+func (d *Dialer) DialContext(ctx context.Context, network, address string) (net.Conn, error) {
+ if err := d.validateTarget(network, address); err != nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+ }
+ if ctx == nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}
+ }
+ var err error
+ var c net.Conn
+ if d.ProxyDial != nil {
+ c, err = d.ProxyDial(ctx, d.proxyNetwork, d.proxyAddress)
+ } else {
+ var dd net.Dialer
+ c, err = dd.DialContext(ctx, d.proxyNetwork, d.proxyAddress)
+ }
+ if err != nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+ }
+ a, err := d.connect(ctx, c, address)
+ if err != nil {
+ c.Close()
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+ }
+ return &Conn{Conn: c, boundAddr: a}, nil
+}
+
+// DialWithConn initiates a connection from SOCKS server to the target
+// network and address using the connection c that is already
+// connected to the SOCKS server.
+//
+// It returns the connection's local address assigned by the SOCKS
+// server.
+func (d *Dialer) DialWithConn(ctx context.Context, c net.Conn, network, address string) (net.Addr, error) {
+ if err := d.validateTarget(network, address); err != nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+ }
+ if ctx == nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: errors.New("nil context")}
+ }
+ a, err := d.connect(ctx, c, address)
+ if err != nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+ }
+ return a, nil
+}
+
+// Dial connects to the provided address on the provided network.
+//
+// Unlike DialContext, it returns a raw transport connection instead
+// of a forward proxy connection.
+//
+// Deprecated: Use DialContext or DialWithConn instead.
+func (d *Dialer) Dial(network, address string) (net.Conn, error) {
+ if err := d.validateTarget(network, address); err != nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+ }
+ var err error
+ var c net.Conn
+ if d.ProxyDial != nil {
+ c, err = d.ProxyDial(context.Background(), d.proxyNetwork, d.proxyAddress)
+ } else {
+ c, err = net.Dial(d.proxyNetwork, d.proxyAddress)
+ }
+ if err != nil {
+ proxy, dst, _ := d.pathAddrs(address)
+ return nil, &net.OpError{Op: d.cmd.String(), Net: network, Source: proxy, Addr: dst, Err: err}
+ }
+ if _, err := d.DialWithConn(context.Background(), c, network, address); err != nil {
+ c.Close()
+ return nil, err
+ }
+ return c, nil
+}
+
+func (d *Dialer) validateTarget(network, address string) error {
+ switch network {
+ case "tcp", "tcp6", "tcp4":
+ default:
+ return errors.New("network not implemented")
+ }
+ switch d.cmd {
+ case CmdConnect, cmdBind:
+ default:
+ return errors.New("command not implemented")
+ }
+ return nil
+}
+
+func (d *Dialer) pathAddrs(address string) (proxy, dst net.Addr, err error) {
+ for i, s := range []string{d.proxyAddress, address} {
+ host, port, err := splitHostPort(s)
+ if err != nil {
+ return nil, nil, err
+ }
+ a := &Addr{Port: port}
+ a.IP = net.ParseIP(host)
+ if a.IP == nil {
+ a.Name = host
+ }
+ if i == 0 {
+ proxy = a
+ } else {
+ dst = a
+ }
+ }
+ return
+}
+
+// NewDialer returns a new Dialer that dials through the provided
+// proxy server's network and address.
+func NewDialer(network, address string) *Dialer {
+ return &Dialer{proxyNetwork: network, proxyAddress: address, cmd: CmdConnect}
+}
+
+const (
+ authUsernamePasswordVersion = 0x01
+ authStatusSucceeded = 0x00
+)
+
+// UsernamePassword are the credentials for the username/password
+// authentication method.
+type UsernamePassword struct {
+ Username string
+ Password string
+}
+
+// Authenticate authenticates a pair of username and password with the
+// proxy server.
+func (up *UsernamePassword) Authenticate(ctx context.Context, rw io.ReadWriter, auth AuthMethod) error {
+ switch auth {
+ case AuthMethodNotRequired:
+ return nil
+ case AuthMethodUsernamePassword:
+ if len(up.Username) == 0 || len(up.Username) > 255 || len(up.Password) > 255 {
+ return errors.New("invalid username/password")
+ }
+ b := []byte{authUsernamePasswordVersion}
+ b = append(b, byte(len(up.Username)))
+ b = append(b, up.Username...)
+ b = append(b, byte(len(up.Password)))
+ b = append(b, up.Password...)
+ // TODO(mikio): handle IO deadlines and cancelation if
+ // necessary
+ if _, err := rw.Write(b); err != nil {
+ return err
+ }
+ if _, err := io.ReadFull(rw, b[:2]); err != nil {
+ return err
+ }
+ if b[0] != authUsernamePasswordVersion {
+ return errors.New("invalid username/password version")
+ }
+ if b[1] != authStatusSucceeded {
+ return errors.New("username/password authentication failed")
+ }
+ return nil
+ }
+ return errors.New("unsupported authentication method " + strconv.Itoa(int(auth)))
+}
diff --git a/vendor/golang.org/x/net/proxy/dial.go b/vendor/golang.org/x/net/proxy/dial.go
new file mode 100644
index 000000000..811c2e4e9
--- /dev/null
+++ b/vendor/golang.org/x/net/proxy/dial.go
@@ -0,0 +1,54 @@
+// Copyright 2019 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+ "context"
+ "net"
+)
+
+// A ContextDialer dials using a context.
+type ContextDialer interface {
+ DialContext(ctx context.Context, network, address string) (net.Conn, error)
+}
+
+// Dial works like DialContext on net.Dialer but using a dialer returned by FromEnvironment.
+//
+// The passed ctx is only used for returning the Conn, not the lifetime of the Conn.
+//
+// Custom dialers (registered via RegisterDialerType) that do not implement ContextDialer
+// can leak a goroutine for as long as it takes the underlying Dialer implementation to timeout.
+//
+// A Conn returned from a successful Dial after the context has been cancelled will be immediately closed.
+func Dial(ctx context.Context, network, address string) (net.Conn, error) {
+ d := FromEnvironment()
+ if xd, ok := d.(ContextDialer); ok {
+ return xd.DialContext(ctx, network, address)
+ }
+ return dialContext(ctx, d, network, address)
+}
+
+// WARNING: this can leak a goroutine for as long as the underlying Dialer implementation takes to timeout
+// A Conn returned from a successful Dial after the context has been cancelled will be immediately closed.
+func dialContext(ctx context.Context, d Dialer, network, address string) (net.Conn, error) {
+ var (
+ conn net.Conn
+ done = make(chan struct{}, 1)
+ err error
+ )
+ go func() {
+ conn, err = d.Dial(network, address)
+ close(done)
+ if conn != nil && ctx.Err() != nil {
+ conn.Close()
+ }
+ }()
+ select {
+ case <-ctx.Done():
+ err = ctx.Err()
+ case <-done:
+ }
+ return conn, err
+}
diff --git a/vendor/golang.org/x/net/proxy/direct.go b/vendor/golang.org/x/net/proxy/direct.go
new file mode 100644
index 000000000..3d66bdef9
--- /dev/null
+++ b/vendor/golang.org/x/net/proxy/direct.go
@@ -0,0 +1,31 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+ "context"
+ "net"
+)
+
+type direct struct{}
+
+// Direct implements Dialer by making network connections directly using net.Dial or net.DialContext.
+var Direct = direct{}
+
+var (
+ _ Dialer = Direct
+ _ ContextDialer = Direct
+)
+
+// Dial directly invokes net.Dial with the supplied parameters.
+func (direct) Dial(network, addr string) (net.Conn, error) {
+ return net.Dial(network, addr)
+}
+
+// DialContext instantiates a net.Dialer and invokes its DialContext receiver with the supplied parameters.
+func (direct) DialContext(ctx context.Context, network, addr string) (net.Conn, error) {
+ var d net.Dialer
+ return d.DialContext(ctx, network, addr)
+}
diff --git a/vendor/golang.org/x/net/proxy/per_host.go b/vendor/golang.org/x/net/proxy/per_host.go
new file mode 100644
index 000000000..d7d4b8b6e
--- /dev/null
+++ b/vendor/golang.org/x/net/proxy/per_host.go
@@ -0,0 +1,151 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+ "context"
+ "net"
+ "strings"
+)
+
+// A PerHost directs connections to a default Dialer unless the host name
+// requested matches one of a number of exceptions.
+type PerHost struct {
+ def, bypass Dialer
+
+ bypassNetworks []*net.IPNet
+ bypassIPs []net.IP
+ bypassZones []string
+ bypassHosts []string
+}
+
+// NewPerHost returns a PerHost Dialer that directs connections to either
+// defaultDialer or bypass, depending on whether the connection matches one of
+// the configured rules.
+func NewPerHost(defaultDialer, bypass Dialer) *PerHost {
+ return &PerHost{
+ def: defaultDialer,
+ bypass: bypass,
+ }
+}
+
+// Dial connects to the address addr on the given network through either
+// defaultDialer or bypass.
+func (p *PerHost) Dial(network, addr string) (c net.Conn, err error) {
+ host, _, err := net.SplitHostPort(addr)
+ if err != nil {
+ return nil, err
+ }
+
+ return p.dialerForRequest(host).Dial(network, addr)
+}
+
+// DialContext connects to the address addr on the given network through either
+// defaultDialer or bypass.
+func (p *PerHost) DialContext(ctx context.Context, network, addr string) (c net.Conn, err error) {
+ host, _, err := net.SplitHostPort(addr)
+ if err != nil {
+ return nil, err
+ }
+ d := p.dialerForRequest(host)
+ if x, ok := d.(ContextDialer); ok {
+ return x.DialContext(ctx, network, addr)
+ }
+ return dialContext(ctx, d, network, addr)
+}
+
+func (p *PerHost) dialerForRequest(host string) Dialer {
+ if ip := net.ParseIP(host); ip != nil {
+ for _, net := range p.bypassNetworks {
+ if net.Contains(ip) {
+ return p.bypass
+ }
+ }
+ for _, bypassIP := range p.bypassIPs {
+ if bypassIP.Equal(ip) {
+ return p.bypass
+ }
+ }
+ return p.def
+ }
+
+ for _, zone := range p.bypassZones {
+ if strings.HasSuffix(host, zone) {
+ return p.bypass
+ }
+ if host == zone[1:] {
+ // For a zone ".example.com", we match "example.com"
+ // too.
+ return p.bypass
+ }
+ }
+ for _, bypassHost := range p.bypassHosts {
+ if bypassHost == host {
+ return p.bypass
+ }
+ }
+ return p.def
+}
+
+// AddFromString parses a string that contains comma-separated values
+// specifying hosts that should use the bypass proxy. Each value is either an
+// IP address, a CIDR range, a zone (*.example.com) or a host name
+// (localhost). A best effort is made to parse the string and errors are
+// ignored.
+func (p *PerHost) AddFromString(s string) {
+ hosts := strings.Split(s, ",")
+ for _, host := range hosts {
+ host = strings.TrimSpace(host)
+ if len(host) == 0 {
+ continue
+ }
+ if strings.Contains(host, "/") {
+ // We assume that it's a CIDR address like 127.0.0.0/8
+ if _, net, err := net.ParseCIDR(host); err == nil {
+ p.AddNetwork(net)
+ }
+ continue
+ }
+ if ip := net.ParseIP(host); ip != nil {
+ p.AddIP(ip)
+ continue
+ }
+ if strings.HasPrefix(host, "*.") {
+ p.AddZone(host[1:])
+ continue
+ }
+ p.AddHost(host)
+ }
+}
+
+// AddIP specifies an IP address that will use the bypass proxy. Note that
+// this will only take effect if a literal IP address is dialed. A connection
+// to a named host will never match an IP.
+func (p *PerHost) AddIP(ip net.IP) {
+ p.bypassIPs = append(p.bypassIPs, ip)
+}
+
+// AddNetwork specifies an IP range that will use the bypass proxy. Note that
+// this will only take effect if a literal IP address is dialed. A connection
+// to a named host will never match.
+func (p *PerHost) AddNetwork(net *net.IPNet) {
+ p.bypassNetworks = append(p.bypassNetworks, net)
+}
+
+// AddZone specifies a DNS suffix that will use the bypass proxy. A zone of
+// "example.com" matches "example.com" and all of its subdomains.
+func (p *PerHost) AddZone(zone string) {
+ zone = strings.TrimSuffix(zone, ".")
+ if !strings.HasPrefix(zone, ".") {
+ zone = "." + zone
+ }
+ p.bypassZones = append(p.bypassZones, zone)
+}
+
+// AddHost specifies a host name that will use the bypass proxy.
+func (p *PerHost) AddHost(host string) {
+ host = strings.TrimSuffix(host, ".")
+ p.bypassHosts = append(p.bypassHosts, host)
+}
diff --git a/vendor/golang.org/x/net/proxy/proxy.go b/vendor/golang.org/x/net/proxy/proxy.go
new file mode 100644
index 000000000..9ff4b9a77
--- /dev/null
+++ b/vendor/golang.org/x/net/proxy/proxy.go
@@ -0,0 +1,149 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package proxy provides support for a variety of protocols to proxy network
+// data.
+package proxy // import "golang.org/x/net/proxy"
+
+import (
+ "errors"
+ "net"
+ "net/url"
+ "os"
+ "sync"
+)
+
+// A Dialer is a means to establish a connection.
+// Custom dialers should also implement ContextDialer.
+type Dialer interface {
+ // Dial connects to the given address via the proxy.
+ Dial(network, addr string) (c net.Conn, err error)
+}
+
+// Auth contains authentication parameters that specific Dialers may require.
+type Auth struct {
+ User, Password string
+}
+
+// FromEnvironment returns the dialer specified by the proxy-related
+// variables in the environment and makes underlying connections
+// directly.
+func FromEnvironment() Dialer {
+ return FromEnvironmentUsing(Direct)
+}
+
+// FromEnvironmentUsing returns the dialer specify by the proxy-related
+// variables in the environment and makes underlying connections
+// using the provided forwarding Dialer (for instance, a *net.Dialer
+// with desired configuration).
+func FromEnvironmentUsing(forward Dialer) Dialer {
+ allProxy := allProxyEnv.Get()
+ if len(allProxy) == 0 {
+ return forward
+ }
+
+ proxyURL, err := url.Parse(allProxy)
+ if err != nil {
+ return forward
+ }
+ proxy, err := FromURL(proxyURL, forward)
+ if err != nil {
+ return forward
+ }
+
+ noProxy := noProxyEnv.Get()
+ if len(noProxy) == 0 {
+ return proxy
+ }
+
+ perHost := NewPerHost(proxy, forward)
+ perHost.AddFromString(noProxy)
+ return perHost
+}
+
+// proxySchemes is a map from URL schemes to a function that creates a Dialer
+// from a URL with such a scheme.
+var proxySchemes map[string]func(*url.URL, Dialer) (Dialer, error)
+
+// RegisterDialerType takes a URL scheme and a function to generate Dialers from
+// a URL with that scheme and a forwarding Dialer. Registered schemes are used
+// by FromURL.
+func RegisterDialerType(scheme string, f func(*url.URL, Dialer) (Dialer, error)) {
+ if proxySchemes == nil {
+ proxySchemes = make(map[string]func(*url.URL, Dialer) (Dialer, error))
+ }
+ proxySchemes[scheme] = f
+}
+
+// FromURL returns a Dialer given a URL specification and an underlying
+// Dialer for it to make network requests.
+func FromURL(u *url.URL, forward Dialer) (Dialer, error) {
+ var auth *Auth
+ if u.User != nil {
+ auth = new(Auth)
+ auth.User = u.User.Username()
+ if p, ok := u.User.Password(); ok {
+ auth.Password = p
+ }
+ }
+
+ switch u.Scheme {
+ case "socks5", "socks5h":
+ addr := u.Hostname()
+ port := u.Port()
+ if port == "" {
+ port = "1080"
+ }
+ return SOCKS5("tcp", net.JoinHostPort(addr, port), auth, forward)
+ }
+
+ // If the scheme doesn't match any of the built-in schemes, see if it
+ // was registered by another package.
+ if proxySchemes != nil {
+ if f, ok := proxySchemes[u.Scheme]; ok {
+ return f(u, forward)
+ }
+ }
+
+ return nil, errors.New("proxy: unknown scheme: " + u.Scheme)
+}
+
+var (
+ allProxyEnv = &envOnce{
+ names: []string{"ALL_PROXY", "all_proxy"},
+ }
+ noProxyEnv = &envOnce{
+ names: []string{"NO_PROXY", "no_proxy"},
+ }
+)
+
+// envOnce looks up an environment variable (optionally by multiple
+// names) once. It mitigates expensive lookups on some platforms
+// (e.g. Windows).
+// (Borrowed from net/http/transport.go)
+type envOnce struct {
+ names []string
+ once sync.Once
+ val string
+}
+
+func (e *envOnce) Get() string {
+ e.once.Do(e.init)
+ return e.val
+}
+
+func (e *envOnce) init() {
+ for _, n := range e.names {
+ e.val = os.Getenv(n)
+ if e.val != "" {
+ return
+ }
+ }
+}
+
+// reset is used by tests
+func (e *envOnce) reset() {
+ e.once = sync.Once{}
+ e.val = ""
+}
diff --git a/vendor/golang.org/x/net/proxy/socks5.go b/vendor/golang.org/x/net/proxy/socks5.go
new file mode 100644
index 000000000..c91651f96
--- /dev/null
+++ b/vendor/golang.org/x/net/proxy/socks5.go
@@ -0,0 +1,42 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package proxy
+
+import (
+ "context"
+ "net"
+
+ "golang.org/x/net/internal/socks"
+)
+
+// SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given
+// address with an optional username and password.
+// See RFC 1928 and RFC 1929.
+func SOCKS5(network, address string, auth *Auth, forward Dialer) (Dialer, error) {
+ d := socks.NewDialer(network, address)
+ if forward != nil {
+ if f, ok := forward.(ContextDialer); ok {
+ d.ProxyDial = func(ctx context.Context, network string, address string) (net.Conn, error) {
+ return f.DialContext(ctx, network, address)
+ }
+ } else {
+ d.ProxyDial = func(ctx context.Context, network string, address string) (net.Conn, error) {
+ return dialContext(ctx, forward, network, address)
+ }
+ }
+ }
+ if auth != nil {
+ up := socks.UsernamePassword{
+ Username: auth.User,
+ Password: auth.Password,
+ }
+ d.AuthMethods = []socks.AuthMethod{
+ socks.AuthMethodNotRequired,
+ socks.AuthMethodUsernamePassword,
+ }
+ d.Authenticate = up.Authenticate
+ }
+ return d, nil
+}
diff --git a/vendor/golang.org/x/net/websocket/client.go b/vendor/golang.org/x/net/websocket/client.go
new file mode 100644
index 000000000..1e64157f3
--- /dev/null
+++ b/vendor/golang.org/x/net/websocket/client.go
@@ -0,0 +1,139 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+ "bufio"
+ "context"
+ "io"
+ "net"
+ "net/http"
+ "net/url"
+ "time"
+)
+
+// DialError is an error that occurs while dialling a websocket server.
+type DialError struct {
+ *Config
+ Err error
+}
+
+func (e *DialError) Error() string {
+ return "websocket.Dial " + e.Config.Location.String() + ": " + e.Err.Error()
+}
+
+// NewConfig creates a new WebSocket config for client connection.
+func NewConfig(server, origin string) (config *Config, err error) {
+ config = new(Config)
+ config.Version = ProtocolVersionHybi13
+ config.Location, err = url.ParseRequestURI(server)
+ if err != nil {
+ return
+ }
+ config.Origin, err = url.ParseRequestURI(origin)
+ if err != nil {
+ return
+ }
+ config.Header = http.Header(make(map[string][]string))
+ return
+}
+
+// NewClient creates a new WebSocket client connection over rwc.
+func NewClient(config *Config, rwc io.ReadWriteCloser) (ws *Conn, err error) {
+ br := bufio.NewReader(rwc)
+ bw := bufio.NewWriter(rwc)
+ err = hybiClientHandshake(config, br, bw)
+ if err != nil {
+ return
+ }
+ buf := bufio.NewReadWriter(br, bw)
+ ws = newHybiClientConn(config, buf, rwc)
+ return
+}
+
+// Dial opens a new client connection to a WebSocket.
+func Dial(url_, protocol, origin string) (ws *Conn, err error) {
+ config, err := NewConfig(url_, origin)
+ if err != nil {
+ return nil, err
+ }
+ if protocol != "" {
+ config.Protocol = []string{protocol}
+ }
+ return DialConfig(config)
+}
+
+var portMap = map[string]string{
+ "ws": "80",
+ "wss": "443",
+}
+
+func parseAuthority(location *url.URL) string {
+ if _, ok := portMap[location.Scheme]; ok {
+ if _, _, err := net.SplitHostPort(location.Host); err != nil {
+ return net.JoinHostPort(location.Host, portMap[location.Scheme])
+ }
+ }
+ return location.Host
+}
+
+// DialConfig opens a new client connection to a WebSocket with a config.
+func DialConfig(config *Config) (ws *Conn, err error) {
+ return config.DialContext(context.Background())
+}
+
+// DialContext opens a new client connection to a WebSocket, with context support for timeouts/cancellation.
+func (config *Config) DialContext(ctx context.Context) (*Conn, error) {
+ if config.Location == nil {
+ return nil, &DialError{config, ErrBadWebSocketLocation}
+ }
+ if config.Origin == nil {
+ return nil, &DialError{config, ErrBadWebSocketOrigin}
+ }
+
+ dialer := config.Dialer
+ if dialer == nil {
+ dialer = &net.Dialer{}
+ }
+
+ client, err := dialWithDialer(ctx, dialer, config)
+ if err != nil {
+ return nil, &DialError{config, err}
+ }
+
+ // Cleanup the connection if we fail to create the websocket successfully
+ success := false
+ defer func() {
+ if !success {
+ _ = client.Close()
+ }
+ }()
+
+ var ws *Conn
+ var wsErr error
+ doneConnecting := make(chan struct{})
+ go func() {
+ defer close(doneConnecting)
+ ws, err = NewClient(config, client)
+ if err != nil {
+ wsErr = &DialError{config, err}
+ }
+ }()
+
+ // The websocket.NewClient() function can block indefinitely, make sure that we
+ // respect the deadlines specified by the context.
+ select {
+ case <-ctx.Done():
+ // Force the pending operations to fail, terminating the pending connection attempt
+ _ = client.SetDeadline(time.Now())
+ <-doneConnecting // Wait for the goroutine that tries to establish the connection to finish
+ return nil, &DialError{config, ctx.Err()}
+ case <-doneConnecting:
+ if wsErr == nil {
+ success = true // Disarm the deferred connection cleanup
+ }
+ return ws, wsErr
+ }
+}
diff --git a/vendor/golang.org/x/net/websocket/dial.go b/vendor/golang.org/x/net/websocket/dial.go
new file mode 100644
index 000000000..8a2d83c47
--- /dev/null
+++ b/vendor/golang.org/x/net/websocket/dial.go
@@ -0,0 +1,29 @@
+// Copyright 2015 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+ "context"
+ "crypto/tls"
+ "net"
+)
+
+func dialWithDialer(ctx context.Context, dialer *net.Dialer, config *Config) (conn net.Conn, err error) {
+ switch config.Location.Scheme {
+ case "ws":
+ conn, err = dialer.DialContext(ctx, "tcp", parseAuthority(config.Location))
+
+ case "wss":
+ tlsDialer := &tls.Dialer{
+ NetDialer: dialer,
+ Config: config.TlsConfig,
+ }
+
+ conn, err = tlsDialer.DialContext(ctx, "tcp", parseAuthority(config.Location))
+ default:
+ err = ErrBadScheme
+ }
+ return
+}
diff --git a/vendor/golang.org/x/net/websocket/hybi.go b/vendor/golang.org/x/net/websocket/hybi.go
new file mode 100644
index 000000000..dda743466
--- /dev/null
+++ b/vendor/golang.org/x/net/websocket/hybi.go
@@ -0,0 +1,582 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+// This file implements a protocol of hybi draft.
+// http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17
+
+import (
+ "bufio"
+ "bytes"
+ "crypto/rand"
+ "crypto/sha1"
+ "encoding/base64"
+ "encoding/binary"
+ "fmt"
+ "io"
+ "net/http"
+ "net/url"
+ "strings"
+)
+
+const (
+ websocketGUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
+
+ closeStatusNormal = 1000
+ closeStatusGoingAway = 1001
+ closeStatusProtocolError = 1002
+ closeStatusUnsupportedData = 1003
+ closeStatusFrameTooLarge = 1004
+ closeStatusNoStatusRcvd = 1005
+ closeStatusAbnormalClosure = 1006
+ closeStatusBadMessageData = 1007
+ closeStatusPolicyViolation = 1008
+ closeStatusTooBigData = 1009
+ closeStatusExtensionMismatch = 1010
+
+ maxControlFramePayloadLength = 125
+)
+
+var (
+ ErrBadMaskingKey = &ProtocolError{"bad masking key"}
+ ErrBadPongMessage = &ProtocolError{"bad pong message"}
+ ErrBadClosingStatus = &ProtocolError{"bad closing status"}
+ ErrUnsupportedExtensions = &ProtocolError{"unsupported extensions"}
+ ErrNotImplemented = &ProtocolError{"not implemented"}
+
+ handshakeHeader = map[string]bool{
+ "Host": true,
+ "Upgrade": true,
+ "Connection": true,
+ "Sec-Websocket-Key": true,
+ "Sec-Websocket-Origin": true,
+ "Sec-Websocket-Version": true,
+ "Sec-Websocket-Protocol": true,
+ "Sec-Websocket-Accept": true,
+ }
+)
+
+// A hybiFrameHeader is a frame header as defined in hybi draft.
+type hybiFrameHeader struct {
+ Fin bool
+ Rsv [3]bool
+ OpCode byte
+ Length int64
+ MaskingKey []byte
+
+ data *bytes.Buffer
+}
+
+// A hybiFrameReader is a reader for hybi frame.
+type hybiFrameReader struct {
+ reader io.Reader
+
+ header hybiFrameHeader
+ pos int64
+ length int
+}
+
+func (frame *hybiFrameReader) Read(msg []byte) (n int, err error) {
+ n, err = frame.reader.Read(msg)
+ if frame.header.MaskingKey != nil {
+ for i := 0; i < n; i++ {
+ msg[i] = msg[i] ^ frame.header.MaskingKey[frame.pos%4]
+ frame.pos++
+ }
+ }
+ return n, err
+}
+
+func (frame *hybiFrameReader) PayloadType() byte { return frame.header.OpCode }
+
+func (frame *hybiFrameReader) HeaderReader() io.Reader {
+ if frame.header.data == nil {
+ return nil
+ }
+ if frame.header.data.Len() == 0 {
+ return nil
+ }
+ return frame.header.data
+}
+
+func (frame *hybiFrameReader) TrailerReader() io.Reader { return nil }
+
+func (frame *hybiFrameReader) Len() (n int) { return frame.length }
+
+// A hybiFrameReaderFactory creates new frame reader based on its frame type.
+type hybiFrameReaderFactory struct {
+ *bufio.Reader
+}
+
+// NewFrameReader reads a frame header from the connection, and creates new reader for the frame.
+// See Section 5.2 Base Framing protocol for detail.
+// http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17#section-5.2
+func (buf hybiFrameReaderFactory) NewFrameReader() (frame frameReader, err error) {
+ hybiFrame := new(hybiFrameReader)
+ frame = hybiFrame
+ var header []byte
+ var b byte
+ // First byte. FIN/RSV1/RSV2/RSV3/OpCode(4bits)
+ b, err = buf.ReadByte()
+ if err != nil {
+ return
+ }
+ header = append(header, b)
+ hybiFrame.header.Fin = ((header[0] >> 7) & 1) != 0
+ for i := 0; i < 3; i++ {
+ j := uint(6 - i)
+ hybiFrame.header.Rsv[i] = ((header[0] >> j) & 1) != 0
+ }
+ hybiFrame.header.OpCode = header[0] & 0x0f
+
+ // Second byte. Mask/Payload len(7bits)
+ b, err = buf.ReadByte()
+ if err != nil {
+ return
+ }
+ header = append(header, b)
+ mask := (b & 0x80) != 0
+ b &= 0x7f
+ lengthFields := 0
+ switch {
+ case b <= 125: // Payload length 7bits.
+ hybiFrame.header.Length = int64(b)
+ case b == 126: // Payload length 7+16bits
+ lengthFields = 2
+ case b == 127: // Payload length 7+64bits
+ lengthFields = 8
+ }
+ for i := 0; i < lengthFields; i++ {
+ b, err = buf.ReadByte()
+ if err != nil {
+ return
+ }
+ if lengthFields == 8 && i == 0 { // MSB must be zero when 7+64 bits
+ b &= 0x7f
+ }
+ header = append(header, b)
+ hybiFrame.header.Length = hybiFrame.header.Length*256 + int64(b)
+ }
+ if mask {
+ // Masking key. 4 bytes.
+ for i := 0; i < 4; i++ {
+ b, err = buf.ReadByte()
+ if err != nil {
+ return
+ }
+ header = append(header, b)
+ hybiFrame.header.MaskingKey = append(hybiFrame.header.MaskingKey, b)
+ }
+ }
+ hybiFrame.reader = io.LimitReader(buf.Reader, hybiFrame.header.Length)
+ hybiFrame.header.data = bytes.NewBuffer(header)
+ hybiFrame.length = len(header) + int(hybiFrame.header.Length)
+ return
+}
+
+// A HybiFrameWriter is a writer for hybi frame.
+type hybiFrameWriter struct {
+ writer *bufio.Writer
+
+ header *hybiFrameHeader
+}
+
+func (frame *hybiFrameWriter) Write(msg []byte) (n int, err error) {
+ var header []byte
+ var b byte
+ if frame.header.Fin {
+ b |= 0x80
+ }
+ for i := 0; i < 3; i++ {
+ if frame.header.Rsv[i] {
+ j := uint(6 - i)
+ b |= 1 << j
+ }
+ }
+ b |= frame.header.OpCode
+ header = append(header, b)
+ if frame.header.MaskingKey != nil {
+ b = 0x80
+ } else {
+ b = 0
+ }
+ lengthFields := 0
+ length := len(msg)
+ switch {
+ case length <= 125:
+ b |= byte(length)
+ case length < 65536:
+ b |= 126
+ lengthFields = 2
+ default:
+ b |= 127
+ lengthFields = 8
+ }
+ header = append(header, b)
+ for i := 0; i < lengthFields; i++ {
+ j := uint((lengthFields - i - 1) * 8)
+ b = byte((length >> j) & 0xff)
+ header = append(header, b)
+ }
+ if frame.header.MaskingKey != nil {
+ if len(frame.header.MaskingKey) != 4 {
+ return 0, ErrBadMaskingKey
+ }
+ header = append(header, frame.header.MaskingKey...)
+ frame.writer.Write(header)
+ data := make([]byte, length)
+ for i := range data {
+ data[i] = msg[i] ^ frame.header.MaskingKey[i%4]
+ }
+ frame.writer.Write(data)
+ err = frame.writer.Flush()
+ return length, err
+ }
+ frame.writer.Write(header)
+ frame.writer.Write(msg)
+ err = frame.writer.Flush()
+ return length, err
+}
+
+func (frame *hybiFrameWriter) Close() error { return nil }
+
+type hybiFrameWriterFactory struct {
+ *bufio.Writer
+ needMaskingKey bool
+}
+
+func (buf hybiFrameWriterFactory) NewFrameWriter(payloadType byte) (frame frameWriter, err error) {
+ frameHeader := &hybiFrameHeader{Fin: true, OpCode: payloadType}
+ if buf.needMaskingKey {
+ frameHeader.MaskingKey, err = generateMaskingKey()
+ if err != nil {
+ return nil, err
+ }
+ }
+ return &hybiFrameWriter{writer: buf.Writer, header: frameHeader}, nil
+}
+
+type hybiFrameHandler struct {
+ conn *Conn
+ payloadType byte
+}
+
+func (handler *hybiFrameHandler) HandleFrame(frame frameReader) (frameReader, error) {
+ if handler.conn.IsServerConn() {
+ // The client MUST mask all frames sent to the server.
+ if frame.(*hybiFrameReader).header.MaskingKey == nil {
+ handler.WriteClose(closeStatusProtocolError)
+ return nil, io.EOF
+ }
+ } else {
+ // The server MUST NOT mask all frames.
+ if frame.(*hybiFrameReader).header.MaskingKey != nil {
+ handler.WriteClose(closeStatusProtocolError)
+ return nil, io.EOF
+ }
+ }
+ if header := frame.HeaderReader(); header != nil {
+ io.Copy(io.Discard, header)
+ }
+ switch frame.PayloadType() {
+ case ContinuationFrame:
+ frame.(*hybiFrameReader).header.OpCode = handler.payloadType
+ case TextFrame, BinaryFrame:
+ handler.payloadType = frame.PayloadType()
+ case CloseFrame:
+ return nil, io.EOF
+ case PingFrame, PongFrame:
+ b := make([]byte, maxControlFramePayloadLength)
+ n, err := io.ReadFull(frame, b)
+ if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
+ return nil, err
+ }
+ io.Copy(io.Discard, frame)
+ if frame.PayloadType() == PingFrame {
+ if _, err := handler.WritePong(b[:n]); err != nil {
+ return nil, err
+ }
+ }
+ return nil, nil
+ }
+ return frame, nil
+}
+
+func (handler *hybiFrameHandler) WriteClose(status int) (err error) {
+ handler.conn.wio.Lock()
+ defer handler.conn.wio.Unlock()
+ w, err := handler.conn.frameWriterFactory.NewFrameWriter(CloseFrame)
+ if err != nil {
+ return err
+ }
+ msg := make([]byte, 2)
+ binary.BigEndian.PutUint16(msg, uint16(status))
+ _, err = w.Write(msg)
+ w.Close()
+ return err
+}
+
+func (handler *hybiFrameHandler) WritePong(msg []byte) (n int, err error) {
+ handler.conn.wio.Lock()
+ defer handler.conn.wio.Unlock()
+ w, err := handler.conn.frameWriterFactory.NewFrameWriter(PongFrame)
+ if err != nil {
+ return 0, err
+ }
+ n, err = w.Write(msg)
+ w.Close()
+ return n, err
+}
+
+// newHybiConn creates a new WebSocket connection speaking hybi draft protocol.
+func newHybiConn(config *Config, buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) *Conn {
+ if buf == nil {
+ br := bufio.NewReader(rwc)
+ bw := bufio.NewWriter(rwc)
+ buf = bufio.NewReadWriter(br, bw)
+ }
+ ws := &Conn{config: config, request: request, buf: buf, rwc: rwc,
+ frameReaderFactory: hybiFrameReaderFactory{buf.Reader},
+ frameWriterFactory: hybiFrameWriterFactory{
+ buf.Writer, request == nil},
+ PayloadType: TextFrame,
+ defaultCloseStatus: closeStatusNormal}
+ ws.frameHandler = &hybiFrameHandler{conn: ws}
+ return ws
+}
+
+// generateMaskingKey generates a masking key for a frame.
+func generateMaskingKey() (maskingKey []byte, err error) {
+ maskingKey = make([]byte, 4)
+ if _, err = io.ReadFull(rand.Reader, maskingKey); err != nil {
+ return
+ }
+ return
+}
+
+// generateNonce generates a nonce consisting of a randomly selected 16-byte
+// value that has been base64-encoded.
+func generateNonce() (nonce []byte) {
+ key := make([]byte, 16)
+ if _, err := io.ReadFull(rand.Reader, key); err != nil {
+ panic(err)
+ }
+ nonce = make([]byte, 24)
+ base64.StdEncoding.Encode(nonce, key)
+ return
+}
+
+// removeZone removes IPv6 zone identifier from host.
+// E.g., "[fe80::1%en0]:8080" to "[fe80::1]:8080"
+func removeZone(host string) string {
+ if !strings.HasPrefix(host, "[") {
+ return host
+ }
+ i := strings.LastIndex(host, "]")
+ if i < 0 {
+ return host
+ }
+ j := strings.LastIndex(host[:i], "%")
+ if j < 0 {
+ return host
+ }
+ return host[:j] + host[i:]
+}
+
+// getNonceAccept computes the base64-encoded SHA-1 of the concatenation of
+// the nonce ("Sec-WebSocket-Key" value) with the websocket GUID string.
+func getNonceAccept(nonce []byte) (expected []byte, err error) {
+ h := sha1.New()
+ if _, err = h.Write(nonce); err != nil {
+ return
+ }
+ if _, err = h.Write([]byte(websocketGUID)); err != nil {
+ return
+ }
+ expected = make([]byte, 28)
+ base64.StdEncoding.Encode(expected, h.Sum(nil))
+ return
+}
+
+// Client handshake described in draft-ietf-hybi-thewebsocket-protocol-17
+func hybiClientHandshake(config *Config, br *bufio.Reader, bw *bufio.Writer) (err error) {
+ bw.WriteString("GET " + config.Location.RequestURI() + " HTTP/1.1\r\n")
+
+ // According to RFC 6874, an HTTP client, proxy, or other
+ // intermediary must remove any IPv6 zone identifier attached
+ // to an outgoing URI.
+ bw.WriteString("Host: " + removeZone(config.Location.Host) + "\r\n")
+ bw.WriteString("Upgrade: websocket\r\n")
+ bw.WriteString("Connection: Upgrade\r\n")
+ nonce := generateNonce()
+ if config.handshakeData != nil {
+ nonce = []byte(config.handshakeData["key"])
+ }
+ bw.WriteString("Sec-WebSocket-Key: " + string(nonce) + "\r\n")
+ bw.WriteString("Origin: " + strings.ToLower(config.Origin.String()) + "\r\n")
+
+ if config.Version != ProtocolVersionHybi13 {
+ return ErrBadProtocolVersion
+ }
+
+ bw.WriteString("Sec-WebSocket-Version: " + fmt.Sprintf("%d", config.Version) + "\r\n")
+ if len(config.Protocol) > 0 {
+ bw.WriteString("Sec-WebSocket-Protocol: " + strings.Join(config.Protocol, ", ") + "\r\n")
+ }
+ // TODO(ukai): send Sec-WebSocket-Extensions.
+ err = config.Header.WriteSubset(bw, handshakeHeader)
+ if err != nil {
+ return err
+ }
+
+ bw.WriteString("\r\n")
+ if err = bw.Flush(); err != nil {
+ return err
+ }
+
+ resp, err := http.ReadResponse(br, &http.Request{Method: "GET"})
+ if err != nil {
+ return err
+ }
+ if resp.StatusCode != 101 {
+ return ErrBadStatus
+ }
+ if strings.ToLower(resp.Header.Get("Upgrade")) != "websocket" ||
+ strings.ToLower(resp.Header.Get("Connection")) != "upgrade" {
+ return ErrBadUpgrade
+ }
+ expectedAccept, err := getNonceAccept(nonce)
+ if err != nil {
+ return err
+ }
+ if resp.Header.Get("Sec-WebSocket-Accept") != string(expectedAccept) {
+ return ErrChallengeResponse
+ }
+ if resp.Header.Get("Sec-WebSocket-Extensions") != "" {
+ return ErrUnsupportedExtensions
+ }
+ offeredProtocol := resp.Header.Get("Sec-WebSocket-Protocol")
+ if offeredProtocol != "" {
+ protocolMatched := false
+ for i := 0; i < len(config.Protocol); i++ {
+ if config.Protocol[i] == offeredProtocol {
+ protocolMatched = true
+ break
+ }
+ }
+ if !protocolMatched {
+ return ErrBadWebSocketProtocol
+ }
+ config.Protocol = []string{offeredProtocol}
+ }
+
+ return nil
+}
+
+// newHybiClientConn creates a client WebSocket connection after handshake.
+func newHybiClientConn(config *Config, buf *bufio.ReadWriter, rwc io.ReadWriteCloser) *Conn {
+ return newHybiConn(config, buf, rwc, nil)
+}
+
+// A HybiServerHandshaker performs a server handshake using hybi draft protocol.
+type hybiServerHandshaker struct {
+ *Config
+ accept []byte
+}
+
+func (c *hybiServerHandshaker) ReadHandshake(buf *bufio.Reader, req *http.Request) (code int, err error) {
+ c.Version = ProtocolVersionHybi13
+ if req.Method != "GET" {
+ return http.StatusMethodNotAllowed, ErrBadRequestMethod
+ }
+ // HTTP version can be safely ignored.
+
+ if strings.ToLower(req.Header.Get("Upgrade")) != "websocket" ||
+ !strings.Contains(strings.ToLower(req.Header.Get("Connection")), "upgrade") {
+ return http.StatusBadRequest, ErrNotWebSocket
+ }
+
+ key := req.Header.Get("Sec-Websocket-Key")
+ if key == "" {
+ return http.StatusBadRequest, ErrChallengeResponse
+ }
+ version := req.Header.Get("Sec-Websocket-Version")
+ switch version {
+ case "13":
+ c.Version = ProtocolVersionHybi13
+ default:
+ return http.StatusBadRequest, ErrBadWebSocketVersion
+ }
+ var scheme string
+ if req.TLS != nil {
+ scheme = "wss"
+ } else {
+ scheme = "ws"
+ }
+ c.Location, err = url.ParseRequestURI(scheme + "://" + req.Host + req.URL.RequestURI())
+ if err != nil {
+ return http.StatusBadRequest, err
+ }
+ protocol := strings.TrimSpace(req.Header.Get("Sec-Websocket-Protocol"))
+ if protocol != "" {
+ protocols := strings.Split(protocol, ",")
+ for i := 0; i < len(protocols); i++ {
+ c.Protocol = append(c.Protocol, strings.TrimSpace(protocols[i]))
+ }
+ }
+ c.accept, err = getNonceAccept([]byte(key))
+ if err != nil {
+ return http.StatusInternalServerError, err
+ }
+ return http.StatusSwitchingProtocols, nil
+}
+
+// Origin parses the Origin header in req.
+// If the Origin header is not set, it returns nil and nil.
+func Origin(config *Config, req *http.Request) (*url.URL, error) {
+ var origin string
+ switch config.Version {
+ case ProtocolVersionHybi13:
+ origin = req.Header.Get("Origin")
+ }
+ if origin == "" {
+ return nil, nil
+ }
+ return url.ParseRequestURI(origin)
+}
+
+func (c *hybiServerHandshaker) AcceptHandshake(buf *bufio.Writer) (err error) {
+ if len(c.Protocol) > 0 {
+ if len(c.Protocol) != 1 {
+ // You need choose a Protocol in Handshake func in Server.
+ return ErrBadWebSocketProtocol
+ }
+ }
+ buf.WriteString("HTTP/1.1 101 Switching Protocols\r\n")
+ buf.WriteString("Upgrade: websocket\r\n")
+ buf.WriteString("Connection: Upgrade\r\n")
+ buf.WriteString("Sec-WebSocket-Accept: " + string(c.accept) + "\r\n")
+ if len(c.Protocol) > 0 {
+ buf.WriteString("Sec-WebSocket-Protocol: " + c.Protocol[0] + "\r\n")
+ }
+ // TODO(ukai): send Sec-WebSocket-Extensions.
+ if c.Header != nil {
+ err := c.Header.WriteSubset(buf, handshakeHeader)
+ if err != nil {
+ return err
+ }
+ }
+ buf.WriteString("\r\n")
+ return buf.Flush()
+}
+
+func (c *hybiServerHandshaker) NewServerConn(buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) *Conn {
+ return newHybiServerConn(c.Config, buf, rwc, request)
+}
+
+// newHybiServerConn returns a new WebSocket connection speaking hybi draft protocol.
+func newHybiServerConn(config *Config, buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) *Conn {
+ return newHybiConn(config, buf, rwc, request)
+}
diff --git a/vendor/golang.org/x/net/websocket/server.go b/vendor/golang.org/x/net/websocket/server.go
new file mode 100644
index 000000000..0895dea19
--- /dev/null
+++ b/vendor/golang.org/x/net/websocket/server.go
@@ -0,0 +1,113 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package websocket
+
+import (
+ "bufio"
+ "fmt"
+ "io"
+ "net/http"
+)
+
+func newServerConn(rwc io.ReadWriteCloser, buf *bufio.ReadWriter, req *http.Request, config *Config, handshake func(*Config, *http.Request) error) (conn *Conn, err error) {
+ var hs serverHandshaker = &hybiServerHandshaker{Config: config}
+ code, err := hs.ReadHandshake(buf.Reader, req)
+ if err == ErrBadWebSocketVersion {
+ fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
+ fmt.Fprintf(buf, "Sec-WebSocket-Version: %s\r\n", SupportedProtocolVersion)
+ buf.WriteString("\r\n")
+ buf.WriteString(err.Error())
+ buf.Flush()
+ return
+ }
+ if err != nil {
+ fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
+ buf.WriteString("\r\n")
+ buf.WriteString(err.Error())
+ buf.Flush()
+ return
+ }
+ if handshake != nil {
+ err = handshake(config, req)
+ if err != nil {
+ code = http.StatusForbidden
+ fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
+ buf.WriteString("\r\n")
+ buf.Flush()
+ return
+ }
+ }
+ err = hs.AcceptHandshake(buf.Writer)
+ if err != nil {
+ code = http.StatusBadRequest
+ fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
+ buf.WriteString("\r\n")
+ buf.Flush()
+ return
+ }
+ conn = hs.NewServerConn(buf, rwc, req)
+ return
+}
+
+// Server represents a server of a WebSocket.
+type Server struct {
+ // Config is a WebSocket configuration for new WebSocket connection.
+ Config
+
+ // Handshake is an optional function in WebSocket handshake.
+ // For example, you can check, or don't check Origin header.
+ // Another example, you can select config.Protocol.
+ Handshake func(*Config, *http.Request) error
+
+ // Handler handles a WebSocket connection.
+ Handler
+}
+
+// ServeHTTP implements the http.Handler interface for a WebSocket
+func (s Server) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+ s.serveWebSocket(w, req)
+}
+
+func (s Server) serveWebSocket(w http.ResponseWriter, req *http.Request) {
+ rwc, buf, err := w.(http.Hijacker).Hijack()
+ if err != nil {
+ panic("Hijack failed: " + err.Error())
+ }
+ // The server should abort the WebSocket connection if it finds
+ // the client did not send a handshake that matches with protocol
+ // specification.
+ defer rwc.Close()
+ conn, err := newServerConn(rwc, buf, req, &s.Config, s.Handshake)
+ if err != nil {
+ return
+ }
+ if conn == nil {
+ panic("unexpected nil conn")
+ }
+ s.Handler(conn)
+}
+
+// Handler is a simple interface to a WebSocket browser client.
+// It checks if Origin header is valid URL by default.
+// You might want to verify websocket.Conn.Config().Origin in the func.
+// If you use Server instead of Handler, you could call websocket.Origin and
+// check the origin in your Handshake func. So, if you want to accept
+// non-browser clients, which do not send an Origin header, set a
+// Server.Handshake that does not check the origin.
+type Handler func(*Conn)
+
+func checkOrigin(config *Config, req *http.Request) (err error) {
+ config.Origin, err = Origin(config, req)
+ if err == nil && config.Origin == nil {
+ return fmt.Errorf("null origin")
+ }
+ return err
+}
+
+// ServeHTTP implements the http.Handler interface for a WebSocket
+func (h Handler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+ s := Server{Handler: h, Handshake: checkOrigin}
+ s.serveWebSocket(w, req)
+}
diff --git a/vendor/golang.org/x/net/websocket/websocket.go b/vendor/golang.org/x/net/websocket/websocket.go
new file mode 100644
index 000000000..923a5780e
--- /dev/null
+++ b/vendor/golang.org/x/net/websocket/websocket.go
@@ -0,0 +1,448 @@
+// Copyright 2009 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package websocket implements a client and server for the WebSocket protocol
+// as specified in RFC 6455.
+//
+// This package currently lacks some features found in an alternative
+// and more actively maintained WebSocket package:
+//
+// https://pkg.go.dev/nhooyr.io/websocket
+package websocket // import "golang.org/x/net/websocket"
+
+import (
+ "bufio"
+ "crypto/tls"
+ "encoding/json"
+ "errors"
+ "io"
+ "net"
+ "net/http"
+ "net/url"
+ "sync"
+ "time"
+)
+
+const (
+ ProtocolVersionHybi13 = 13
+ ProtocolVersionHybi = ProtocolVersionHybi13
+ SupportedProtocolVersion = "13"
+
+ ContinuationFrame = 0
+ TextFrame = 1
+ BinaryFrame = 2
+ CloseFrame = 8
+ PingFrame = 9
+ PongFrame = 10
+ UnknownFrame = 255
+
+ DefaultMaxPayloadBytes = 32 << 20 // 32MB
+)
+
+// ProtocolError represents WebSocket protocol errors.
+type ProtocolError struct {
+ ErrorString string
+}
+
+func (err *ProtocolError) Error() string { return err.ErrorString }
+
+var (
+ ErrBadProtocolVersion = &ProtocolError{"bad protocol version"}
+ ErrBadScheme = &ProtocolError{"bad scheme"}
+ ErrBadStatus = &ProtocolError{"bad status"}
+ ErrBadUpgrade = &ProtocolError{"missing or bad upgrade"}
+ ErrBadWebSocketOrigin = &ProtocolError{"missing or bad WebSocket-Origin"}
+ ErrBadWebSocketLocation = &ProtocolError{"missing or bad WebSocket-Location"}
+ ErrBadWebSocketProtocol = &ProtocolError{"missing or bad WebSocket-Protocol"}
+ ErrBadWebSocketVersion = &ProtocolError{"missing or bad WebSocket Version"}
+ ErrChallengeResponse = &ProtocolError{"mismatch challenge/response"}
+ ErrBadFrame = &ProtocolError{"bad frame"}
+ ErrBadFrameBoundary = &ProtocolError{"not on frame boundary"}
+ ErrNotWebSocket = &ProtocolError{"not websocket protocol"}
+ ErrBadRequestMethod = &ProtocolError{"bad method"}
+ ErrNotSupported = &ProtocolError{"not supported"}
+)
+
+// ErrFrameTooLarge is returned by Codec's Receive method if payload size
+// exceeds limit set by Conn.MaxPayloadBytes
+var ErrFrameTooLarge = errors.New("websocket: frame payload size exceeds limit")
+
+// Addr is an implementation of net.Addr for WebSocket.
+type Addr struct {
+ *url.URL
+}
+
+// Network returns the network type for a WebSocket, "websocket".
+func (addr *Addr) Network() string { return "websocket" }
+
+// Config is a WebSocket configuration
+type Config struct {
+ // A WebSocket server address.
+ Location *url.URL
+
+ // A Websocket client origin.
+ Origin *url.URL
+
+ // WebSocket subprotocols.
+ Protocol []string
+
+ // WebSocket protocol version.
+ Version int
+
+ // TLS config for secure WebSocket (wss).
+ TlsConfig *tls.Config
+
+ // Additional header fields to be sent in WebSocket opening handshake.
+ Header http.Header
+
+ // Dialer used when opening websocket connections.
+ Dialer *net.Dialer
+
+ handshakeData map[string]string
+}
+
+// serverHandshaker is an interface to handle WebSocket server side handshake.
+type serverHandshaker interface {
+ // ReadHandshake reads handshake request message from client.
+ // Returns http response code and error if any.
+ ReadHandshake(buf *bufio.Reader, req *http.Request) (code int, err error)
+
+ // AcceptHandshake accepts the client handshake request and sends
+ // handshake response back to client.
+ AcceptHandshake(buf *bufio.Writer) (err error)
+
+ // NewServerConn creates a new WebSocket connection.
+ NewServerConn(buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) (conn *Conn)
+}
+
+// frameReader is an interface to read a WebSocket frame.
+type frameReader interface {
+ // Reader is to read payload of the frame.
+ io.Reader
+
+ // PayloadType returns payload type.
+ PayloadType() byte
+
+ // HeaderReader returns a reader to read header of the frame.
+ HeaderReader() io.Reader
+
+ // TrailerReader returns a reader to read trailer of the frame.
+ // If it returns nil, there is no trailer in the frame.
+ TrailerReader() io.Reader
+
+ // Len returns total length of the frame, including header and trailer.
+ Len() int
+}
+
+// frameReaderFactory is an interface to creates new frame reader.
+type frameReaderFactory interface {
+ NewFrameReader() (r frameReader, err error)
+}
+
+// frameWriter is an interface to write a WebSocket frame.
+type frameWriter interface {
+ // Writer is to write payload of the frame.
+ io.WriteCloser
+}
+
+// frameWriterFactory is an interface to create new frame writer.
+type frameWriterFactory interface {
+ NewFrameWriter(payloadType byte) (w frameWriter, err error)
+}
+
+type frameHandler interface {
+ HandleFrame(frame frameReader) (r frameReader, err error)
+ WriteClose(status int) (err error)
+}
+
+// Conn represents a WebSocket connection.
+//
+// Multiple goroutines may invoke methods on a Conn simultaneously.
+type Conn struct {
+ config *Config
+ request *http.Request
+
+ buf *bufio.ReadWriter
+ rwc io.ReadWriteCloser
+
+ rio sync.Mutex
+ frameReaderFactory
+ frameReader
+
+ wio sync.Mutex
+ frameWriterFactory
+
+ frameHandler
+ PayloadType byte
+ defaultCloseStatus int
+
+ // MaxPayloadBytes limits the size of frame payload received over Conn
+ // by Codec's Receive method. If zero, DefaultMaxPayloadBytes is used.
+ MaxPayloadBytes int
+}
+
+// Read implements the io.Reader interface:
+// it reads data of a frame from the WebSocket connection.
+// if msg is not large enough for the frame data, it fills the msg and next Read
+// will read the rest of the frame data.
+// it reads Text frame or Binary frame.
+func (ws *Conn) Read(msg []byte) (n int, err error) {
+ ws.rio.Lock()
+ defer ws.rio.Unlock()
+again:
+ if ws.frameReader == nil {
+ frame, err := ws.frameReaderFactory.NewFrameReader()
+ if err != nil {
+ return 0, err
+ }
+ ws.frameReader, err = ws.frameHandler.HandleFrame(frame)
+ if err != nil {
+ return 0, err
+ }
+ if ws.frameReader == nil {
+ goto again
+ }
+ }
+ n, err = ws.frameReader.Read(msg)
+ if err == io.EOF {
+ if trailer := ws.frameReader.TrailerReader(); trailer != nil {
+ io.Copy(io.Discard, trailer)
+ }
+ ws.frameReader = nil
+ goto again
+ }
+ return n, err
+}
+
+// Write implements the io.Writer interface:
+// it writes data as a frame to the WebSocket connection.
+func (ws *Conn) Write(msg []byte) (n int, err error) {
+ ws.wio.Lock()
+ defer ws.wio.Unlock()
+ w, err := ws.frameWriterFactory.NewFrameWriter(ws.PayloadType)
+ if err != nil {
+ return 0, err
+ }
+ n, err = w.Write(msg)
+ w.Close()
+ return n, err
+}
+
+// Close implements the io.Closer interface.
+func (ws *Conn) Close() error {
+ err := ws.frameHandler.WriteClose(ws.defaultCloseStatus)
+ err1 := ws.rwc.Close()
+ if err != nil {
+ return err
+ }
+ return err1
+}
+
+// IsClientConn reports whether ws is a client-side connection.
+func (ws *Conn) IsClientConn() bool { return ws.request == nil }
+
+// IsServerConn reports whether ws is a server-side connection.
+func (ws *Conn) IsServerConn() bool { return ws.request != nil }
+
+// LocalAddr returns the WebSocket Origin for the connection for client, or
+// the WebSocket location for server.
+func (ws *Conn) LocalAddr() net.Addr {
+ if ws.IsClientConn() {
+ return &Addr{ws.config.Origin}
+ }
+ return &Addr{ws.config.Location}
+}
+
+// RemoteAddr returns the WebSocket location for the connection for client, or
+// the Websocket Origin for server.
+func (ws *Conn) RemoteAddr() net.Addr {
+ if ws.IsClientConn() {
+ return &Addr{ws.config.Location}
+ }
+ return &Addr{ws.config.Origin}
+}
+
+var errSetDeadline = errors.New("websocket: cannot set deadline: not using a net.Conn")
+
+// SetDeadline sets the connection's network read & write deadlines.
+func (ws *Conn) SetDeadline(t time.Time) error {
+ if conn, ok := ws.rwc.(net.Conn); ok {
+ return conn.SetDeadline(t)
+ }
+ return errSetDeadline
+}
+
+// SetReadDeadline sets the connection's network read deadline.
+func (ws *Conn) SetReadDeadline(t time.Time) error {
+ if conn, ok := ws.rwc.(net.Conn); ok {
+ return conn.SetReadDeadline(t)
+ }
+ return errSetDeadline
+}
+
+// SetWriteDeadline sets the connection's network write deadline.
+func (ws *Conn) SetWriteDeadline(t time.Time) error {
+ if conn, ok := ws.rwc.(net.Conn); ok {
+ return conn.SetWriteDeadline(t)
+ }
+ return errSetDeadline
+}
+
+// Config returns the WebSocket config.
+func (ws *Conn) Config() *Config { return ws.config }
+
+// Request returns the http request upgraded to the WebSocket.
+// It is nil for client side.
+func (ws *Conn) Request() *http.Request { return ws.request }
+
+// Codec represents a symmetric pair of functions that implement a codec.
+type Codec struct {
+ Marshal func(v interface{}) (data []byte, payloadType byte, err error)
+ Unmarshal func(data []byte, payloadType byte, v interface{}) (err error)
+}
+
+// Send sends v marshaled by cd.Marshal as single frame to ws.
+func (cd Codec) Send(ws *Conn, v interface{}) (err error) {
+ data, payloadType, err := cd.Marshal(v)
+ if err != nil {
+ return err
+ }
+ ws.wio.Lock()
+ defer ws.wio.Unlock()
+ w, err := ws.frameWriterFactory.NewFrameWriter(payloadType)
+ if err != nil {
+ return err
+ }
+ _, err = w.Write(data)
+ w.Close()
+ return err
+}
+
+// Receive receives single frame from ws, unmarshaled by cd.Unmarshal and stores
+// in v. The whole frame payload is read to an in-memory buffer; max size of
+// payload is defined by ws.MaxPayloadBytes. If frame payload size exceeds
+// limit, ErrFrameTooLarge is returned; in this case frame is not read off wire
+// completely. The next call to Receive would read and discard leftover data of
+// previous oversized frame before processing next frame.
+func (cd Codec) Receive(ws *Conn, v interface{}) (err error) {
+ ws.rio.Lock()
+ defer ws.rio.Unlock()
+ if ws.frameReader != nil {
+ _, err = io.Copy(io.Discard, ws.frameReader)
+ if err != nil {
+ return err
+ }
+ ws.frameReader = nil
+ }
+again:
+ frame, err := ws.frameReaderFactory.NewFrameReader()
+ if err != nil {
+ return err
+ }
+ frame, err = ws.frameHandler.HandleFrame(frame)
+ if err != nil {
+ return err
+ }
+ if frame == nil {
+ goto again
+ }
+ maxPayloadBytes := ws.MaxPayloadBytes
+ if maxPayloadBytes == 0 {
+ maxPayloadBytes = DefaultMaxPayloadBytes
+ }
+ if hf, ok := frame.(*hybiFrameReader); ok && hf.header.Length > int64(maxPayloadBytes) {
+ // payload size exceeds limit, no need to call Unmarshal
+ //
+ // set frameReader to current oversized frame so that
+ // the next call to this function can drain leftover
+ // data before processing the next frame
+ ws.frameReader = frame
+ return ErrFrameTooLarge
+ }
+ payloadType := frame.PayloadType()
+ data, err := io.ReadAll(frame)
+ if err != nil {
+ return err
+ }
+ return cd.Unmarshal(data, payloadType, v)
+}
+
+func marshal(v interface{}) (msg []byte, payloadType byte, err error) {
+ switch data := v.(type) {
+ case string:
+ return []byte(data), TextFrame, nil
+ case []byte:
+ return data, BinaryFrame, nil
+ }
+ return nil, UnknownFrame, ErrNotSupported
+}
+
+func unmarshal(msg []byte, payloadType byte, v interface{}) (err error) {
+ switch data := v.(type) {
+ case *string:
+ *data = string(msg)
+ return nil
+ case *[]byte:
+ *data = msg
+ return nil
+ }
+ return ErrNotSupported
+}
+
+/*
+Message is a codec to send/receive text/binary data in a frame on WebSocket connection.
+To send/receive text frame, use string type.
+To send/receive binary frame, use []byte type.
+
+Trivial usage:
+
+ import "websocket"
+
+ // receive text frame
+ var message string
+ websocket.Message.Receive(ws, &message)
+
+ // send text frame
+ message = "hello"
+ websocket.Message.Send(ws, message)
+
+ // receive binary frame
+ var data []byte
+ websocket.Message.Receive(ws, &data)
+
+ // send binary frame
+ data = []byte{0, 1, 2}
+ websocket.Message.Send(ws, data)
+*/
+var Message = Codec{marshal, unmarshal}
+
+func jsonMarshal(v interface{}) (msg []byte, payloadType byte, err error) {
+ msg, err = json.Marshal(v)
+ return msg, TextFrame, err
+}
+
+func jsonUnmarshal(msg []byte, payloadType byte, v interface{}) (err error) {
+ return json.Unmarshal(msg, v)
+}
+
+/*
+JSON is a codec to send/receive JSON data in a frame from a WebSocket connection.
+
+Trivial usage:
+
+ import "websocket"
+
+ type T struct {
+ Msg string
+ Count int
+ }
+
+ // receive JSON type T
+ var data T
+ websocket.JSON.Receive(ws, &data)
+
+ // send JSON type T
+ websocket.JSON.Send(ws, data)
+*/
+var JSON = Codec{jsonMarshal, jsonUnmarshal}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/defaults.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/defaults.go
new file mode 100644
index 000000000..29c6a48b6
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/defaults.go
@@ -0,0 +1,38 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package internalversion
+
+import metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+// SetListOptionsDefaults sets defaults on the provided ListOptions if applicable.
+//
+// TODO(#115478): once the watch-list fg is always on we register this function in the scheme (via AddTypeDefaultingFunc).
+// TODO(#115478): when the function is registered in the scheme remove all callers of this method.
+func SetListOptionsDefaults(obj *ListOptions, isWatchListFeatureEnabled bool) {
+ if !isWatchListFeatureEnabled {
+ return
+ }
+ if obj.SendInitialEvents != nil || len(obj.ResourceVersionMatch) != 0 {
+ return
+ }
+ legacy := obj.ResourceVersion == "" || obj.ResourceVersion == "0"
+ if obj.Watch && legacy {
+ turnOnInitialEvents := true
+ obj.SendInitialEvents = &turnOnInitialEvents
+ obj.ResourceVersionMatch = metav1.ResourceVersionMatchNotOlderThan
+ }
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
new file mode 100644
index 000000000..2741ee2c8
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/doc.go
@@ -0,0 +1,20 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +k8s:conversion-gen=k8s.io/apimachinery/pkg/apis/meta/v1
+
+package internalversion // import "k8s.io/apimachinery/pkg/apis/meta/internalversion"
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/register.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/register.go
new file mode 100644
index 000000000..a59ac7126
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/register.go
@@ -0,0 +1,88 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package internalversion
+
+import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ metav1beta1 "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name for this API.
+const GroupName = "meta.k8s.io"
+
+var (
+ // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api.
+ // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes.
+ SchemeBuilder runtime.SchemeBuilder
+ localSchemeBuilder = &SchemeBuilder
+ AddToScheme = localSchemeBuilder.AddToScheme
+)
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
+
+// Kind takes an unqualified kind and returns a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+ return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// addToGroupVersion registers common meta types into schemas.
+func addToGroupVersion(scheme *runtime.Scheme) error {
+ if err := scheme.AddIgnoredConversionType(&metav1.TypeMeta{}, &metav1.TypeMeta{}); err != nil {
+ return err
+ }
+ // ListOptions is the only options struct which needs conversion (it exposes labels and fields
+ // as selectors for convenience). The other types have only a single representation today.
+ scheme.AddKnownTypes(SchemeGroupVersion,
+ &ListOptions{},
+ &metav1.GetOptions{},
+ &metav1.DeleteOptions{},
+ &metav1.CreateOptions{},
+ &metav1.UpdateOptions{},
+ )
+ scheme.AddKnownTypes(SchemeGroupVersion,
+ &metav1.Table{},
+ &metav1.TableOptions{},
+ &metav1beta1.PartialObjectMetadata{},
+ &metav1beta1.PartialObjectMetadataList{},
+ )
+ if err := metav1beta1.AddMetaToScheme(scheme); err != nil {
+ return err
+ }
+ if err := metav1.AddMetaToScheme(scheme); err != nil {
+ return err
+ }
+ // Allow delete options to be decoded across all version in this scheme (we may want to be more clever than this)
+ scheme.AddUnversionedTypes(SchemeGroupVersion,
+ &metav1.DeleteOptions{},
+ &metav1.CreateOptions{},
+ &metav1.UpdateOptions{})
+
+ metav1.AddToGroupVersion(scheme, metav1.SchemeGroupVersion)
+ if err := metav1beta1.RegisterConversions(scheme); err != nil {
+ return err
+ }
+ return nil
+}
+
+// Unlike other API groups, meta internal knows about all meta external versions, but keeps
+// the logic for conversion private.
+func init() {
+ localSchemeBuilder.Register(addToGroupVersion)
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme/doc.go
new file mode 100644
index 000000000..a45fa2a8a
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme/doc.go
@@ -0,0 +1,17 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package scheme // import "k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme"
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme/register.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme/register.go
new file mode 100644
index 000000000..472a9aeb2
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme/register.go
@@ -0,0 +1,39 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package scheme
+
+import (
+ "k8s.io/apimachinery/pkg/apis/meta/internalversion"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+)
+
+// Scheme is the registry for any type that adheres to the meta API spec.
+var scheme = runtime.NewScheme()
+
+// Codecs provides access to encoding and decoding for the scheme.
+var Codecs = serializer.NewCodecFactory(scheme)
+
+// ParameterCodec handles versioning of objects that are converted to query parameters.
+var ParameterCodec = runtime.NewParameterCodec(scheme)
+
+// Unlike other API groups, meta internal knows about all meta external versions, but keeps
+// the logic for conversion private.
+func init() {
+ utilruntime.Must(internalversion.AddToScheme(scheme))
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/types.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/types.go
new file mode 100644
index 000000000..00d2b8c68
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/types.go
@@ -0,0 +1,105 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package internalversion
+
+import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/fields"
+ "k8s.io/apimachinery/pkg/labels"
+ "k8s.io/apimachinery/pkg/runtime"
+)
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// ListOptions is the query options to a standard REST list call.
+type ListOptions struct {
+ metav1.TypeMeta
+
+ // A selector based on labels
+ LabelSelector labels.Selector
+ // A selector based on fields
+ FieldSelector fields.Selector
+ // If true, watch for changes to this list
+ Watch bool
+ // allowWatchBookmarks requests watch events with type "BOOKMARK".
+ // Servers that do not implement bookmarks may ignore this flag and
+ // bookmarks are sent at the server's discretion. Clients should not
+ // assume bookmarks are returned at any specific interval, nor may they
+ // assume the server will send any BOOKMARK event during a session.
+ // If this is not a watch, this field is ignored.
+ // If the feature gate WatchBookmarks is not enabled in apiserver,
+ // this field is ignored.
+ AllowWatchBookmarks bool
+ // resourceVersion sets a constraint on what resource versions a request may be served from.
+ // See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for
+ // details.
+ ResourceVersion string
+ // resourceVersionMatch determines how resourceVersion is applied to list calls.
+ // It is highly recommended that resourceVersionMatch be set for list calls where
+ // resourceVersion is set.
+ // See https://kubernetes.io/docs/reference/using-api/api-concepts/#resource-versions for
+ // details.
+ ResourceVersionMatch metav1.ResourceVersionMatch
+
+ // Timeout for the list/watch call.
+ TimeoutSeconds *int64
+ // Limit specifies the maximum number of results to return from the server. The server may
+ // not support this field on all resource types, but if it does and more results remain it
+ // will set the continue field on the returned list object.
+ Limit int64
+ // Continue is a token returned by the server that lets a client retrieve chunks of results
+ // from the server by specifying limit. The server may reject requests for continuation tokens
+ // it does not recognize and will return a 410 error if the token can no longer be used because
+ // it has expired.
+ Continue string
+
+ // `sendInitialEvents=true` may be set together with `watch=true`.
+ // In that case, the watch stream will begin with synthetic events to
+ // produce the current state of objects in the collection. Once all such
+ // events have been sent, a synthetic "Bookmark" event will be sent.
+ // The bookmark will report the ResourceVersion (RV) corresponding to the
+ // set of objects, and be marked with `"k8s.io/initial-events-end": "true"` annotation.
+ // Afterwards, the watch stream will proceed as usual, sending watch events
+ // corresponding to changes (subsequent to the RV) to objects watched.
+ //
+ // When `sendInitialEvents` option is set, we require `resourceVersionMatch`
+ // option to also be set. The semantic of the watch request is as following:
+ // - `resourceVersionMatch` = NotOlderThan
+ // is interpreted as "data at least as new as the provided `resourceVersion`"
+ // and the bookmark event is send when the state is synced
+ // to a `resourceVersion` at least as fresh as the one provided by the ListOptions.
+ // If `resourceVersion` is unset, this is interpreted as "consistent read" and the
+ // bookmark event is send when the state is synced at least to the moment
+ // when request started being processed.
+ // - `resourceVersionMatch` set to any other value or unset
+ // Invalid error is returned.
+ //
+ // Defaults to true if `resourceVersion=""` or `resourceVersion="0"` (for backward
+ // compatibility reasons) and to false otherwise.
+ SendInitialEvents *bool
+}
+
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+
+// List holds a list of objects, which may not be known by the server.
+type List struct {
+ metav1.TypeMeta
+ // +optional
+ metav1.ListMeta
+
+ Items []runtime.Object
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.conversion.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.conversion.go
new file mode 100644
index 000000000..a6552c276
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.conversion.go
@@ -0,0 +1,148 @@
+//go:build !ignore_autogenerated
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by conversion-gen. DO NOT EDIT.
+
+package internalversion
+
+import (
+ unsafe "unsafe"
+
+ v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ conversion "k8s.io/apimachinery/pkg/conversion"
+ runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+func init() {
+ localSchemeBuilder.Register(RegisterConversions)
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+// Public to allow building arbitrary schemes.
+func RegisterConversions(s *runtime.Scheme) error {
+ if err := s.AddGeneratedConversionFunc((*List)(nil), (*v1.List)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_internalversion_List_To_v1_List(a.(*List), b.(*v1.List), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*v1.List)(nil), (*List)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_List_To_internalversion_List(a.(*v1.List), b.(*List), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*ListOptions)(nil), (*v1.ListOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_internalversion_ListOptions_To_v1_ListOptions(a.(*ListOptions), b.(*v1.ListOptions), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*v1.ListOptions)(nil), (*ListOptions)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_ListOptions_To_internalversion_ListOptions(a.(*v1.ListOptions), b.(*ListOptions), scope)
+ }); err != nil {
+ return err
+ }
+ return nil
+}
+
+func autoConvert_internalversion_List_To_v1_List(in *List, out *v1.List, s conversion.Scope) error {
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]runtime.RawExtension, len(*in))
+ for i := range *in {
+ if err := runtime.Convert_runtime_Object_To_runtime_RawExtension(&(*in)[i], &(*out)[i], s); err != nil {
+ return err
+ }
+ }
+ } else {
+ out.Items = nil
+ }
+ return nil
+}
+
+// Convert_internalversion_List_To_v1_List is an autogenerated conversion function.
+func Convert_internalversion_List_To_v1_List(in *List, out *v1.List, s conversion.Scope) error {
+ return autoConvert_internalversion_List_To_v1_List(in, out, s)
+}
+
+func autoConvert_v1_List_To_internalversion_List(in *v1.List, out *List, s conversion.Scope) error {
+ out.ListMeta = in.ListMeta
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]runtime.Object, len(*in))
+ for i := range *in {
+ if err := runtime.Convert_runtime_RawExtension_To_runtime_Object(&(*in)[i], &(*out)[i], s); err != nil {
+ return err
+ }
+ }
+ } else {
+ out.Items = nil
+ }
+ return nil
+}
+
+// Convert_v1_List_To_internalversion_List is an autogenerated conversion function.
+func Convert_v1_List_To_internalversion_List(in *v1.List, out *List, s conversion.Scope) error {
+ return autoConvert_v1_List_To_internalversion_List(in, out, s)
+}
+
+func autoConvert_internalversion_ListOptions_To_v1_ListOptions(in *ListOptions, out *v1.ListOptions, s conversion.Scope) error {
+ if err := v1.Convert_labels_Selector_To_string(&in.LabelSelector, &out.LabelSelector, s); err != nil {
+ return err
+ }
+ if err := v1.Convert_fields_Selector_To_string(&in.FieldSelector, &out.FieldSelector, s); err != nil {
+ return err
+ }
+ out.Watch = in.Watch
+ out.AllowWatchBookmarks = in.AllowWatchBookmarks
+ out.ResourceVersion = in.ResourceVersion
+ out.ResourceVersionMatch = v1.ResourceVersionMatch(in.ResourceVersionMatch)
+ out.TimeoutSeconds = (*int64)(unsafe.Pointer(in.TimeoutSeconds))
+ out.Limit = in.Limit
+ out.Continue = in.Continue
+ out.SendInitialEvents = (*bool)(unsafe.Pointer(in.SendInitialEvents))
+ return nil
+}
+
+// Convert_internalversion_ListOptions_To_v1_ListOptions is an autogenerated conversion function.
+func Convert_internalversion_ListOptions_To_v1_ListOptions(in *ListOptions, out *v1.ListOptions, s conversion.Scope) error {
+ return autoConvert_internalversion_ListOptions_To_v1_ListOptions(in, out, s)
+}
+
+func autoConvert_v1_ListOptions_To_internalversion_ListOptions(in *v1.ListOptions, out *ListOptions, s conversion.Scope) error {
+ if err := v1.Convert_string_To_labels_Selector(&in.LabelSelector, &out.LabelSelector, s); err != nil {
+ return err
+ }
+ if err := v1.Convert_string_To_fields_Selector(&in.FieldSelector, &out.FieldSelector, s); err != nil {
+ return err
+ }
+ out.Watch = in.Watch
+ out.AllowWatchBookmarks = in.AllowWatchBookmarks
+ out.ResourceVersion = in.ResourceVersion
+ out.ResourceVersionMatch = v1.ResourceVersionMatch(in.ResourceVersionMatch)
+ out.TimeoutSeconds = (*int64)(unsafe.Pointer(in.TimeoutSeconds))
+ out.Limit = in.Limit
+ out.Continue = in.Continue
+ out.SendInitialEvents = (*bool)(unsafe.Pointer(in.SendInitialEvents))
+ return nil
+}
+
+// Convert_v1_ListOptions_To_internalversion_ListOptions is an autogenerated conversion function.
+func Convert_v1_ListOptions_To_internalversion_ListOptions(in *v1.ListOptions, out *ListOptions, s conversion.Scope) error {
+ return autoConvert_v1_ListOptions_To_internalversion_ListOptions(in, out, s)
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.deepcopy.go
new file mode 100644
index 000000000..af66a2ac4
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/internalversion/zz_generated.deepcopy.go
@@ -0,0 +1,102 @@
+//go:build !ignore_autogenerated
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package internalversion
+
+import (
+ runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *List) DeepCopyInto(out *List) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ListMeta.DeepCopyInto(&out.ListMeta)
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]runtime.Object, len(*in))
+ for i := range *in {
+ if (*in)[i] != nil {
+ (*out)[i] = (*in)[i].DeepCopyObject()
+ }
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new List.
+func (in *List) DeepCopy() *List {
+ if in == nil {
+ return nil
+ }
+ out := new(List)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *List) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ListOptions) DeepCopyInto(out *ListOptions) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ if in.LabelSelector != nil {
+ out.LabelSelector = in.LabelSelector.DeepCopySelector()
+ }
+ if in.FieldSelector != nil {
+ out.FieldSelector = in.FieldSelector.DeepCopySelector()
+ }
+ if in.TimeoutSeconds != nil {
+ in, out := &in.TimeoutSeconds, &out.TimeoutSeconds
+ *out = new(int64)
+ **out = **in
+ }
+ if in.SendInitialEvents != nil {
+ in, out := &in.SendInitialEvents, &out.SendInitialEvents
+ *out = new(bool)
+ **out = **in
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ListOptions.
+func (in *ListOptions) DeepCopy() *ListOptions {
+ if in == nil {
+ return nil
+ }
+ out := new(ListOptions)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *ListOptions) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/conversion.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/conversion.go
new file mode 100644
index 000000000..5cac6fba5
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/conversion.go
@@ -0,0 +1,46 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+ "unsafe"
+
+ "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/conversion"
+)
+
+// Convert_Slice_string_To_v1beta1_IncludeObjectPolicy allows converting a URL query parameter value
+func Convert_Slice_string_To_v1beta1_IncludeObjectPolicy(in *[]string, out *IncludeObjectPolicy, s conversion.Scope) error {
+ if len(*in) > 0 {
+ *out = IncludeObjectPolicy((*in)[0])
+ }
+ return nil
+}
+
+// Convert_v1beta1_PartialObjectMetadataList_To_v1_PartialObjectMetadataList allows converting PartialObjectMetadataList between versions
+func Convert_v1beta1_PartialObjectMetadataList_To_v1_PartialObjectMetadataList(in *PartialObjectMetadataList, out *v1.PartialObjectMetadataList, s conversion.Scope) error {
+ out.ListMeta = in.ListMeta
+ out.Items = *(*[]v1.PartialObjectMetadata)(unsafe.Pointer(&in.Items))
+ return nil
+}
+
+// Convert_v1_PartialObjectMetadataList_To_v1beta1_PartialObjectMetadataList allows converting PartialObjectMetadataList between versions
+func Convert_v1_PartialObjectMetadataList_To_v1beta1_PartialObjectMetadataList(in *v1.PartialObjectMetadataList, out *PartialObjectMetadataList, s conversion.Scope) error {
+ out.ListMeta = in.ListMeta
+ out.Items = *(*[]v1.PartialObjectMetadata)(unsafe.Pointer(&in.Items))
+ return nil
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/deepcopy.go
new file mode 100644
index 000000000..2b7e8ca0b
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/deepcopy.go
@@ -0,0 +1,17 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
new file mode 100644
index 000000000..20c9d2ec7
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/doc.go
@@ -0,0 +1,23 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// +k8s:deepcopy-gen=package
+// +k8s:openapi-gen=true
+// +k8s:defaulter-gen=TypeMeta
+
+// +groupName=meta.k8s.io
+
+package v1beta1 // import "k8s.io/apimachinery/pkg/apis/meta/v1beta1"
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.pb.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.pb.go
new file mode 100644
index 000000000..819d936fe
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.pb.go
@@ -0,0 +1,411 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by protoc-gen-gogo. DO NOT EDIT.
+// source: k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
+
+package v1beta1
+
+import (
+ fmt "fmt"
+
+ io "io"
+
+ proto "github.com/gogo/protobuf/proto"
+ v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+
+ math "math"
+ math_bits "math/bits"
+ reflect "reflect"
+ strings "strings"
+)
+
+// Reference imports to suppress errors if they are not otherwise used.
+var _ = proto.Marshal
+var _ = fmt.Errorf
+var _ = math.Inf
+
+// This is a compile-time assertion to ensure that this generated file
+// is compatible with the proto package it is being compiled against.
+// A compilation error at this line likely means your copy of the
+// proto package needs to be updated.
+const _ = proto.GoGoProtoPackageIsVersion3 // please upgrade the proto package
+
+func (m *PartialObjectMetadataList) Reset() { *m = PartialObjectMetadataList{} }
+func (*PartialObjectMetadataList) ProtoMessage() {}
+func (*PartialObjectMetadataList) Descriptor() ([]byte, []int) {
+ return fileDescriptor_39237a8d8061b52f, []int{0}
+}
+func (m *PartialObjectMetadataList) XXX_Unmarshal(b []byte) error {
+ return m.Unmarshal(b)
+}
+func (m *PartialObjectMetadataList) XXX_Marshal(b []byte, deterministic bool) ([]byte, error) {
+ b = b[:cap(b)]
+ n, err := m.MarshalToSizedBuffer(b)
+ if err != nil {
+ return nil, err
+ }
+ return b[:n], nil
+}
+func (m *PartialObjectMetadataList) XXX_Merge(src proto.Message) {
+ xxx_messageInfo_PartialObjectMetadataList.Merge(m, src)
+}
+func (m *PartialObjectMetadataList) XXX_Size() int {
+ return m.Size()
+}
+func (m *PartialObjectMetadataList) XXX_DiscardUnknown() {
+ xxx_messageInfo_PartialObjectMetadataList.DiscardUnknown(m)
+}
+
+var xxx_messageInfo_PartialObjectMetadataList proto.InternalMessageInfo
+
+func init() {
+ proto.RegisterType((*PartialObjectMetadataList)(nil), "k8s.io.apimachinery.pkg.apis.meta.v1beta1.PartialObjectMetadataList")
+}
+
+func init() {
+ proto.RegisterFile("k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto", fileDescriptor_39237a8d8061b52f)
+}
+
+var fileDescriptor_39237a8d8061b52f = []byte{
+ // 303 bytes of a gzipped FileDescriptorProto
+ 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x92, 0x41, 0x4b, 0xf3, 0x30,
+ 0x1c, 0xc6, 0x9b, 0xf7, 0x65, 0x30, 0x3a, 0x04, 0xd9, 0x69, 0xee, 0x90, 0x0d, 0x4f, 0xdb, 0xc1,
+ 0x84, 0x0d, 0x11, 0xc5, 0xdb, 0x6e, 0x82, 0x32, 0xd9, 0x51, 0x3c, 0x98, 0x76, 0x31, 0x8b, 0x35,
+ 0x4d, 0x69, 0xfe, 0x15, 0xbc, 0xf9, 0x11, 0xfc, 0x58, 0x3d, 0xee, 0x38, 0x10, 0x86, 0x8d, 0x5f,
+ 0x44, 0xd2, 0x56, 0x91, 0xa1, 0xd0, 0x5b, 0x9e, 0x07, 0x7e, 0xbf, 0x3c, 0x81, 0xf8, 0x67, 0xd1,
+ 0xa9, 0x21, 0x52, 0x53, 0x96, 0x48, 0xc5, 0xc2, 0x95, 0x8c, 0x79, 0xfa, 0x4c, 0x93, 0x48, 0xb8,
+ 0xc2, 0x50, 0xc5, 0x81, 0xd1, 0xa7, 0x49, 0xc0, 0x81, 0x4d, 0xa8, 0xe0, 0x31, 0x4f, 0x19, 0xf0,
+ 0x25, 0x49, 0x52, 0x0d, 0xba, 0x3b, 0xae, 0x50, 0xf2, 0x13, 0x25, 0x49, 0x24, 0x5c, 0x61, 0x88,
+ 0x43, 0x49, 0x8d, 0xf6, 0x8f, 0x84, 0x84, 0x55, 0x16, 0x90, 0x50, 0x2b, 0x2a, 0xb4, 0xd0, 0xb4,
+ 0x34, 0x04, 0xd9, 0x7d, 0x99, 0xca, 0x50, 0x9e, 0x2a, 0x73, 0xff, 0xb8, 0xc9, 0xa8, 0xdd, 0x3d,
+ 0xfd, 0x93, 0xbf, 0xa8, 0x34, 0x8b, 0x41, 0x2a, 0x4e, 0x4d, 0xb8, 0xe2, 0x8a, 0xed, 0x72, 0x87,
+ 0x6f, 0xc8, 0x3f, 0xb8, 0x66, 0x29, 0x48, 0xf6, 0x38, 0x0f, 0x1e, 0x78, 0x08, 0x57, 0x1c, 0xd8,
+ 0x92, 0x01, 0xbb, 0x94, 0x06, 0xba, 0xb7, 0x7e, 0x5b, 0xd5, 0xb9, 0xf7, 0x6f, 0x88, 0x46, 0x9d,
+ 0x29, 0x21, 0x4d, 0x1e, 0x4e, 0x1c, 0xed, 0x4c, 0xb3, 0xfd, 0x7c, 0x3b, 0xf0, 0xec, 0x76, 0xd0,
+ 0xfe, 0x6a, 0x16, 0xdf, 0xc6, 0xee, 0x9d, 0xdf, 0x92, 0xc0, 0x95, 0xe9, 0xa1, 0xe1, 0xff, 0x51,
+ 0x67, 0x7a, 0xde, 0x4c, 0xfd, 0xeb, 0xda, 0xd9, 0x5e, 0x7d, 0x4f, 0xeb, 0xc2, 0x19, 0x17, 0x95,
+ 0x78, 0x36, 0xcf, 0x0b, 0xec, 0xad, 0x0b, 0xec, 0x6d, 0x0a, 0xec, 0xbd, 0x58, 0x8c, 0x72, 0x8b,
+ 0xd1, 0xda, 0x62, 0xb4, 0xb1, 0x18, 0xbd, 0x5b, 0x8c, 0x5e, 0x3f, 0xb0, 0x77, 0x33, 0x6e, 0xfc,
+ 0x0d, 0x3e, 0x03, 0x00, 0x00, 0xff, 0xff, 0xfe, 0x0f, 0xd7, 0x36, 0x32, 0x02, 0x00, 0x00,
+}
+
+func (m *PartialObjectMetadataList) Marshal() (dAtA []byte, err error) {
+ size := m.Size()
+ dAtA = make([]byte, size)
+ n, err := m.MarshalToSizedBuffer(dAtA[:size])
+ if err != nil {
+ return nil, err
+ }
+ return dAtA[:n], nil
+}
+
+func (m *PartialObjectMetadataList) MarshalTo(dAtA []byte) (int, error) {
+ size := m.Size()
+ return m.MarshalToSizedBuffer(dAtA[:size])
+}
+
+func (m *PartialObjectMetadataList) MarshalToSizedBuffer(dAtA []byte) (int, error) {
+ i := len(dAtA)
+ _ = i
+ var l int
+ _ = l
+ {
+ size, err := m.ListMeta.MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintGenerated(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0x12
+ if len(m.Items) > 0 {
+ for iNdEx := len(m.Items) - 1; iNdEx >= 0; iNdEx-- {
+ {
+ size, err := m.Items[iNdEx].MarshalToSizedBuffer(dAtA[:i])
+ if err != nil {
+ return 0, err
+ }
+ i -= size
+ i = encodeVarintGenerated(dAtA, i, uint64(size))
+ }
+ i--
+ dAtA[i] = 0xa
+ }
+ }
+ return len(dAtA) - i, nil
+}
+
+func encodeVarintGenerated(dAtA []byte, offset int, v uint64) int {
+ offset -= sovGenerated(v)
+ base := offset
+ for v >= 1<<7 {
+ dAtA[offset] = uint8(v&0x7f | 0x80)
+ v >>= 7
+ offset++
+ }
+ dAtA[offset] = uint8(v)
+ return base
+}
+func (m *PartialObjectMetadataList) Size() (n int) {
+ if m == nil {
+ return 0
+ }
+ var l int
+ _ = l
+ if len(m.Items) > 0 {
+ for _, e := range m.Items {
+ l = e.Size()
+ n += 1 + l + sovGenerated(uint64(l))
+ }
+ }
+ l = m.ListMeta.Size()
+ n += 1 + l + sovGenerated(uint64(l))
+ return n
+}
+
+func sovGenerated(x uint64) (n int) {
+ return (math_bits.Len64(x|1) + 6) / 7
+}
+func sozGenerated(x uint64) (n int) {
+ return sovGenerated(uint64((x << 1) ^ uint64((int64(x) >> 63))))
+}
+func (this *PartialObjectMetadataList) String() string {
+ if this == nil {
+ return "nil"
+ }
+ repeatedStringForItems := "[]PartialObjectMetadata{"
+ for _, f := range this.Items {
+ repeatedStringForItems += fmt.Sprintf("%v", f) + ","
+ }
+ repeatedStringForItems += "}"
+ s := strings.Join([]string{`&PartialObjectMetadataList{`,
+ `Items:` + repeatedStringForItems + `,`,
+ `ListMeta:` + strings.Replace(strings.Replace(fmt.Sprintf("%v", this.ListMeta), "ListMeta", "v1.ListMeta", 1), `&`, ``, 1) + `,`,
+ `}`,
+ }, "")
+ return s
+}
+func valueToStringGenerated(v interface{}) string {
+ rv := reflect.ValueOf(v)
+ if rv.IsNil() {
+ return "nil"
+ }
+ pv := reflect.Indirect(rv).Interface()
+ return fmt.Sprintf("*%v", pv)
+}
+func (m *PartialObjectMetadataList) Unmarshal(dAtA []byte) error {
+ l := len(dAtA)
+ iNdEx := 0
+ for iNdEx < l {
+ preIndex := iNdEx
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= uint64(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ fieldNum := int32(wire >> 3)
+ wireType := int(wire & 0x7)
+ if wireType == 4 {
+ return fmt.Errorf("proto: PartialObjectMetadataList: wiretype end group for non-group")
+ }
+ if fieldNum <= 0 {
+ return fmt.Errorf("proto: PartialObjectMetadataList: illegal tag %d (wire type %d)", fieldNum, wire)
+ }
+ switch fieldNum {
+ case 1:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field Items", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ m.Items = append(m.Items, v1.PartialObjectMetadata{})
+ if err := m.Items[len(m.Items)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ case 2:
+ if wireType != 2 {
+ return fmt.Errorf("proto: wrong wireType = %d for field ListMeta", wireType)
+ }
+ var msglen int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ msglen |= int(b&0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if msglen < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ postIndex := iNdEx + msglen
+ if postIndex < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ if postIndex > l {
+ return io.ErrUnexpectedEOF
+ }
+ if err := m.ListMeta.Unmarshal(dAtA[iNdEx:postIndex]); err != nil {
+ return err
+ }
+ iNdEx = postIndex
+ default:
+ iNdEx = preIndex
+ skippy, err := skipGenerated(dAtA[iNdEx:])
+ if err != nil {
+ return err
+ }
+ if (skippy < 0) || (iNdEx+skippy) < 0 {
+ return ErrInvalidLengthGenerated
+ }
+ if (iNdEx + skippy) > l {
+ return io.ErrUnexpectedEOF
+ }
+ iNdEx += skippy
+ }
+ }
+
+ if iNdEx > l {
+ return io.ErrUnexpectedEOF
+ }
+ return nil
+}
+func skipGenerated(dAtA []byte) (n int, err error) {
+ l := len(dAtA)
+ iNdEx := 0
+ depth := 0
+ for iNdEx < l {
+ var wire uint64
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return 0, ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return 0, io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ wire |= (uint64(b) & 0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ wireType := int(wire & 0x7)
+ switch wireType {
+ case 0:
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return 0, ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return 0, io.ErrUnexpectedEOF
+ }
+ iNdEx++
+ if dAtA[iNdEx-1] < 0x80 {
+ break
+ }
+ }
+ case 1:
+ iNdEx += 8
+ case 2:
+ var length int
+ for shift := uint(0); ; shift += 7 {
+ if shift >= 64 {
+ return 0, ErrIntOverflowGenerated
+ }
+ if iNdEx >= l {
+ return 0, io.ErrUnexpectedEOF
+ }
+ b := dAtA[iNdEx]
+ iNdEx++
+ length |= (int(b) & 0x7F) << shift
+ if b < 0x80 {
+ break
+ }
+ }
+ if length < 0 {
+ return 0, ErrInvalidLengthGenerated
+ }
+ iNdEx += length
+ case 3:
+ depth++
+ case 4:
+ if depth == 0 {
+ return 0, ErrUnexpectedEndOfGroupGenerated
+ }
+ depth--
+ case 5:
+ iNdEx += 4
+ default:
+ return 0, fmt.Errorf("proto: illegal wireType %d", wireType)
+ }
+ if iNdEx < 0 {
+ return 0, ErrInvalidLengthGenerated
+ }
+ if depth == 0 {
+ return iNdEx, nil
+ }
+ }
+ return 0, io.ErrUnexpectedEOF
+}
+
+var (
+ ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling")
+ ErrIntOverflowGenerated = fmt.Errorf("proto: integer overflow")
+ ErrUnexpectedEndOfGroupGenerated = fmt.Errorf("proto: unexpected end of group")
+)
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
new file mode 100644
index 000000000..d14d42591
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/generated.proto
@@ -0,0 +1,41 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+
+// This file was autogenerated by go-to-protobuf. Do not edit it manually!
+
+syntax = "proto2";
+
+package k8s.io.apimachinery.pkg.apis.meta.v1beta1;
+
+import "k8s.io/apimachinery/pkg/apis/meta/v1/generated.proto";
+import "k8s.io/apimachinery/pkg/runtime/schema/generated.proto";
+
+// Package-wide variables from generator "generated".
+option go_package = "k8s.io/apimachinery/pkg/apis/meta/v1beta1";
+
+// PartialObjectMetadataList contains a list of objects containing only their metadata.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+message PartialObjectMetadataList {
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ // +optional
+ optional k8s.io.apimachinery.pkg.apis.meta.v1.ListMeta metadata = 2;
+
+ // items contains each of the included items.
+ repeated k8s.io.apimachinery.pkg.apis.meta.v1.PartialObjectMetadata items = 1;
+}
+
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/register.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/register.go
new file mode 100644
index 000000000..a4a412e33
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/register.go
@@ -0,0 +1,62 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+import (
+ "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/conversion"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// GroupName is the group name for this API.
+const GroupName = "meta.k8s.io"
+
+// SchemeGroupVersion is group version used to register these objects
+var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1beta1"}
+
+// Kind takes an unqualified kind and returns a Group qualified GroupKind
+func Kind(kind string) schema.GroupKind {
+ return SchemeGroupVersion.WithKind(kind).GroupKind()
+}
+
+// AddMetaToScheme registers base meta types into schemas.
+func AddMetaToScheme(scheme *runtime.Scheme) error {
+ scheme.AddKnownTypes(SchemeGroupVersion,
+ &Table{},
+ &TableOptions{},
+ &PartialObjectMetadata{},
+ &PartialObjectMetadataList{},
+ )
+
+ return nil
+}
+
+// RegisterConversions adds conversion functions to the given scheme.
+func RegisterConversions(s *runtime.Scheme) error {
+ if err := s.AddGeneratedConversionFunc((*PartialObjectMetadataList)(nil), (*v1.PartialObjectMetadataList)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1beta1_PartialObjectMetadataList_To_v1_PartialObjectMetadataList(a.(*PartialObjectMetadataList), b.(*v1.PartialObjectMetadataList), scope)
+ }); err != nil {
+ return err
+ }
+ if err := s.AddGeneratedConversionFunc((*v1.PartialObjectMetadataList)(nil), (*PartialObjectMetadataList)(nil), func(a, b interface{}, scope conversion.Scope) error {
+ return Convert_v1_PartialObjectMetadataList_To_v1beta1_PartialObjectMetadataList(a.(*v1.PartialObjectMetadataList), b.(*PartialObjectMetadataList), scope)
+ }); err != nil {
+ return err
+ }
+ return nil
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types.go
new file mode 100644
index 000000000..f16170a37
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types.go
@@ -0,0 +1,84 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// package v1beta1 is alpha objects from meta that will be introduced.
+package v1beta1
+
+import (
+ v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// Table is a tabular representation of a set of API resources. The server transforms the
+// object into a set of preferred columns for quickly reviewing the objects.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+// +protobuf=false
+type Table = v1.Table
+
+// TableColumnDefinition contains information about a column returned in the Table.
+// +protobuf=false
+type TableColumnDefinition = v1.TableColumnDefinition
+
+// TableRow is an individual row in a table.
+// +protobuf=false
+type TableRow = v1.TableRow
+
+// TableRowCondition allows a row to be marked with additional information.
+// +protobuf=false
+type TableRowCondition = v1.TableRowCondition
+
+type RowConditionType = v1.RowConditionType
+
+type ConditionStatus = v1.ConditionStatus
+
+type IncludeObjectPolicy = v1.IncludeObjectPolicy
+
+// TableOptions are used when a Table is requested by the caller.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+type TableOptions = v1.TableOptions
+
+// PartialObjectMetadata is a generic representation of any object with ObjectMeta. It allows clients
+// to get access to a particular ObjectMeta schema without knowing the details of the version.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+type PartialObjectMetadata = v1.PartialObjectMetadata
+
+// IMPORTANT: PartialObjectMetadataList has different protobuf field ids in v1beta1 than
+// v1 because ListMeta was accidentally omitted prior to 1.15. Therefore this type must
+// remain independent of v1.PartialObjectMetadataList to preserve mappings.
+
+// PartialObjectMetadataList contains a list of objects containing only their metadata.
+// +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object
+type PartialObjectMetadataList struct {
+ v1.TypeMeta `json:",inline"`
+ // Standard list metadata.
+ // More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ // +optional
+ v1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,2,opt,name=metadata"`
+
+ // items contains each of the included items.
+ Items []v1.PartialObjectMetadata `json:"items" protobuf:"bytes,1,rep,name=items"`
+}
+
+const (
+ RowCompleted = v1.RowCompleted
+
+ ConditionTrue = v1.ConditionTrue
+ ConditionFalse = v1.ConditionFalse
+ ConditionUnknown = v1.ConditionUnknown
+
+ IncludeNone = v1.IncludeNone
+ IncludeMetadata = v1.IncludeMetadata
+ IncludeObject = v1.IncludeObject
+)
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types_swagger_doc_generated.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types_swagger_doc_generated.go
new file mode 100644
index 000000000..dff735dcf
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/types_swagger_doc_generated.go
@@ -0,0 +1,40 @@
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package v1beta1
+
+// This file contains a collection of methods that can be used from go-restful to
+// generate Swagger API documentation for its models. Please read this PR for more
+// information on the implementation: https://github.com/emicklei/go-restful/pull/215
+//
+// TODOs are ignored from the parser (e.g. TODO(andronat):... || TODO:...) if and only if
+// they are on one line! For multiple line or blocks that you want to ignore use ---.
+// Any context after a --- is ignored.
+//
+// Those methods can be generated by using hack/update-codegen.sh
+
+// AUTO-GENERATED FUNCTIONS START HERE. DO NOT EDIT.
+var map_PartialObjectMetadataList = map[string]string{
+ "": "PartialObjectMetadataList contains a list of objects containing only their metadata.",
+ "metadata": "Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ "items": "items contains each of the included items.",
+}
+
+func (PartialObjectMetadataList) SwaggerDoc() map[string]string {
+ return map_PartialObjectMetadataList
+}
+
+// AUTO-GENERATED FUNCTIONS END HERE
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.deepcopy.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.deepcopy.go
new file mode 100644
index 000000000..972b7f03e
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.deepcopy.go
@@ -0,0 +1,60 @@
+//go:build !ignore_autogenerated
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by deepcopy-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+ v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *PartialObjectMetadataList) DeepCopyInto(out *PartialObjectMetadataList) {
+ *out = *in
+ out.TypeMeta = in.TypeMeta
+ in.ListMeta.DeepCopyInto(&out.ListMeta)
+ if in.Items != nil {
+ in, out := &in.Items, &out.Items
+ *out = make([]v1.PartialObjectMetadata, len(*in))
+ for i := range *in {
+ (*in)[i].DeepCopyInto(&(*out)[i])
+ }
+ }
+ return
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialObjectMetadataList.
+func (in *PartialObjectMetadataList) DeepCopy() *PartialObjectMetadataList {
+ if in == nil {
+ return nil
+ }
+ out := new(PartialObjectMetadataList)
+ in.DeepCopyInto(out)
+ return out
+}
+
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *PartialObjectMetadataList) DeepCopyObject() runtime.Object {
+ if c := in.DeepCopy(); c != nil {
+ return c
+ }
+ return nil
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.defaults.go b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.defaults.go
new file mode 100644
index 000000000..198b5be4a
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/apis/meta/v1beta1/zz_generated.defaults.go
@@ -0,0 +1,33 @@
+//go:build !ignore_autogenerated
+// +build !ignore_autogenerated
+
+/*
+Copyright The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Code generated by defaulter-gen. DO NOT EDIT.
+
+package v1beta1
+
+import (
+ runtime "k8s.io/apimachinery/pkg/runtime"
+)
+
+// RegisterDefaults adds defaulters functions to the given scheme.
+// Public to allow building arbitrary schemes.
+// All generated defaulters are covering - they call all nested defaulters.
+func RegisterDefaults(scheme *runtime.Scheme) error {
+ return nil
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/doc.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/doc.go
new file mode 100644
index 000000000..5893df5bd
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package httpstream adds multiplexed streaming support to HTTP requests and
+// responses via connection upgrades.
+package httpstream // import "k8s.io/apimachinery/pkg/util/httpstream"
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go
new file mode 100644
index 000000000..a32fce5a0
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/httpstream.go
@@ -0,0 +1,180 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package httpstream
+
+import (
+ "errors"
+ "fmt"
+ "io"
+ "net/http"
+ "strings"
+ "time"
+)
+
+const (
+ HeaderConnection = "Connection"
+ HeaderUpgrade = "Upgrade"
+ HeaderProtocolVersion = "X-Stream-Protocol-Version"
+ HeaderAcceptedProtocolVersions = "X-Accepted-Stream-Protocol-Versions"
+)
+
+// NewStreamHandler defines a function that is called when a new Stream is
+// received. If no error is returned, the Stream is accepted; otherwise,
+// the stream is rejected. After the reply frame has been sent, replySent is closed.
+type NewStreamHandler func(stream Stream, replySent <-chan struct{}) error
+
+// NoOpNewStreamHandler is a stream handler that accepts a new stream and
+// performs no other logic.
+func NoOpNewStreamHandler(stream Stream, replySent <-chan struct{}) error { return nil }
+
+// Dialer knows how to open a streaming connection to a server.
+type Dialer interface {
+
+ // Dial opens a streaming connection to a server using one of the protocols
+ // specified (in order of most preferred to least preferred).
+ Dial(protocols ...string) (Connection, string, error)
+}
+
+// UpgradeRoundTripper is a type of http.RoundTripper that is able to upgrade
+// HTTP requests to support multiplexed bidirectional streams. After RoundTrip()
+// is invoked, if the upgrade is successful, clients may retrieve the upgraded
+// connection by calling UpgradeRoundTripper.Connection().
+type UpgradeRoundTripper interface {
+ http.RoundTripper
+ // NewConnection validates the response and creates a new Connection.
+ NewConnection(resp *http.Response) (Connection, error)
+}
+
+// ResponseUpgrader knows how to upgrade HTTP requests and responses to
+// add streaming support to them.
+type ResponseUpgrader interface {
+ // UpgradeResponse upgrades an HTTP response to one that supports multiplexed
+ // streams. newStreamHandler will be called asynchronously whenever the
+ // other end of the upgraded connection creates a new stream.
+ UpgradeResponse(w http.ResponseWriter, req *http.Request, newStreamHandler NewStreamHandler) Connection
+}
+
+// Connection represents an upgraded HTTP connection.
+type Connection interface {
+ // CreateStream creates a new Stream with the supplied headers.
+ CreateStream(headers http.Header) (Stream, error)
+ // Close resets all streams and closes the connection.
+ Close() error
+ // CloseChan returns a channel that is closed when the underlying connection is closed.
+ CloseChan() <-chan bool
+ // SetIdleTimeout sets the amount of time the connection may remain idle before
+ // it is automatically closed.
+ SetIdleTimeout(timeout time.Duration)
+ // RemoveStreams can be used to remove a set of streams from the Connection.
+ RemoveStreams(streams ...Stream)
+}
+
+// Stream represents a bidirectional communications channel that is part of an
+// upgraded connection.
+type Stream interface {
+ io.ReadWriteCloser
+ // Reset closes both directions of the stream, indicating that neither client
+ // or server can use it any more.
+ Reset() error
+ // Headers returns the headers used to create the stream.
+ Headers() http.Header
+ // Identifier returns the stream's ID.
+ Identifier() uint32
+}
+
+// UpgradeFailureError encapsulates the cause for why the streaming
+// upgrade request failed. Implements error interface.
+type UpgradeFailureError struct {
+ Cause error
+}
+
+func (u *UpgradeFailureError) Error() string {
+ return fmt.Sprintf("unable to upgrade streaming request: %s", u.Cause)
+}
+
+// IsUpgradeFailure returns true if the passed error is (or wrapped error contains)
+// the UpgradeFailureError.
+func IsUpgradeFailure(err error) bool {
+ if err == nil {
+ return false
+ }
+ var upgradeErr *UpgradeFailureError
+ return errors.As(err, &upgradeErr)
+}
+
+// IsUpgradeRequest returns true if the given request is a connection upgrade request
+func IsUpgradeRequest(req *http.Request) bool {
+ for _, h := range req.Header[http.CanonicalHeaderKey(HeaderConnection)] {
+ if strings.Contains(strings.ToLower(h), strings.ToLower(HeaderUpgrade)) {
+ return true
+ }
+ }
+ return false
+}
+
+func negotiateProtocol(clientProtocols, serverProtocols []string) string {
+ for i := range clientProtocols {
+ for j := range serverProtocols {
+ if clientProtocols[i] == serverProtocols[j] {
+ return clientProtocols[i]
+ }
+ }
+ }
+ return ""
+}
+
+func commaSeparatedHeaderValues(header []string) []string {
+ var parsedClientProtocols []string
+ for i := range header {
+ for _, clientProtocol := range strings.Split(header[i], ",") {
+ if proto := strings.Trim(clientProtocol, " "); len(proto) > 0 {
+ parsedClientProtocols = append(parsedClientProtocols, proto)
+ }
+ }
+ }
+ return parsedClientProtocols
+}
+
+// Handshake performs a subprotocol negotiation. If the client did request a
+// subprotocol, Handshake will select the first common value found in
+// serverProtocols. If a match is found, Handshake adds a response header
+// indicating the chosen subprotocol. If no match is found, HTTP forbidden is
+// returned, along with a response header containing the list of protocols the
+// server can accept.
+func Handshake(req *http.Request, w http.ResponseWriter, serverProtocols []string) (string, error) {
+ clientProtocols := commaSeparatedHeaderValues(req.Header[http.CanonicalHeaderKey(HeaderProtocolVersion)])
+ if len(clientProtocols) == 0 {
+ return "", fmt.Errorf("unable to upgrade: %s is required", HeaderProtocolVersion)
+ }
+
+ if len(serverProtocols) == 0 {
+ panic(fmt.Errorf("unable to upgrade: serverProtocols is required"))
+ }
+
+ negotiatedProtocol := negotiateProtocol(clientProtocols, serverProtocols)
+ if len(negotiatedProtocol) == 0 {
+ for i := range serverProtocols {
+ w.Header().Add(HeaderAcceptedProtocolVersions, serverProtocols[i])
+ }
+ err := fmt.Errorf("unable to upgrade: unable to negotiate protocol: client supports %v, server accepts %v", clientProtocols, serverProtocols)
+ http.Error(w, err.Error(), http.StatusForbidden)
+ return "", err
+ }
+
+ w.Header().Add(HeaderProtocolVersion, negotiatedProtocol)
+ return negotiatedProtocol, nil
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go
new file mode 100644
index 000000000..d4ceab84f
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/connection.go
@@ -0,0 +1,204 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package spdy
+
+import (
+ "net"
+ "net/http"
+ "sync"
+ "time"
+
+ "github.com/moby/spdystream"
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/klog/v2"
+)
+
+// connection maintains state about a spdystream.Connection and its associated
+// streams.
+type connection struct {
+ conn *spdystream.Connection
+ streams map[uint32]httpstream.Stream
+ streamLock sync.Mutex
+ newStreamHandler httpstream.NewStreamHandler
+ ping func() (time.Duration, error)
+}
+
+// NewClientConnection creates a new SPDY client connection.
+func NewClientConnection(conn net.Conn) (httpstream.Connection, error) {
+ return NewClientConnectionWithPings(conn, 0)
+}
+
+// NewClientConnectionWithPings creates a new SPDY client connection.
+//
+// If pingPeriod is non-zero, a background goroutine will send periodic Ping
+// frames to the server. Use this to keep idle connections through certain load
+// balancers alive longer.
+func NewClientConnectionWithPings(conn net.Conn, pingPeriod time.Duration) (httpstream.Connection, error) {
+ spdyConn, err := spdystream.NewConnection(conn, false)
+ if err != nil {
+ defer conn.Close()
+ return nil, err
+ }
+
+ return newConnection(spdyConn, httpstream.NoOpNewStreamHandler, pingPeriod, spdyConn.Ping), nil
+}
+
+// NewServerConnection creates a new SPDY server connection. newStreamHandler
+// will be invoked when the server receives a newly created stream from the
+// client.
+func NewServerConnection(conn net.Conn, newStreamHandler httpstream.NewStreamHandler) (httpstream.Connection, error) {
+ return NewServerConnectionWithPings(conn, newStreamHandler, 0)
+}
+
+// NewServerConnectionWithPings creates a new SPDY server connection.
+// newStreamHandler will be invoked when the server receives a newly created
+// stream from the client.
+//
+// If pingPeriod is non-zero, a background goroutine will send periodic Ping
+// frames to the server. Use this to keep idle connections through certain load
+// balancers alive longer.
+func NewServerConnectionWithPings(conn net.Conn, newStreamHandler httpstream.NewStreamHandler, pingPeriod time.Duration) (httpstream.Connection, error) {
+ spdyConn, err := spdystream.NewConnection(conn, true)
+ if err != nil {
+ defer conn.Close()
+ return nil, err
+ }
+
+ return newConnection(spdyConn, newStreamHandler, pingPeriod, spdyConn.Ping), nil
+}
+
+// newConnection returns a new connection wrapping conn. newStreamHandler
+// will be invoked when the server receives a newly created stream from the
+// client.
+func newConnection(conn *spdystream.Connection, newStreamHandler httpstream.NewStreamHandler, pingPeriod time.Duration, pingFn func() (time.Duration, error)) httpstream.Connection {
+ c := &connection{
+ conn: conn,
+ newStreamHandler: newStreamHandler,
+ ping: pingFn,
+ streams: make(map[uint32]httpstream.Stream),
+ }
+ go conn.Serve(c.newSpdyStream)
+ if pingPeriod > 0 && pingFn != nil {
+ go c.sendPings(pingPeriod)
+ }
+ return c
+}
+
+// createStreamResponseTimeout indicates how long to wait for the other side to
+// acknowledge the new stream before timing out.
+const createStreamResponseTimeout = 30 * time.Second
+
+// Close first sends a reset for all of the connection's streams, and then
+// closes the underlying spdystream.Connection.
+func (c *connection) Close() error {
+ c.streamLock.Lock()
+ for _, s := range c.streams {
+ // calling Reset instead of Close ensures that all streams are fully torn down
+ s.Reset()
+ }
+ c.streams = make(map[uint32]httpstream.Stream, 0)
+ c.streamLock.Unlock()
+
+ // now that all streams are fully torn down, it's safe to call close on the underlying connection,
+ // which should be able to terminate immediately at this point, instead of waiting for any
+ // remaining graceful stream termination.
+ return c.conn.Close()
+}
+
+// RemoveStreams can be used to removes a set of streams from the Connection.
+func (c *connection) RemoveStreams(streams ...httpstream.Stream) {
+ c.streamLock.Lock()
+ for _, stream := range streams {
+ // It may be possible that the provided stream is nil if timed out.
+ if stream != nil {
+ delete(c.streams, stream.Identifier())
+ }
+ }
+ c.streamLock.Unlock()
+}
+
+// CreateStream creates a new stream with the specified headers and registers
+// it with the connection.
+func (c *connection) CreateStream(headers http.Header) (httpstream.Stream, error) {
+ stream, err := c.conn.CreateStream(headers, nil, false)
+ if err != nil {
+ return nil, err
+ }
+ if err = stream.WaitTimeout(createStreamResponseTimeout); err != nil {
+ return nil, err
+ }
+
+ c.registerStream(stream)
+ return stream, nil
+}
+
+// registerStream adds the stream s to the connection's list of streams that
+// it owns.
+func (c *connection) registerStream(s httpstream.Stream) {
+ c.streamLock.Lock()
+ c.streams[s.Identifier()] = s
+ c.streamLock.Unlock()
+}
+
+// CloseChan returns a channel that, when closed, indicates that the underlying
+// spdystream.Connection has been closed.
+func (c *connection) CloseChan() <-chan bool {
+ return c.conn.CloseChan()
+}
+
+// newSpdyStream is the internal new stream handler used by spdystream.Connection.Serve.
+// It calls connection's newStreamHandler, giving it the opportunity to accept or reject
+// the stream. If newStreamHandler returns an error, the stream is rejected. If not, the
+// stream is accepted and registered with the connection.
+func (c *connection) newSpdyStream(stream *spdystream.Stream) {
+ replySent := make(chan struct{})
+ err := c.newStreamHandler(stream, replySent)
+ rejectStream := (err != nil)
+ if rejectStream {
+ klog.Warningf("Stream rejected: %v", err)
+ stream.Reset()
+ return
+ }
+
+ c.registerStream(stream)
+ stream.SendReply(http.Header{}, rejectStream)
+ close(replySent)
+}
+
+// SetIdleTimeout sets the amount of time the connection may remain idle before
+// it is automatically closed.
+func (c *connection) SetIdleTimeout(timeout time.Duration) {
+ c.conn.SetIdleTimeout(timeout)
+}
+
+func (c *connection) sendPings(period time.Duration) {
+ t := time.NewTicker(period)
+ defer t.Stop()
+ for {
+ select {
+ case <-c.conn.CloseChan():
+ return
+ case <-t.C:
+ }
+ if _, err := c.ping(); err != nil {
+ klog.V(3).Infof("SPDY Ping failed: %v", err)
+ // Continue, in case this is a transient failure.
+ // c.conn.CloseChan above will tell us when the connection is
+ // actually closed.
+ }
+ }
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/roundtripper.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/roundtripper.go
new file mode 100644
index 000000000..c78326fa3
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/roundtripper.go
@@ -0,0 +1,399 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package spdy
+
+import (
+ "bufio"
+ "context"
+ "crypto/tls"
+ "encoding/base64"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "net/http"
+ "net/http/httputil"
+ "net/url"
+ "strings"
+ "time"
+
+ "golang.org/x/net/proxy"
+ apierrors "k8s.io/apimachinery/pkg/api/errors"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ utilnet "k8s.io/apimachinery/pkg/util/net"
+ apiproxy "k8s.io/apimachinery/pkg/util/proxy"
+ "k8s.io/apimachinery/third_party/forked/golang/netutil"
+)
+
+// SpdyRoundTripper knows how to upgrade an HTTP request to one that supports
+// multiplexed streams. After RoundTrip() is invoked, Conn will be set
+// and usable. SpdyRoundTripper implements the UpgradeRoundTripper interface.
+type SpdyRoundTripper struct {
+ //tlsConfig holds the TLS configuration settings to use when connecting
+ //to the remote server.
+ tlsConfig *tls.Config
+
+ /* TODO according to http://golang.org/pkg/net/http/#RoundTripper, a RoundTripper
+ must be safe for use by multiple concurrent goroutines. If this is absolutely
+ necessary, we could keep a map from http.Request to net.Conn. In practice,
+ a client will create an http.Client, set the transport to a new insteace of
+ SpdyRoundTripper, and use it a single time, so this hopefully won't be an issue.
+ */
+ // conn is the underlying network connection to the remote server.
+ conn net.Conn
+
+ // Dialer is the dialer used to connect. Used if non-nil.
+ Dialer *net.Dialer
+
+ // proxier knows which proxy to use given a request, defaults to http.ProxyFromEnvironment
+ // Used primarily for mocking the proxy discovery in tests.
+ proxier func(req *http.Request) (*url.URL, error)
+
+ // pingPeriod is a period for sending Ping frames over established
+ // connections.
+ pingPeriod time.Duration
+
+ // upgradeTransport is an optional substitute for dialing if present. This field is
+ // mutually exclusive with the "tlsConfig", "Dialer", and "proxier".
+ upgradeTransport http.RoundTripper
+}
+
+var _ utilnet.TLSClientConfigHolder = &SpdyRoundTripper{}
+var _ httpstream.UpgradeRoundTripper = &SpdyRoundTripper{}
+var _ utilnet.Dialer = &SpdyRoundTripper{}
+
+// NewRoundTripper creates a new SpdyRoundTripper that will use the specified
+// tlsConfig.
+func NewRoundTripper(tlsConfig *tls.Config) (*SpdyRoundTripper, error) {
+ return NewRoundTripperWithConfig(RoundTripperConfig{
+ TLS: tlsConfig,
+ UpgradeTransport: nil,
+ })
+}
+
+// NewRoundTripperWithProxy creates a new SpdyRoundTripper that will use the
+// specified tlsConfig and proxy func.
+func NewRoundTripperWithProxy(tlsConfig *tls.Config, proxier func(*http.Request) (*url.URL, error)) (*SpdyRoundTripper, error) {
+ return NewRoundTripperWithConfig(RoundTripperConfig{
+ TLS: tlsConfig,
+ Proxier: proxier,
+ UpgradeTransport: nil,
+ })
+}
+
+// NewRoundTripperWithConfig creates a new SpdyRoundTripper with the specified
+// configuration. Returns an error if the SpdyRoundTripper is misconfigured.
+func NewRoundTripperWithConfig(cfg RoundTripperConfig) (*SpdyRoundTripper, error) {
+ // Process UpgradeTransport, which is mutually exclusive to TLSConfig and Proxier.
+ if cfg.UpgradeTransport != nil {
+ if cfg.TLS != nil || cfg.Proxier != nil {
+ return nil, fmt.Errorf("SpdyRoundTripper: UpgradeTransport is mutually exclusive to TLSConfig or Proxier")
+ }
+ tlsConfig, err := utilnet.TLSClientConfig(cfg.UpgradeTransport)
+ if err != nil {
+ return nil, fmt.Errorf("SpdyRoundTripper: Unable to retrieve TLSConfig from UpgradeTransport: %v", err)
+ }
+ cfg.TLS = tlsConfig
+ }
+ if cfg.Proxier == nil {
+ cfg.Proxier = utilnet.NewProxierWithNoProxyCIDR(http.ProxyFromEnvironment)
+ }
+ return &SpdyRoundTripper{
+ tlsConfig: cfg.TLS,
+ proxier: cfg.Proxier,
+ pingPeriod: cfg.PingPeriod,
+ upgradeTransport: cfg.UpgradeTransport,
+ }, nil
+}
+
+// RoundTripperConfig is a set of options for an SpdyRoundTripper.
+type RoundTripperConfig struct {
+ // TLS configuration used by the round tripper if UpgradeTransport not present.
+ TLS *tls.Config
+ // Proxier is a proxy function invoked on each request. Optional.
+ Proxier func(*http.Request) (*url.URL, error)
+ // PingPeriod is a period for sending SPDY Pings on the connection.
+ // Optional.
+ PingPeriod time.Duration
+ // UpgradeTransport is a subtitute transport used for dialing. If set,
+ // this field will be used instead of "TLS" and "Proxier" for connection creation.
+ // Optional.
+ UpgradeTransport http.RoundTripper
+}
+
+// TLSClientConfig implements pkg/util/net.TLSClientConfigHolder for proper TLS checking during
+// proxying with a spdy roundtripper.
+func (s *SpdyRoundTripper) TLSClientConfig() *tls.Config {
+ return s.tlsConfig
+}
+
+// Dial implements k8s.io/apimachinery/pkg/util/net.Dialer.
+func (s *SpdyRoundTripper) Dial(req *http.Request) (net.Conn, error) {
+ var conn net.Conn
+ var err error
+ if s.upgradeTransport != nil {
+ conn, err = apiproxy.DialURL(req.Context(), req.URL, s.upgradeTransport)
+ } else {
+ conn, err = s.dial(req)
+ }
+ if err != nil {
+ return nil, err
+ }
+
+ if err := req.Write(conn); err != nil {
+ conn.Close()
+ return nil, err
+ }
+
+ return conn, nil
+}
+
+// dial dials the host specified by req, using TLS if appropriate, optionally
+// using a proxy server if one is configured via environment variables.
+func (s *SpdyRoundTripper) dial(req *http.Request) (net.Conn, error) {
+ proxyURL, err := s.proxier(req)
+ if err != nil {
+ return nil, err
+ }
+
+ if proxyURL == nil {
+ return s.dialWithoutProxy(req.Context(), req.URL)
+ }
+
+ switch proxyURL.Scheme {
+ case "socks5":
+ return s.dialWithSocks5Proxy(req, proxyURL)
+ case "https", "http", "":
+ return s.dialWithHttpProxy(req, proxyURL)
+ }
+
+ return nil, fmt.Errorf("proxy URL scheme not supported: %s", proxyURL.Scheme)
+}
+
+// dialWithHttpProxy dials the host specified by url through an http or an https proxy.
+func (s *SpdyRoundTripper) dialWithHttpProxy(req *http.Request, proxyURL *url.URL) (net.Conn, error) {
+ // ensure we use a canonical host with proxyReq
+ targetHost := netutil.CanonicalAddr(req.URL)
+
+ // proxying logic adapted from http://blog.h6t.eu/post/74098062923/golang-websocket-with-http-proxy-support
+ proxyReq := http.Request{
+ Method: "CONNECT",
+ URL: &url.URL{},
+ Host: targetHost,
+ }
+
+ proxyReq = *proxyReq.WithContext(req.Context())
+
+ if pa := s.proxyAuth(proxyURL); pa != "" {
+ proxyReq.Header = http.Header{}
+ proxyReq.Header.Set("Proxy-Authorization", pa)
+ }
+
+ proxyDialConn, err := s.dialWithoutProxy(proxyReq.Context(), proxyURL)
+ if err != nil {
+ return nil, err
+ }
+
+ //nolint:staticcheck // SA1019 ignore deprecated httputil.NewProxyClientConn
+ proxyClientConn := httputil.NewProxyClientConn(proxyDialConn, nil)
+ response, err := proxyClientConn.Do(&proxyReq)
+ //nolint:staticcheck // SA1019 ignore deprecated httputil.ErrPersistEOF: it might be
+ // returned from the invocation of proxyClientConn.Do
+ if err != nil && err != httputil.ErrPersistEOF {
+ return nil, err
+ }
+ if response != nil && response.StatusCode >= 300 || response.StatusCode < 200 {
+ return nil, fmt.Errorf("CONNECT request to %s returned response: %s", proxyURL.Redacted(), response.Status)
+ }
+
+ rwc, _ := proxyClientConn.Hijack()
+
+ if req.URL.Scheme == "https" {
+ return s.tlsConn(proxyReq.Context(), rwc, targetHost)
+ }
+ return rwc, nil
+}
+
+// dialWithSocks5Proxy dials the host specified by url through a socks5 proxy.
+func (s *SpdyRoundTripper) dialWithSocks5Proxy(req *http.Request, proxyURL *url.URL) (net.Conn, error) {
+ // ensure we use a canonical host with proxyReq
+ targetHost := netutil.CanonicalAddr(req.URL)
+ proxyDialAddr := netutil.CanonicalAddr(proxyURL)
+
+ var auth *proxy.Auth
+ if proxyURL.User != nil {
+ pass, _ := proxyURL.User.Password()
+ auth = &proxy.Auth{
+ User: proxyURL.User.Username(),
+ Password: pass,
+ }
+ }
+
+ dialer := s.Dialer
+ if dialer == nil {
+ dialer = &net.Dialer{
+ Timeout: 30 * time.Second,
+ }
+ }
+
+ proxyDialer, err := proxy.SOCKS5("tcp", proxyDialAddr, auth, dialer)
+ if err != nil {
+ return nil, err
+ }
+
+ // According to the implementation of proxy.SOCKS5, the type assertion will always succeed
+ contextDialer, ok := proxyDialer.(proxy.ContextDialer)
+ if !ok {
+ return nil, errors.New("SOCKS5 Dialer must implement ContextDialer")
+ }
+
+ proxyDialConn, err := contextDialer.DialContext(req.Context(), "tcp", targetHost)
+ if err != nil {
+ return nil, err
+ }
+
+ if req.URL.Scheme == "https" {
+ return s.tlsConn(req.Context(), proxyDialConn, targetHost)
+ }
+ return proxyDialConn, nil
+}
+
+// tlsConn returns a TLS client side connection using rwc as the underlying transport.
+func (s *SpdyRoundTripper) tlsConn(ctx context.Context, rwc net.Conn, targetHost string) (net.Conn, error) {
+
+ host, _, err := net.SplitHostPort(targetHost)
+ if err != nil {
+ return nil, err
+ }
+
+ tlsConfig := s.tlsConfig
+ switch {
+ case tlsConfig == nil:
+ tlsConfig = &tls.Config{ServerName: host}
+ case len(tlsConfig.ServerName) == 0:
+ tlsConfig = tlsConfig.Clone()
+ tlsConfig.ServerName = host
+ }
+
+ tlsConn := tls.Client(rwc, tlsConfig)
+
+ if err := tlsConn.HandshakeContext(ctx); err != nil {
+ tlsConn.Close()
+ return nil, err
+ }
+
+ return tlsConn, nil
+}
+
+// dialWithoutProxy dials the host specified by url, using TLS if appropriate.
+func (s *SpdyRoundTripper) dialWithoutProxy(ctx context.Context, url *url.URL) (net.Conn, error) {
+ dialAddr := netutil.CanonicalAddr(url)
+ dialer := s.Dialer
+ if dialer == nil {
+ dialer = &net.Dialer{}
+ }
+
+ if url.Scheme == "http" {
+ return dialer.DialContext(ctx, "tcp", dialAddr)
+ }
+
+ tlsDialer := tls.Dialer{
+ NetDialer: dialer,
+ Config: s.tlsConfig,
+ }
+ return tlsDialer.DialContext(ctx, "tcp", dialAddr)
+}
+
+// proxyAuth returns, for a given proxy URL, the value to be used for the Proxy-Authorization header
+func (s *SpdyRoundTripper) proxyAuth(proxyURL *url.URL) string {
+ if proxyURL == nil || proxyURL.User == nil {
+ return ""
+ }
+ username := proxyURL.User.Username()
+ password, _ := proxyURL.User.Password()
+ auth := username + ":" + password
+ return "Basic " + base64.StdEncoding.EncodeToString([]byte(auth))
+}
+
+// RoundTrip executes the Request and upgrades it. After a successful upgrade,
+// clients may call SpdyRoundTripper.Connection() to retrieve the upgraded
+// connection.
+func (s *SpdyRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+ req = utilnet.CloneRequest(req)
+ req.Header.Add(httpstream.HeaderConnection, httpstream.HeaderUpgrade)
+ req.Header.Add(httpstream.HeaderUpgrade, HeaderSpdy31)
+
+ conn, err := s.Dial(req)
+ if err != nil {
+ return nil, err
+ }
+
+ responseReader := bufio.NewReader(conn)
+
+ resp, err := http.ReadResponse(responseReader, nil)
+ if err != nil {
+ conn.Close()
+ return nil, err
+ }
+
+ s.conn = conn
+
+ return resp, nil
+}
+
+// NewConnection validates the upgrade response, creating and returning a new
+// httpstream.Connection if there were no errors.
+func (s *SpdyRoundTripper) NewConnection(resp *http.Response) (httpstream.Connection, error) {
+ connectionHeader := strings.ToLower(resp.Header.Get(httpstream.HeaderConnection))
+ upgradeHeader := strings.ToLower(resp.Header.Get(httpstream.HeaderUpgrade))
+ if (resp.StatusCode != http.StatusSwitchingProtocols) || !strings.Contains(connectionHeader, strings.ToLower(httpstream.HeaderUpgrade)) || !strings.Contains(upgradeHeader, strings.ToLower(HeaderSpdy31)) {
+ defer resp.Body.Close()
+ responseError := ""
+ responseErrorBytes, err := io.ReadAll(resp.Body)
+ if err != nil {
+ responseError = "unable to read error from server response"
+ } else {
+ // TODO: I don't belong here, I should be abstracted from this class
+ if obj, _, err := statusCodecs.UniversalDecoder().Decode(responseErrorBytes, nil, &metav1.Status{}); err == nil {
+ if status, ok := obj.(*metav1.Status); ok {
+ return nil, &apierrors.StatusError{ErrStatus: *status}
+ }
+ }
+ responseError = string(responseErrorBytes)
+ responseError = strings.TrimSpace(responseError)
+ }
+
+ return nil, fmt.Errorf("unable to upgrade connection: %s", responseError)
+ }
+
+ return NewClientConnectionWithPings(s.conn, s.pingPeriod)
+}
+
+// statusScheme is private scheme for the decoding here until someone fixes the TODO in NewConnection
+var statusScheme = runtime.NewScheme()
+
+// ParameterCodec knows about query parameters used with the meta v1 API spec.
+var statusCodecs = serializer.NewCodecFactory(statusScheme)
+
+func init() {
+ statusScheme.AddUnversionedTypes(metav1.SchemeGroupVersion,
+ &metav1.Status{},
+ )
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/upgrade.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/upgrade.go
new file mode 100644
index 000000000..d30ae2fa3
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/spdy/upgrade.go
@@ -0,0 +1,120 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package spdy
+
+import (
+ "bufio"
+ "fmt"
+ "io"
+ "net"
+ "net/http"
+ "strings"
+ "sync/atomic"
+ "time"
+
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/apimachinery/pkg/util/runtime"
+)
+
+const HeaderSpdy31 = "SPDY/3.1"
+
+// responseUpgrader knows how to upgrade HTTP responses. It
+// implements the httpstream.ResponseUpgrader interface.
+type responseUpgrader struct {
+ pingPeriod time.Duration
+}
+
+// connWrapper is used to wrap a hijacked connection and its bufio.Reader. All
+// calls will be handled directly by the underlying net.Conn with the exception
+// of Read and Close calls, which will consider data in the bufio.Reader. This
+// ensures that data already inside the used bufio.Reader instance is also
+// read.
+type connWrapper struct {
+ net.Conn
+ closed int32
+ bufReader *bufio.Reader
+}
+
+func (w *connWrapper) Read(b []byte) (n int, err error) {
+ if atomic.LoadInt32(&w.closed) == 1 {
+ return 0, io.EOF
+ }
+ return w.bufReader.Read(b)
+}
+
+func (w *connWrapper) Close() error {
+ err := w.Conn.Close()
+ atomic.StoreInt32(&w.closed, 1)
+ return err
+}
+
+// NewResponseUpgrader returns a new httpstream.ResponseUpgrader that is
+// capable of upgrading HTTP responses using SPDY/3.1 via the
+// spdystream package.
+func NewResponseUpgrader() httpstream.ResponseUpgrader {
+ return NewResponseUpgraderWithPings(0)
+}
+
+// NewResponseUpgraderWithPings returns a new httpstream.ResponseUpgrader that
+// is capable of upgrading HTTP responses using SPDY/3.1 via the spdystream
+// package.
+//
+// If pingPeriod is non-zero, for each incoming connection a background
+// goroutine will send periodic Ping frames to the server. Use this to keep
+// idle connections through certain load balancers alive longer.
+func NewResponseUpgraderWithPings(pingPeriod time.Duration) httpstream.ResponseUpgrader {
+ return responseUpgrader{pingPeriod: pingPeriod}
+}
+
+// UpgradeResponse upgrades an HTTP response to one that supports multiplexed
+// streams. newStreamHandler will be called synchronously whenever the
+// other end of the upgraded connection creates a new stream.
+func (u responseUpgrader) UpgradeResponse(w http.ResponseWriter, req *http.Request, newStreamHandler httpstream.NewStreamHandler) httpstream.Connection {
+ connectionHeader := strings.ToLower(req.Header.Get(httpstream.HeaderConnection))
+ upgradeHeader := strings.ToLower(req.Header.Get(httpstream.HeaderUpgrade))
+ if !strings.Contains(connectionHeader, strings.ToLower(httpstream.HeaderUpgrade)) || !strings.Contains(upgradeHeader, strings.ToLower(HeaderSpdy31)) {
+ errorMsg := fmt.Sprintf("unable to upgrade: missing upgrade headers in request: %#v", req.Header)
+ http.Error(w, errorMsg, http.StatusBadRequest)
+ return nil
+ }
+
+ hijacker, ok := w.(http.Hijacker)
+ if !ok {
+ errorMsg := "unable to upgrade: unable to hijack response"
+ http.Error(w, errorMsg, http.StatusInternalServerError)
+ return nil
+ }
+
+ w.Header().Add(httpstream.HeaderConnection, httpstream.HeaderUpgrade)
+ w.Header().Add(httpstream.HeaderUpgrade, HeaderSpdy31)
+ w.WriteHeader(http.StatusSwitchingProtocols)
+
+ conn, bufrw, err := hijacker.Hijack()
+ if err != nil {
+ runtime.HandleError(fmt.Errorf("unable to upgrade: error hijacking response: %v", err))
+ return nil
+ }
+
+ connWithBuf := &connWrapper{Conn: conn, bufReader: bufrw.Reader}
+ spdyConn, err := NewServerConnectionWithPings(connWithBuf, newStreamHandler, u.pingPeriod)
+ if err != nil {
+ runtime.HandleError(fmt.Errorf("unable to upgrade: error creating SPDY server connection: %v", err))
+ return nil
+ }
+
+ return spdyConn
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/conn.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/conn.go
new file mode 100644
index 000000000..2e477fee2
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/conn.go
@@ -0,0 +1,452 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package wsstream
+
+import (
+ "encoding/base64"
+ "fmt"
+ "io"
+ "net/http"
+ "strings"
+ "time"
+
+ "golang.org/x/net/websocket"
+
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/apimachinery/pkg/util/portforward"
+ "k8s.io/apimachinery/pkg/util/remotecommand"
+ "k8s.io/apimachinery/pkg/util/runtime"
+ "k8s.io/klog/v2"
+)
+
+const WebSocketProtocolHeader = "Sec-Websocket-Protocol"
+
+// The Websocket subprotocol "channel.k8s.io" prepends each binary message with a byte indicating
+// the channel number (zero indexed) the message was sent on. Messages in both directions should
+// prefix their messages with this channel byte. When used for remote execution, the channel numbers
+// are by convention defined to match the POSIX file-descriptors assigned to STDIN, STDOUT, and STDERR
+// (0, 1, and 2). No other conversion is performed on the raw subprotocol - writes are sent as they
+// are received by the server.
+//
+// Example client session:
+//
+// CONNECT http://server.com with subprotocol "channel.k8s.io"
+// WRITE []byte{0, 102, 111, 111, 10} # send "foo\n" on channel 0 (STDIN)
+// READ []byte{1, 10} # receive "\n" on channel 1 (STDOUT)
+// CLOSE
+const ChannelWebSocketProtocol = "channel.k8s.io"
+
+// The Websocket subprotocol "base64.channel.k8s.io" base64 encodes each message with a character
+// indicating the channel number (zero indexed) the message was sent on. Messages in both directions
+// should prefix their messages with this channel char. When used for remote execution, the channel
+// numbers are by convention defined to match the POSIX file-descriptors assigned to STDIN, STDOUT,
+// and STDERR ('0', '1', and '2'). The data received on the server is base64 decoded (and must be
+// be valid) and data written by the server to the client is base64 encoded.
+//
+// Example client session:
+//
+// CONNECT http://server.com with subprotocol "base64.channel.k8s.io"
+// WRITE []byte{48, 90, 109, 57, 118, 67, 103, 111, 61} # send "foo\n" (base64: "Zm9vCgo=") on channel '0' (STDIN)
+// READ []byte{49, 67, 103, 61, 61} # receive "\n" (base64: "Cg==") on channel '1' (STDOUT)
+// CLOSE
+const Base64ChannelWebSocketProtocol = "base64.channel.k8s.io"
+
+type codecType int
+
+const (
+ rawCodec codecType = iota
+ base64Codec
+)
+
+type ChannelType int
+
+const (
+ IgnoreChannel ChannelType = iota
+ ReadChannel
+ WriteChannel
+ ReadWriteChannel
+)
+
+// IsWebSocketRequest returns true if the incoming request contains connection upgrade headers
+// for WebSockets.
+func IsWebSocketRequest(req *http.Request) bool {
+ if !strings.EqualFold(req.Header.Get("Upgrade"), "websocket") {
+ return false
+ }
+ return httpstream.IsUpgradeRequest(req)
+}
+
+// IsWebSocketRequestWithStreamCloseProtocol returns true if the request contains headers
+// identifying that it is requesting a websocket upgrade with a remotecommand protocol
+// version that supports the "CLOSE" signal; false otherwise.
+func IsWebSocketRequestWithStreamCloseProtocol(req *http.Request) bool {
+ if !IsWebSocketRequest(req) {
+ return false
+ }
+ requestedProtocols := strings.TrimSpace(req.Header.Get(WebSocketProtocolHeader))
+ for _, requestedProtocol := range strings.Split(requestedProtocols, ",") {
+ if protocolSupportsStreamClose(strings.TrimSpace(requestedProtocol)) {
+ return true
+ }
+ }
+
+ return false
+}
+
+// IsWebSocketRequestWithTunnelingProtocol returns true if the request contains headers
+// identifying that it is requesting a websocket upgrade with a tunneling protocol;
+// false otherwise.
+func IsWebSocketRequestWithTunnelingProtocol(req *http.Request) bool {
+ if !IsWebSocketRequest(req) {
+ return false
+ }
+ requestedProtocols := strings.TrimSpace(req.Header.Get(WebSocketProtocolHeader))
+ for _, requestedProtocol := range strings.Split(requestedProtocols, ",") {
+ if protocolSupportsWebsocketTunneling(strings.TrimSpace(requestedProtocol)) {
+ return true
+ }
+ }
+
+ return false
+}
+
+// IgnoreReceives reads from a WebSocket until it is closed, then returns. If timeout is set, the
+// read and write deadlines are pushed every time a new message is received.
+func IgnoreReceives(ws *websocket.Conn, timeout time.Duration) {
+ defer runtime.HandleCrash()
+ var data []byte
+ for {
+ resetTimeout(ws, timeout)
+ if err := websocket.Message.Receive(ws, &data); err != nil {
+ return
+ }
+ }
+}
+
+// handshake ensures the provided user protocol matches one of the allowed protocols. It returns
+// no error if no protocol is specified.
+func handshake(config *websocket.Config, req *http.Request, allowed []string) error {
+ protocols := config.Protocol
+ if len(protocols) == 0 {
+ protocols = []string{""}
+ }
+
+ for _, protocol := range protocols {
+ for _, allow := range allowed {
+ if allow == protocol {
+ config.Protocol = []string{protocol}
+ return nil
+ }
+ }
+ }
+
+ return fmt.Errorf("requested protocol(s) are not supported: %v; supports %v", config.Protocol, allowed)
+}
+
+// ChannelProtocolConfig describes a websocket subprotocol with channels.
+type ChannelProtocolConfig struct {
+ Binary bool
+ Channels []ChannelType
+}
+
+// NewDefaultChannelProtocols returns a channel protocol map with the
+// subprotocols "", "channel.k8s.io", "base64.channel.k8s.io" and the given
+// channels.
+func NewDefaultChannelProtocols(channels []ChannelType) map[string]ChannelProtocolConfig {
+ return map[string]ChannelProtocolConfig{
+ "": {Binary: true, Channels: channels},
+ ChannelWebSocketProtocol: {Binary: true, Channels: channels},
+ Base64ChannelWebSocketProtocol: {Binary: false, Channels: channels},
+ }
+}
+
+// Conn supports sending multiple binary channels over a websocket connection.
+type Conn struct {
+ protocols map[string]ChannelProtocolConfig
+ selectedProtocol string
+ channels []*websocketChannel
+ codec codecType
+ ready chan struct{}
+ ws *websocket.Conn
+ timeout time.Duration
+}
+
+// NewConn creates a WebSocket connection that supports a set of channels. Channels begin each
+// web socket message with a single byte indicating the channel number (0-N). 255 is reserved for
+// future use. The channel types for each channel are passed as an array, supporting the different
+// duplex modes. Read and Write refer to whether the channel can be used as a Reader or Writer.
+//
+// The protocols parameter maps subprotocol names to ChannelProtocols. The empty string subprotocol
+// name is used if websocket.Config.Protocol is empty.
+func NewConn(protocols map[string]ChannelProtocolConfig) *Conn {
+ return &Conn{
+ ready: make(chan struct{}),
+ protocols: protocols,
+ }
+}
+
+// SetIdleTimeout sets the interval for both reads and writes before timeout. If not specified,
+// there is no timeout on the connection.
+func (conn *Conn) SetIdleTimeout(duration time.Duration) {
+ conn.timeout = duration
+}
+
+// SetWriteDeadline sets a timeout on writing to the websocket connection. The
+// passed "duration" identifies how far into the future the write must complete
+// by before the timeout fires.
+func (conn *Conn) SetWriteDeadline(duration time.Duration) {
+ conn.ws.SetWriteDeadline(time.Now().Add(duration)) //nolint:errcheck
+}
+
+// Open the connection and create channels for reading and writing. It returns
+// the selected subprotocol, a slice of channels and an error.
+func (conn *Conn) Open(w http.ResponseWriter, req *http.Request) (string, []io.ReadWriteCloser, error) {
+ // serveHTTPComplete is channel that is closed/selected when "websocket#ServeHTTP" finishes.
+ serveHTTPComplete := make(chan struct{})
+ // Ensure panic in spawned goroutine is propagated into the parent goroutine.
+ panicChan := make(chan any, 1)
+ go func() {
+ // If websocket server returns, propagate panic if necessary. Otherwise,
+ // signal HTTPServe finished by closing "serveHTTPComplete".
+ defer func() {
+ if p := recover(); p != nil {
+ panicChan <- p
+ } else {
+ close(serveHTTPComplete)
+ }
+ }()
+ websocket.Server{Handshake: conn.handshake, Handler: conn.handle}.ServeHTTP(w, req)
+ }()
+
+ // In normal circumstances, "websocket.Server#ServeHTTP" calls "initialize" which closes
+ // "conn.ready" and then blocks until serving is complete.
+ select {
+ case <-conn.ready:
+ klog.V(8).Infof("websocket server initialized--serving")
+ case <-serveHTTPComplete:
+ // websocket server returned before completing initialization; cleanup and return error.
+ conn.closeNonThreadSafe() //nolint:errcheck
+ return "", nil, fmt.Errorf("websocket server finished before becoming ready")
+ case p := <-panicChan:
+ panic(p)
+ }
+
+ rwc := make([]io.ReadWriteCloser, len(conn.channels))
+ for i := range conn.channels {
+ rwc[i] = conn.channels[i]
+ }
+ return conn.selectedProtocol, rwc, nil
+}
+
+func (conn *Conn) initialize(ws *websocket.Conn) {
+ negotiated := ws.Config().Protocol
+ conn.selectedProtocol = negotiated[0]
+ p := conn.protocols[conn.selectedProtocol]
+ if p.Binary {
+ conn.codec = rawCodec
+ } else {
+ conn.codec = base64Codec
+ }
+ conn.ws = ws
+ conn.channels = make([]*websocketChannel, len(p.Channels))
+ for i, t := range p.Channels {
+ switch t {
+ case ReadChannel:
+ conn.channels[i] = newWebsocketChannel(conn, byte(i), true, false)
+ case WriteChannel:
+ conn.channels[i] = newWebsocketChannel(conn, byte(i), false, true)
+ case ReadWriteChannel:
+ conn.channels[i] = newWebsocketChannel(conn, byte(i), true, true)
+ case IgnoreChannel:
+ conn.channels[i] = newWebsocketChannel(conn, byte(i), false, false)
+ }
+ }
+
+ close(conn.ready)
+}
+
+func (conn *Conn) handshake(config *websocket.Config, req *http.Request) error {
+ supportedProtocols := make([]string, 0, len(conn.protocols))
+ for p := range conn.protocols {
+ supportedProtocols = append(supportedProtocols, p)
+ }
+ return handshake(config, req, supportedProtocols)
+}
+
+func (conn *Conn) resetTimeout() {
+ if conn.timeout > 0 {
+ conn.ws.SetDeadline(time.Now().Add(conn.timeout))
+ }
+}
+
+// closeNonThreadSafe cleans up by closing streams and the websocket
+// connection *without* waiting for the "ready" channel.
+func (conn *Conn) closeNonThreadSafe() error {
+ for _, s := range conn.channels {
+ s.Close()
+ }
+ var err error
+ if conn.ws != nil {
+ err = conn.ws.Close()
+ }
+ return err
+}
+
+// Close is only valid after Open has been called
+func (conn *Conn) Close() error {
+ <-conn.ready
+ return conn.closeNonThreadSafe()
+}
+
+// protocolSupportsStreamClose returns true if the passed protocol
+// supports the stream close signal (currently only V5 remotecommand);
+// false otherwise.
+func protocolSupportsStreamClose(protocol string) bool {
+ return protocol == remotecommand.StreamProtocolV5Name
+}
+
+// protocolSupportsWebsocketTunneling returns true if the passed protocol
+// is a tunneled Kubernetes spdy protocol; false otherwise.
+func protocolSupportsWebsocketTunneling(protocol string) bool {
+ return strings.HasPrefix(protocol, portforward.WebsocketsSPDYTunnelingPrefix) && strings.HasSuffix(protocol, portforward.KubernetesSuffix)
+}
+
+// handle implements a websocket handler.
+func (conn *Conn) handle(ws *websocket.Conn) {
+ conn.initialize(ws)
+ defer conn.Close()
+ supportsStreamClose := protocolSupportsStreamClose(conn.selectedProtocol)
+
+ for {
+ conn.resetTimeout()
+ var data []byte
+ if err := websocket.Message.Receive(ws, &data); err != nil {
+ if err != io.EOF {
+ klog.Errorf("Error on socket receive: %v", err)
+ }
+ break
+ }
+ if len(data) == 0 {
+ continue
+ }
+ if supportsStreamClose && data[0] == remotecommand.StreamClose {
+ if len(data) != 2 {
+ klog.Errorf("Single channel byte should follow stream close signal. Got %d bytes", len(data)-1)
+ break
+ } else {
+ channel := data[1]
+ if int(channel) >= len(conn.channels) {
+ klog.Errorf("Close is targeted for a channel %d that is not valid, possible protocol error", channel)
+ break
+ }
+ klog.V(4).Infof("Received half-close signal from client; close %d stream", channel)
+ conn.channels[channel].Close() // After first Close, other closes are noop.
+ }
+ continue
+ }
+ channel := data[0]
+ if conn.codec == base64Codec {
+ channel = channel - '0'
+ }
+ data = data[1:]
+ if int(channel) >= len(conn.channels) {
+ klog.V(6).Infof("Frame is targeted for a reader %d that is not valid, possible protocol error", channel)
+ continue
+ }
+ if _, err := conn.channels[channel].DataFromSocket(data); err != nil {
+ klog.Errorf("Unable to write frame (%d bytes) to %d: %v", len(data), channel, err)
+ continue
+ }
+ }
+}
+
+// write multiplexes the specified channel onto the websocket
+func (conn *Conn) write(num byte, data []byte) (int, error) {
+ conn.resetTimeout()
+ switch conn.codec {
+ case rawCodec:
+ frame := make([]byte, len(data)+1)
+ frame[0] = num
+ copy(frame[1:], data)
+ if err := websocket.Message.Send(conn.ws, frame); err != nil {
+ return 0, err
+ }
+ case base64Codec:
+ frame := string('0'+num) + base64.StdEncoding.EncodeToString(data)
+ if err := websocket.Message.Send(conn.ws, frame); err != nil {
+ return 0, err
+ }
+ }
+ return len(data), nil
+}
+
+// websocketChannel represents a channel in a connection
+type websocketChannel struct {
+ conn *Conn
+ num byte
+ r io.Reader
+ w io.WriteCloser
+
+ read, write bool
+}
+
+// newWebsocketChannel creates a pipe for writing to a websocket. Do not write to this pipe
+// prior to the connection being opened. It may be no, half, or full duplex depending on
+// read and write.
+func newWebsocketChannel(conn *Conn, num byte, read, write bool) *websocketChannel {
+ r, w := io.Pipe()
+ return &websocketChannel{conn, num, r, w, read, write}
+}
+
+func (p *websocketChannel) Write(data []byte) (int, error) {
+ if !p.write {
+ return len(data), nil
+ }
+ return p.conn.write(p.num, data)
+}
+
+// DataFromSocket is invoked by the connection receiver to move data from the connection
+// into a specific channel.
+func (p *websocketChannel) DataFromSocket(data []byte) (int, error) {
+ if !p.read {
+ return len(data), nil
+ }
+
+ switch p.conn.codec {
+ case rawCodec:
+ return p.w.Write(data)
+ case base64Codec:
+ dst := make([]byte, len(data))
+ n, err := base64.StdEncoding.Decode(dst, data)
+ if err != nil {
+ return 0, err
+ }
+ return p.w.Write(dst[:n])
+ }
+ return 0, nil
+}
+
+func (p *websocketChannel) Read(data []byte) (int, error) {
+ if !p.read {
+ return 0, io.EOF
+ }
+ return p.r.Read(data)
+}
+
+func (p *websocketChannel) Close() error {
+ return p.w.Close()
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/doc.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/doc.go
new file mode 100644
index 000000000..3dd6f828b
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/doc.go
@@ -0,0 +1,69 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package wsstream contains utilities for streaming content over WebSockets.
+// The Conn type allows callers to multiplex multiple read/write channels over
+// a single websocket.
+//
+// "channel.k8s.io"
+//
+// The Websocket RemoteCommand subprotocol "channel.k8s.io" prepends each binary message with a
+// byte indicating the channel number (zero indexed) the message was sent on. Messages in both
+// directions should prefix their messages with this channel byte. Used for remote execution,
+// the channel numbers are by convention defined to match the POSIX file-descriptors assigned
+// to STDIN, STDOUT, and STDERR (0, 1, and 2). No other conversion is performed on the raw
+// subprotocol - writes are sent as they are received by the server.
+//
+// Example client session:
+//
+// CONNECT http://server.com with subprotocol "channel.k8s.io"
+// WRITE []byte{0, 102, 111, 111, 10} # send "foo\n" on channel 0 (STDIN)
+// READ []byte{1, 10} # receive "\n" on channel 1 (STDOUT)
+// CLOSE
+//
+// "v2.channel.k8s.io"
+//
+// The second Websocket subprotocol version "v2.channel.k8s.io" is the same as version 1,
+// but it is the first "versioned" subprotocol.
+//
+// "v3.channel.k8s.io"
+//
+// The third version of the Websocket RemoteCommand subprotocol adds another channel
+// for terminal resizing events. This channel is prepended with the byte '3', and it
+// transmits two window sizes (encoding TerminalSize struct) with integers in the range
+// (0,65536].
+//
+// "v4.channel.k8s.io"
+//
+// The fourth version of the Websocket RemoteCommand subprotocol adds a channel for
+// errors. This channel returns structured errors containing process exit codes. The
+// error is "apierrors.StatusError{}".
+//
+// "v5.channel.k8s.io"
+//
+// The fifth version of the Websocket RemoteCommand subprotocol adds a CLOSE signal,
+// which is sent as the first byte of the message. The second byte is the channel
+// id. This CLOSE signal is handled by the websocket server by closing the stream,
+// allowing the other streams to complete transmission if necessary, and gracefully
+// shutdown the connection.
+//
+// Example client session:
+//
+// CONNECT http://server.com with subprotocol "v5.channel.k8s.io"
+// WRITE []byte{0, 102, 111, 111, 10} # send "foo\n" on channel 0 (STDIN)
+// WRITE []byte{255, 0} # send CLOSE signal (STDIN)
+// CLOSE
+package wsstream // import "k8s.io/apimachinery/pkg/util/httpstream/wsstream"
diff --git a/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/stream.go b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/stream.go
new file mode 100644
index 000000000..ba7e6a519
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/httpstream/wsstream/stream.go
@@ -0,0 +1,177 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package wsstream
+
+import (
+ "encoding/base64"
+ "io"
+ "net/http"
+ "sync"
+ "time"
+
+ "golang.org/x/net/websocket"
+
+ "k8s.io/apimachinery/pkg/util/runtime"
+)
+
+// The WebSocket subprotocol "binary.k8s.io" will only send messages to the
+// client and ignore messages sent to the server. The received messages are
+// the exact bytes written to the stream. Zero byte messages are possible.
+const binaryWebSocketProtocol = "binary.k8s.io"
+
+// The WebSocket subprotocol "base64.binary.k8s.io" will only send messages to the
+// client and ignore messages sent to the server. The received messages are
+// a base64 version of the bytes written to the stream. Zero byte messages are
+// possible.
+const base64BinaryWebSocketProtocol = "base64.binary.k8s.io"
+
+// ReaderProtocolConfig describes a websocket subprotocol with one stream.
+type ReaderProtocolConfig struct {
+ Binary bool
+}
+
+// NewDefaultReaderProtocols returns a stream protocol map with the
+// subprotocols "", "channel.k8s.io", "base64.channel.k8s.io".
+func NewDefaultReaderProtocols() map[string]ReaderProtocolConfig {
+ return map[string]ReaderProtocolConfig{
+ "": {Binary: true},
+ binaryWebSocketProtocol: {Binary: true},
+ base64BinaryWebSocketProtocol: {Binary: false},
+ }
+}
+
+// Reader supports returning an arbitrary byte stream over a websocket channel.
+type Reader struct {
+ err chan error
+ r io.Reader
+ ping bool
+ timeout time.Duration
+ protocols map[string]ReaderProtocolConfig
+ selectedProtocol string
+
+ handleCrash func(additionalHandlers ...func(interface{})) // overridable for testing
+}
+
+// NewReader creates a WebSocket pipe that will copy the contents of r to a provided
+// WebSocket connection. If ping is true, a zero length message will be sent to the client
+// before the stream begins reading.
+//
+// The protocols parameter maps subprotocol names to StreamProtocols. The empty string
+// subprotocol name is used if websocket.Config.Protocol is empty.
+func NewReader(r io.Reader, ping bool, protocols map[string]ReaderProtocolConfig) *Reader {
+ return &Reader{
+ r: r,
+ err: make(chan error),
+ ping: ping,
+ protocols: protocols,
+ handleCrash: runtime.HandleCrash,
+ }
+}
+
+// SetIdleTimeout sets the interval for both reads and writes before timeout. If not specified,
+// there is no timeout on the reader.
+func (r *Reader) SetIdleTimeout(duration time.Duration) {
+ r.timeout = duration
+}
+
+func (r *Reader) handshake(config *websocket.Config, req *http.Request) error {
+ supportedProtocols := make([]string, 0, len(r.protocols))
+ for p := range r.protocols {
+ supportedProtocols = append(supportedProtocols, p)
+ }
+ return handshake(config, req, supportedProtocols)
+}
+
+// Copy the reader to the response. The created WebSocket is closed after this
+// method completes.
+func (r *Reader) Copy(w http.ResponseWriter, req *http.Request) error {
+ go func() {
+ defer r.handleCrash()
+ websocket.Server{Handshake: r.handshake, Handler: r.handle}.ServeHTTP(w, req)
+ }()
+ return <-r.err
+}
+
+// handle implements a WebSocket handler.
+func (r *Reader) handle(ws *websocket.Conn) {
+ // Close the connection when the client requests it, or when we finish streaming, whichever happens first
+ closeConnOnce := &sync.Once{}
+ closeConn := func() {
+ closeConnOnce.Do(func() {
+ ws.Close()
+ })
+ }
+
+ negotiated := ws.Config().Protocol
+ r.selectedProtocol = negotiated[0]
+ defer close(r.err)
+ defer closeConn()
+
+ go func() {
+ defer runtime.HandleCrash()
+ // This blocks until the connection is closed.
+ // Client should not send anything.
+ IgnoreReceives(ws, r.timeout)
+ // Once the client closes, we should also close
+ closeConn()
+ }()
+
+ r.err <- messageCopy(ws, r.r, !r.protocols[r.selectedProtocol].Binary, r.ping, r.timeout)
+}
+
+func resetTimeout(ws *websocket.Conn, timeout time.Duration) {
+ if timeout > 0 {
+ ws.SetDeadline(time.Now().Add(timeout))
+ }
+}
+
+func messageCopy(ws *websocket.Conn, r io.Reader, base64Encode, ping bool, timeout time.Duration) error {
+ buf := make([]byte, 2048)
+ if ping {
+ resetTimeout(ws, timeout)
+ if base64Encode {
+ if err := websocket.Message.Send(ws, ""); err != nil {
+ return err
+ }
+ } else {
+ if err := websocket.Message.Send(ws, []byte{}); err != nil {
+ return err
+ }
+ }
+ }
+ for {
+ resetTimeout(ws, timeout)
+ n, err := r.Read(buf)
+ if err != nil {
+ if err == io.EOF {
+ return nil
+ }
+ return err
+ }
+ if n > 0 {
+ if base64Encode {
+ if err := websocket.Message.Send(ws, base64.StdEncoding.EncodeToString(buf[:n])); err != nil {
+ return err
+ }
+ } else {
+ if err := websocket.Message.Send(ws, buf[:n]); err != nil {
+ return err
+ }
+ }
+ }
+ }
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/portforward/constants.go b/vendor/k8s.io/apimachinery/pkg/util/portforward/constants.go
new file mode 100644
index 000000000..685328815
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/portforward/constants.go
@@ -0,0 +1,24 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package portforward
+
+const (
+ PortForwardV1Name = "portforward.k8s.io"
+ WebsocketsSPDYTunnelingPrefix = "SPDY/3.1+"
+ KubernetesSuffix = ".k8s.io"
+ WebsocketsSPDYTunnelingPortForwardV1 = WebsocketsSPDYTunnelingPrefix + PortForwardV1Name
+)
diff --git a/vendor/k8s.io/apimachinery/pkg/util/proxy/dial.go b/vendor/k8s.io/apimachinery/pkg/util/proxy/dial.go
new file mode 100644
index 000000000..e5196d1ee
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/proxy/dial.go
@@ -0,0 +1,122 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package proxy
+
+import (
+ "context"
+ "crypto/tls"
+ "fmt"
+ "net"
+ "net/http"
+ "net/url"
+
+ utilnet "k8s.io/apimachinery/pkg/util/net"
+ "k8s.io/apimachinery/third_party/forked/golang/netutil"
+ "k8s.io/klog/v2"
+)
+
+// DialURL will dial the specified URL using the underlying dialer held by the passed
+// RoundTripper. The primary use of this method is to support proxying upgradable connections.
+// For this reason this method will prefer to negotiate http/1.1 if the URL scheme is https.
+// If you wish to ensure ALPN negotiates http2 then set NextProto=[]string{"http2"} in the
+// TLSConfig of the http.Transport
+func DialURL(ctx context.Context, url *url.URL, transport http.RoundTripper) (net.Conn, error) {
+ dialAddr := netutil.CanonicalAddr(url)
+
+ dialer, err := utilnet.DialerFor(transport)
+ if err != nil {
+ klog.V(5).Infof("Unable to unwrap transport %T to get dialer: %v", transport, err)
+ }
+
+ switch url.Scheme {
+ case "http":
+ if dialer != nil {
+ return dialer(ctx, "tcp", dialAddr)
+ }
+ var d net.Dialer
+ return d.DialContext(ctx, "tcp", dialAddr)
+ case "https":
+ // Get the tls config from the transport if we recognize it
+ tlsConfig, err := utilnet.TLSClientConfig(transport)
+ if err != nil {
+ klog.V(5).Infof("Unable to unwrap transport %T to get at TLS config: %v", transport, err)
+ }
+
+ if dialer != nil {
+ // We have a dialer; use it to open the connection, then
+ // create a tls client using the connection.
+ netConn, err := dialer(ctx, "tcp", dialAddr)
+ if err != nil {
+ return nil, err
+ }
+ if tlsConfig == nil {
+ // tls.Client requires non-nil config
+ klog.Warning("using custom dialer with no TLSClientConfig. Defaulting to InsecureSkipVerify")
+ // tls.Handshake() requires ServerName or InsecureSkipVerify
+ tlsConfig = &tls.Config{
+ InsecureSkipVerify: true,
+ }
+ } else if len(tlsConfig.ServerName) == 0 && !tlsConfig.InsecureSkipVerify {
+ // tls.HandshakeContext() requires ServerName or InsecureSkipVerify
+ // infer the ServerName from the hostname we're connecting to.
+ inferredHost := dialAddr
+ if host, _, err := net.SplitHostPort(dialAddr); err == nil {
+ inferredHost = host
+ }
+ // Make a copy to avoid polluting the provided config
+ tlsConfigCopy := tlsConfig.Clone()
+ tlsConfigCopy.ServerName = inferredHost
+ tlsConfig = tlsConfigCopy
+ }
+
+ // Since this method is primarily used within a "Connection: Upgrade" call we assume the caller is
+ // going to write HTTP/1.1 request to the wire. http2 should not be allowed in the TLSConfig.NextProtos,
+ // so we explicitly set that here. We only do this check if the TLSConfig support http/1.1.
+ if supportsHTTP11(tlsConfig.NextProtos) {
+ tlsConfig = tlsConfig.Clone()
+ tlsConfig.NextProtos = []string{"http/1.1"}
+ }
+
+ tlsConn := tls.Client(netConn, tlsConfig)
+ if err := tlsConn.HandshakeContext(ctx); err != nil {
+ netConn.Close()
+ return nil, err
+ }
+ return tlsConn, nil
+ } else {
+ // Dial.
+ tlsDialer := tls.Dialer{
+ Config: tlsConfig,
+ }
+ return tlsDialer.DialContext(ctx, "tcp", dialAddr)
+ }
+ default:
+ return nil, fmt.Errorf("unknown scheme: %s", url.Scheme)
+ }
+}
+
+func supportsHTTP11(nextProtos []string) bool {
+ if len(nextProtos) == 0 {
+ return true
+ }
+ for _, proto := range nextProtos {
+ if proto == "http/1.1" {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/proxy/doc.go b/vendor/k8s.io/apimachinery/pkg/util/proxy/doc.go
new file mode 100644
index 000000000..d14ecfad5
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/proxy/doc.go
@@ -0,0 +1,18 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package proxy provides transport and upgrade support for proxies.
+package proxy // import "k8s.io/apimachinery/pkg/util/proxy"
diff --git a/vendor/k8s.io/apimachinery/pkg/util/proxy/transport.go b/vendor/k8s.io/apimachinery/pkg/util/proxy/transport.go
new file mode 100644
index 000000000..5a2dd6e14
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/proxy/transport.go
@@ -0,0 +1,272 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package proxy
+
+import (
+ "bytes"
+ "compress/flate"
+ "compress/gzip"
+ "fmt"
+ "io"
+ "net/http"
+ "net/url"
+ "path"
+ "strings"
+
+ "golang.org/x/net/html"
+ "golang.org/x/net/html/atom"
+ "k8s.io/klog/v2"
+
+ "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/util/net"
+ "k8s.io/apimachinery/pkg/util/sets"
+)
+
+// atomsToAttrs states which attributes of which tags require URL substitution.
+// Sources: http://www.w3.org/TR/REC-html40/index/attributes.html
+//
+// http://www.w3.org/html/wg/drafts/html/master/index.html#attributes-1
+var atomsToAttrs = map[atom.Atom]sets.String{
+ atom.A: sets.NewString("href"),
+ atom.Applet: sets.NewString("codebase"),
+ atom.Area: sets.NewString("href"),
+ atom.Audio: sets.NewString("src"),
+ atom.Base: sets.NewString("href"),
+ atom.Blockquote: sets.NewString("cite"),
+ atom.Body: sets.NewString("background"),
+ atom.Button: sets.NewString("formaction"),
+ atom.Command: sets.NewString("icon"),
+ atom.Del: sets.NewString("cite"),
+ atom.Embed: sets.NewString("src"),
+ atom.Form: sets.NewString("action"),
+ atom.Frame: sets.NewString("longdesc", "src"),
+ atom.Head: sets.NewString("profile"),
+ atom.Html: sets.NewString("manifest"),
+ atom.Iframe: sets.NewString("longdesc", "src"),
+ atom.Img: sets.NewString("longdesc", "src", "usemap"),
+ atom.Input: sets.NewString("src", "usemap", "formaction"),
+ atom.Ins: sets.NewString("cite"),
+ atom.Link: sets.NewString("href"),
+ atom.Object: sets.NewString("classid", "codebase", "data", "usemap"),
+ atom.Q: sets.NewString("cite"),
+ atom.Script: sets.NewString("src"),
+ atom.Source: sets.NewString("src"),
+ atom.Video: sets.NewString("poster", "src"),
+
+ // TODO: css URLs hidden in style elements.
+}
+
+// Transport is a transport for text/html content that replaces URLs in html
+// content with the prefix of the proxy server
+type Transport struct {
+ Scheme string
+ Host string
+ PathPrepend string
+
+ http.RoundTripper
+}
+
+// RoundTrip implements the http.RoundTripper interface
+func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error) {
+ // Add reverse proxy headers.
+ forwardedURI := path.Join(t.PathPrepend, req.URL.EscapedPath())
+ if strings.HasSuffix(req.URL.Path, "/") {
+ forwardedURI = forwardedURI + "/"
+ }
+ req.Header.Set("X-Forwarded-Uri", forwardedURI)
+ if len(t.Host) > 0 {
+ req.Header.Set("X-Forwarded-Host", t.Host)
+ }
+ if len(t.Scheme) > 0 {
+ req.Header.Set("X-Forwarded-Proto", t.Scheme)
+ }
+
+ rt := t.RoundTripper
+ if rt == nil {
+ rt = http.DefaultTransport
+ }
+ resp, err := rt.RoundTrip(req)
+
+ if err != nil {
+ return nil, errors.NewServiceUnavailable(fmt.Sprintf("error trying to reach service: %v", err))
+ }
+
+ if redirect := resp.Header.Get("Location"); redirect != "" {
+ targetURL, err := url.Parse(redirect)
+ if err != nil {
+ return nil, errors.NewInternalError(fmt.Errorf("error trying to parse Location header: %v", err))
+ }
+ resp.Header.Set("Location", t.rewriteURL(targetURL, req.URL, req.Host))
+ return resp, nil
+ }
+
+ cType := resp.Header.Get("Content-Type")
+ cType = strings.TrimSpace(strings.SplitN(cType, ";", 2)[0])
+ if cType != "text/html" {
+ // Do nothing, simply pass through
+ return resp, nil
+ }
+
+ return t.rewriteResponse(req, resp)
+}
+
+var _ = net.RoundTripperWrapper(&Transport{})
+
+func (rt *Transport) WrappedRoundTripper() http.RoundTripper {
+ return rt.RoundTripper
+}
+
+// rewriteURL rewrites a single URL to go through the proxy, if the URL refers
+// to the same host as sourceURL, which is the page on which the target URL
+// occurred, or if the URL matches the sourceRequestHost.
+func (t *Transport) rewriteURL(url *url.URL, sourceURL *url.URL, sourceRequestHost string) string {
+ // Example:
+ // When API server processes a proxy request to a service (e.g. /api/v1/namespace/foo/service/bar/proxy/),
+ // the sourceURL.Host (i.e. req.URL.Host) is the endpoint IP address of the service. The
+ // sourceRequestHost (i.e. req.Host) is the Host header that specifies the host on which the
+ // URL is sought, which can be different from sourceURL.Host. For example, if user sends the
+ // request through "kubectl proxy" locally (i.e. localhost:8001/api/v1/namespace/foo/service/bar/proxy/),
+ // sourceRequestHost is "localhost:8001".
+ //
+ // If the service's response URL contains non-empty host, and url.Host is equal to either sourceURL.Host
+ // or sourceRequestHost, we should not consider the returned URL to be a completely different host.
+ // It's the API server's responsibility to rewrite a same-host-and-absolute-path URL and append the
+ // necessary URL prefix (i.e. /api/v1/namespace/foo/service/bar/proxy/).
+ isDifferentHost := url.Host != "" && url.Host != sourceURL.Host && url.Host != sourceRequestHost
+ isRelative := !strings.HasPrefix(url.Path, "/")
+ if isDifferentHost || isRelative {
+ return url.String()
+ }
+
+ // Do not rewrite scheme and host if the Transport has empty scheme and host
+ // when targetURL already contains the sourceRequestHost
+ if !(url.Host == sourceRequestHost && t.Scheme == "" && t.Host == "") {
+ url.Scheme = t.Scheme
+ url.Host = t.Host
+ }
+
+ origPath := url.Path
+ // Do not rewrite URL if the sourceURL already contains the necessary prefix.
+ if strings.HasPrefix(url.Path, t.PathPrepend) {
+ return url.String()
+ }
+ url.Path = path.Join(t.PathPrepend, url.Path)
+ if strings.HasSuffix(origPath, "/") {
+ // Add back the trailing slash, which was stripped by path.Join().
+ url.Path += "/"
+ }
+
+ return url.String()
+}
+
+// rewriteHTML scans the HTML for tags with url-valued attributes, and updates
+// those values with the urlRewriter function. The updated HTML is output to the
+// writer.
+func rewriteHTML(reader io.Reader, writer io.Writer, urlRewriter func(*url.URL) string) error {
+ // Note: This assumes the content is UTF-8.
+ tokenizer := html.NewTokenizer(reader)
+
+ var err error
+ for err == nil {
+ tokenType := tokenizer.Next()
+ switch tokenType {
+ case html.ErrorToken:
+ err = tokenizer.Err()
+ case html.StartTagToken, html.SelfClosingTagToken:
+ token := tokenizer.Token()
+ if urlAttrs, ok := atomsToAttrs[token.DataAtom]; ok {
+ for i, attr := range token.Attr {
+ if urlAttrs.Has(attr.Key) {
+ url, err := url.Parse(attr.Val)
+ if err != nil {
+ // Do not rewrite the URL if it isn't valid. It is intended not
+ // to error here to prevent the inability to understand the
+ // content of the body to cause a fatal error.
+ continue
+ }
+ token.Attr[i].Val = urlRewriter(url)
+ }
+ }
+ }
+ _, err = writer.Write([]byte(token.String()))
+ default:
+ _, err = writer.Write(tokenizer.Raw())
+ }
+ }
+ if err != io.EOF {
+ return err
+ }
+ return nil
+}
+
+// rewriteResponse modifies an HTML response by updating absolute links referring
+// to the original host to instead refer to the proxy transport.
+func (t *Transport) rewriteResponse(req *http.Request, resp *http.Response) (*http.Response, error) {
+ origBody := resp.Body
+ defer origBody.Close()
+
+ newContent := &bytes.Buffer{}
+ var reader io.Reader = origBody
+ var writer io.Writer = newContent
+ encoding := resp.Header.Get("Content-Encoding")
+ switch encoding {
+ case "gzip":
+ var err error
+ reader, err = gzip.NewReader(reader)
+ if err != nil {
+ return nil, fmt.Errorf("errorf making gzip reader: %v", err)
+ }
+ gzw := gzip.NewWriter(writer)
+ defer gzw.Close()
+ writer = gzw
+ case "deflate":
+ var err error
+ reader = flate.NewReader(reader)
+ flw, err := flate.NewWriter(writer, flate.BestCompression)
+ if err != nil {
+ return nil, fmt.Errorf("errorf making flate writer: %v", err)
+ }
+ defer func() {
+ flw.Close()
+ flw.Flush()
+ }()
+ writer = flw
+ case "":
+ // This is fine
+ default:
+ // Some encoding we don't understand-- don't try to parse this
+ klog.Errorf("Proxy encountered encoding %v for text/html; can't understand this so not fixing links.", encoding)
+ return resp, nil
+ }
+
+ urlRewriter := func(targetUrl *url.URL) string {
+ return t.rewriteURL(targetUrl, req.URL, req.Host)
+ }
+ err := rewriteHTML(reader, writer, urlRewriter)
+ if err != nil {
+ klog.Errorf("Failed to rewrite URLs: %v", err)
+ return resp, err
+ }
+
+ resp.Body = io.NopCloser(newContent)
+ // Update header node with new content-length
+ // TODO: Remove any hash/signature headers here?
+ resp.Header.Del("Content-Length")
+ resp.ContentLength = int64(newContent.Len())
+
+ return resp, err
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/proxy/upgradeaware.go b/vendor/k8s.io/apimachinery/pkg/util/proxy/upgradeaware.go
new file mode 100644
index 000000000..8c30a366d
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/proxy/upgradeaware.go
@@ -0,0 +1,558 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package proxy
+
+import (
+ "bufio"
+ "bytes"
+ "fmt"
+ "io"
+ "log"
+ "net"
+ "net/http"
+ "net/http/httputil"
+ "net/url"
+ "os"
+ "strings"
+ "time"
+
+ "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ utilnet "k8s.io/apimachinery/pkg/util/net"
+ utilruntime "k8s.io/apimachinery/pkg/util/runtime"
+
+ "github.com/mxk/go-flowrate/flowrate"
+
+ "k8s.io/klog/v2"
+)
+
+// UpgradeRequestRoundTripper provides an additional method to decorate a request
+// with any authentication or other protocol level information prior to performing
+// an upgrade on the server. Any response will be handled by the intercepting
+// proxy.
+type UpgradeRequestRoundTripper interface {
+ http.RoundTripper
+ // WrapRequest takes a valid HTTP request and returns a suitably altered version
+ // of request with any HTTP level values required to complete the request half of
+ // an upgrade on the server. It does not get a chance to see the response and
+ // should bypass any request side logic that expects to see the response.
+ WrapRequest(*http.Request) (*http.Request, error)
+}
+
+// UpgradeAwareHandler is a handler for proxy requests that may require an upgrade
+type UpgradeAwareHandler struct {
+ // UpgradeRequired will reject non-upgrade connections if true.
+ UpgradeRequired bool
+ // Location is the location of the upstream proxy. It is used as the location to Dial on the upstream server
+ // for upgrade requests unless UseRequestLocationOnUpgrade is true.
+ Location *url.URL
+ // AppendLocationPath determines if the original path of the Location should be appended to the upstream proxy request path
+ AppendLocationPath bool
+ // Transport provides an optional round tripper to use to proxy. If nil, the default proxy transport is used
+ Transport http.RoundTripper
+ // UpgradeTransport, if specified, will be used as the backend transport when upgrade requests are provided.
+ // This allows clients to disable HTTP/2.
+ UpgradeTransport UpgradeRequestRoundTripper
+ // WrapTransport indicates whether the provided Transport should be wrapped with default proxy transport behavior (URL rewriting, X-Forwarded-* header setting)
+ WrapTransport bool
+ // UseRequestLocation will use the incoming request URL when talking to the backend server.
+ UseRequestLocation bool
+ // UseLocationHost overrides the HTTP host header in requests to the backend server to use the Host from Location.
+ // This will override the req.Host field of a request, while UseRequestLocation will override the req.URL field
+ // of a request. The req.URL.Host specifies the server to connect to, while the req.Host field
+ // specifies the Host header value to send in the HTTP request. If this is false, the incoming req.Host header will
+ // just be forwarded to the backend server.
+ UseLocationHost bool
+ // FlushInterval controls how often the standard HTTP proxy will flush content from the upstream.
+ FlushInterval time.Duration
+ // MaxBytesPerSec controls the maximum rate for an upstream connection. No rate is imposed if the value is zero.
+ MaxBytesPerSec int64
+ // Responder is passed errors that occur while setting up proxying.
+ Responder ErrorResponder
+ // Reject to forward redirect response
+ RejectForwardingRedirects bool
+}
+
+const defaultFlushInterval = 200 * time.Millisecond
+
+// ErrorResponder abstracts error reporting to the proxy handler to remove the need to hardcode a particular
+// error format.
+type ErrorResponder interface {
+ Error(w http.ResponseWriter, req *http.Request, err error)
+}
+
+// SimpleErrorResponder is the legacy implementation of ErrorResponder for callers that only
+// service a single request/response per proxy.
+type SimpleErrorResponder interface {
+ Error(err error)
+}
+
+func NewErrorResponder(r SimpleErrorResponder) ErrorResponder {
+ return simpleResponder{r}
+}
+
+type simpleResponder struct {
+ responder SimpleErrorResponder
+}
+
+func (r simpleResponder) Error(w http.ResponseWriter, req *http.Request, err error) {
+ r.responder.Error(err)
+}
+
+// upgradeRequestRoundTripper implements proxy.UpgradeRequestRoundTripper.
+type upgradeRequestRoundTripper struct {
+ http.RoundTripper
+ upgrader http.RoundTripper
+}
+
+var (
+ _ UpgradeRequestRoundTripper = &upgradeRequestRoundTripper{}
+ _ utilnet.RoundTripperWrapper = &upgradeRequestRoundTripper{}
+)
+
+// WrappedRoundTripper returns the round tripper that a caller would use.
+func (rt *upgradeRequestRoundTripper) WrappedRoundTripper() http.RoundTripper {
+ return rt.RoundTripper
+}
+
+// WriteToRequest calls the nested upgrader and then copies the returned request
+// fields onto the passed request.
+func (rt *upgradeRequestRoundTripper) WrapRequest(req *http.Request) (*http.Request, error) {
+ resp, err := rt.upgrader.RoundTrip(req)
+ if err != nil {
+ return nil, err
+ }
+ return resp.Request, nil
+}
+
+// onewayRoundTripper captures the provided request - which is assumed to have
+// been modified by other round trippers - and then returns a fake response.
+type onewayRoundTripper struct{}
+
+// RoundTrip returns a simple 200 OK response that captures the provided request.
+func (onewayRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
+ return &http.Response{
+ Status: "200 OK",
+ StatusCode: http.StatusOK,
+ Body: io.NopCloser(&bytes.Buffer{}),
+ Request: req,
+ }, nil
+}
+
+// MirrorRequest is a round tripper that can be called to get back the calling request as
+// the core round tripper in a chain.
+var MirrorRequest http.RoundTripper = onewayRoundTripper{}
+
+// NewUpgradeRequestRoundTripper takes two round trippers - one for the underlying TCP connection, and
+// one that is able to write headers to an HTTP request. The request rt is used to set the request headers
+// and that is written to the underlying connection rt.
+func NewUpgradeRequestRoundTripper(connection, request http.RoundTripper) UpgradeRequestRoundTripper {
+ return &upgradeRequestRoundTripper{
+ RoundTripper: connection,
+ upgrader: request,
+ }
+}
+
+// normalizeLocation returns the result of parsing the full URL, with scheme set to http if missing
+func normalizeLocation(location *url.URL) *url.URL {
+ normalized, _ := url.Parse(location.String())
+ if len(normalized.Scheme) == 0 {
+ normalized.Scheme = "http"
+ }
+ return normalized
+}
+
+// NewUpgradeAwareHandler creates a new proxy handler with a default flush interval. Responder is required for returning
+// errors to the caller.
+func NewUpgradeAwareHandler(location *url.URL, transport http.RoundTripper, wrapTransport, upgradeRequired bool, responder ErrorResponder) *UpgradeAwareHandler {
+ return &UpgradeAwareHandler{
+ Location: normalizeLocation(location),
+ Transport: transport,
+ WrapTransport: wrapTransport,
+ UpgradeRequired: upgradeRequired,
+ FlushInterval: defaultFlushInterval,
+ Responder: responder,
+ }
+}
+
+func proxyRedirectsforRootPath(path string, w http.ResponseWriter, req *http.Request) bool {
+ redirect := false
+ method := req.Method
+
+ // From pkg/genericapiserver/endpoints/handlers/proxy.go#ServeHTTP:
+ // Redirect requests with an empty path to a location that ends with a '/'
+ // This is essentially a hack for https://issue.k8s.io/4958.
+ // Note: Keep this code after tryUpgrade to not break that flow.
+ if len(path) == 0 && (method == http.MethodGet || method == http.MethodHead) {
+ var queryPart string
+ if len(req.URL.RawQuery) > 0 {
+ queryPart = "?" + req.URL.RawQuery
+ }
+ w.Header().Set("Location", req.URL.Path+"/"+queryPart)
+ w.WriteHeader(http.StatusMovedPermanently)
+ redirect = true
+ }
+ return redirect
+}
+
+// ServeHTTP handles the proxy request
+func (h *UpgradeAwareHandler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
+ if h.tryUpgrade(w, req) {
+ return
+ }
+ if h.UpgradeRequired {
+ h.Responder.Error(w, req, errors.NewBadRequest("Upgrade request required"))
+ return
+ }
+
+ loc := *h.Location
+ loc.RawQuery = req.URL.RawQuery
+
+ // If original request URL ended in '/', append a '/' at the end of the
+ // of the proxy URL
+ if !strings.HasSuffix(loc.Path, "/") && strings.HasSuffix(req.URL.Path, "/") {
+ loc.Path += "/"
+ }
+
+ proxyRedirect := proxyRedirectsforRootPath(loc.Path, w, req)
+ if proxyRedirect {
+ return
+ }
+
+ if h.Transport == nil || h.WrapTransport {
+ h.Transport = h.defaultProxyTransport(req.URL, h.Transport)
+ }
+
+ // WithContext creates a shallow clone of the request with the same context.
+ newReq := req.WithContext(req.Context())
+ newReq.Header = utilnet.CloneHeader(req.Header)
+ if !h.UseRequestLocation {
+ newReq.URL = &loc
+ }
+ if h.UseLocationHost {
+ // exchanging req.Host with the backend location is necessary for backends that act on the HTTP host header (e.g. API gateways),
+ // because req.Host has preference over req.URL.Host in filling this header field
+ newReq.Host = h.Location.Host
+ }
+
+ // create the target location to use for the reverse proxy
+ reverseProxyLocation := &url.URL{Scheme: h.Location.Scheme, Host: h.Location.Host}
+ if h.AppendLocationPath {
+ reverseProxyLocation.Path = h.Location.Path
+ }
+
+ proxy := httputil.NewSingleHostReverseProxy(reverseProxyLocation)
+ proxy.Transport = h.Transport
+ proxy.FlushInterval = h.FlushInterval
+ proxy.ErrorLog = log.New(noSuppressPanicError{}, "", log.LstdFlags)
+ if h.RejectForwardingRedirects {
+ oldModifyResponse := proxy.ModifyResponse
+ proxy.ModifyResponse = func(response *http.Response) error {
+ code := response.StatusCode
+ if code >= 300 && code <= 399 && len(response.Header.Get("Location")) > 0 {
+ // close the original response
+ response.Body.Close()
+ msg := "the backend attempted to redirect this request, which is not permitted"
+ // replace the response
+ *response = http.Response{
+ StatusCode: http.StatusBadGateway,
+ Status: fmt.Sprintf("%d %s", response.StatusCode, http.StatusText(response.StatusCode)),
+ Body: io.NopCloser(strings.NewReader(msg)),
+ ContentLength: int64(len(msg)),
+ }
+ } else {
+ if oldModifyResponse != nil {
+ if err := oldModifyResponse(response); err != nil {
+ return err
+ }
+ }
+ }
+ return nil
+ }
+ }
+ if h.Responder != nil {
+ // if an optional error interceptor/responder was provided wire it
+ // the custom responder might be used for providing a unified error reporting
+ // or supporting retry mechanisms by not sending non-fatal errors to the clients
+ proxy.ErrorHandler = h.Responder.Error
+ }
+ proxy.ServeHTTP(w, newReq)
+}
+
+type noSuppressPanicError struct{}
+
+func (noSuppressPanicError) Write(p []byte) (n int, err error) {
+ // skip "suppressing panic for copyResponse error in test; copy error" error message
+ // that ends up in CI tests on each kube-apiserver termination as noise and
+ // everybody thinks this is fatal.
+ if strings.Contains(string(p), "suppressing panic") {
+ return len(p), nil
+ }
+ return os.Stderr.Write(p)
+}
+
+// tryUpgrade returns true if the request was handled.
+func (h *UpgradeAwareHandler) tryUpgrade(w http.ResponseWriter, req *http.Request) bool {
+ if !httpstream.IsUpgradeRequest(req) {
+ klog.V(6).Infof("Request was not an upgrade")
+ return false
+ }
+
+ var (
+ backendConn net.Conn
+ rawResponse []byte
+ err error
+ )
+
+ location := *h.Location
+ if h.UseRequestLocation {
+ location = *req.URL
+ location.Scheme = h.Location.Scheme
+ location.Host = h.Location.Host
+ if h.AppendLocationPath {
+ location.Path = singleJoiningSlash(h.Location.Path, location.Path)
+ }
+ }
+
+ clone := utilnet.CloneRequest(req)
+ // Only append X-Forwarded-For in the upgrade path, since httputil.NewSingleHostReverseProxy
+ // handles this in the non-upgrade path.
+ utilnet.AppendForwardedForHeader(clone)
+ klog.V(6).Infof("Connecting to backend proxy (direct dial) %s\n Headers: %v", &location, clone.Header)
+ if h.UseLocationHost {
+ clone.Host = h.Location.Host
+ }
+ clone.URL = &location
+ klog.V(6).Infof("UpgradeAwareProxy: dialing for SPDY upgrade with headers: %v", clone.Header)
+ backendConn, err = h.DialForUpgrade(clone)
+ if err != nil {
+ klog.V(6).Infof("Proxy connection error: %v", err)
+ h.Responder.Error(w, req, err)
+ return true
+ }
+ defer backendConn.Close()
+
+ // determine the http response code from the backend by reading from rawResponse+backendConn
+ backendHTTPResponse, headerBytes, err := getResponse(io.MultiReader(bytes.NewReader(rawResponse), backendConn))
+ if err != nil {
+ klog.V(6).Infof("Proxy connection error: %v", err)
+ h.Responder.Error(w, req, err)
+ return true
+ }
+ if len(headerBytes) > len(rawResponse) {
+ // we read beyond the bytes stored in rawResponse, update rawResponse to the full set of bytes read from the backend
+ rawResponse = headerBytes
+ }
+
+ // If the backend did not upgrade the request, return an error to the client. If the response was
+ // an error, the error is forwarded directly after the connection is hijacked. Otherwise, just
+ // return a generic error here.
+ if backendHTTPResponse.StatusCode != http.StatusSwitchingProtocols && backendHTTPResponse.StatusCode < 400 {
+ err := fmt.Errorf("invalid upgrade response: status code %d", backendHTTPResponse.StatusCode)
+ klog.Errorf("Proxy upgrade error: %v", err)
+ h.Responder.Error(w, req, err)
+ return true
+ }
+
+ // Once the connection is hijacked, the ErrorResponder will no longer work, so
+ // hijacking should be the last step in the upgrade.
+ requestHijacker, ok := w.(http.Hijacker)
+ if !ok {
+ klog.Errorf("Unable to hijack response writer: %T", w)
+ h.Responder.Error(w, req, fmt.Errorf("request connection cannot be hijacked: %T", w))
+ return true
+ }
+ requestHijackedConn, _, err := requestHijacker.Hijack()
+ if err != nil {
+ klog.Errorf("Unable to hijack response: %v", err)
+ h.Responder.Error(w, req, fmt.Errorf("error hijacking connection: %v", err))
+ return true
+ }
+ defer requestHijackedConn.Close()
+
+ if backendHTTPResponse.StatusCode != http.StatusSwitchingProtocols {
+ // If the backend did not upgrade the request, echo the response from the backend to the client and return, closing the connection.
+ klog.V(6).Infof("Proxy upgrade error, status code %d", backendHTTPResponse.StatusCode)
+ // set read/write deadlines
+ deadline := time.Now().Add(10 * time.Second)
+ backendConn.SetReadDeadline(deadline)
+ requestHijackedConn.SetWriteDeadline(deadline)
+ // write the response to the client
+ err := backendHTTPResponse.Write(requestHijackedConn)
+ if err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
+ klog.Errorf("Error proxying data from backend to client: %v", err)
+ }
+ // Indicate we handled the request
+ return true
+ }
+
+ // Forward raw response bytes back to client.
+ if len(rawResponse) > 0 {
+ klog.V(6).Infof("Writing %d bytes to hijacked connection", len(rawResponse))
+ if _, err = requestHijackedConn.Write(rawResponse); err != nil {
+ utilruntime.HandleError(fmt.Errorf("Error proxying response from backend to client: %v", err))
+ }
+ }
+
+ // Proxy the connection. This is bidirectional, so we need a goroutine
+ // to copy in each direction. Once one side of the connection exits, we
+ // exit the function which performs cleanup and in the process closes
+ // the other half of the connection in the defer.
+ writerComplete := make(chan struct{})
+ readerComplete := make(chan struct{})
+
+ go func() {
+ var writer io.WriteCloser
+ if h.MaxBytesPerSec > 0 {
+ writer = flowrate.NewWriter(backendConn, h.MaxBytesPerSec)
+ } else {
+ writer = backendConn
+ }
+ _, err := io.Copy(writer, requestHijackedConn)
+ if err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
+ klog.Errorf("Error proxying data from client to backend: %v", err)
+ }
+ close(writerComplete)
+ }()
+
+ go func() {
+ var reader io.ReadCloser
+ if h.MaxBytesPerSec > 0 {
+ reader = flowrate.NewReader(backendConn, h.MaxBytesPerSec)
+ } else {
+ reader = backendConn
+ }
+ _, err := io.Copy(requestHijackedConn, reader)
+ if err != nil && !strings.Contains(err.Error(), "use of closed network connection") {
+ klog.Errorf("Error proxying data from backend to client: %v", err)
+ }
+ close(readerComplete)
+ }()
+
+ // Wait for one half the connection to exit. Once it does the defer will
+ // clean up the other half of the connection.
+ select {
+ case <-writerComplete:
+ case <-readerComplete:
+ }
+ klog.V(6).Infof("Disconnecting from backend proxy %s\n Headers: %v", &location, clone.Header)
+
+ return true
+}
+
+// FIXME: Taken from net/http/httputil/reverseproxy.go as singleJoiningSlash is not exported to be re-used.
+// See-also: https://github.com/golang/go/issues/44290
+func singleJoiningSlash(a, b string) string {
+ aslash := strings.HasSuffix(a, "/")
+ bslash := strings.HasPrefix(b, "/")
+ switch {
+ case aslash && bslash:
+ return a + b[1:]
+ case !aslash && !bslash:
+ return a + "/" + b
+ }
+ return a + b
+}
+
+func (h *UpgradeAwareHandler) DialForUpgrade(req *http.Request) (net.Conn, error) {
+ if h.UpgradeTransport == nil {
+ return dial(req, h.Transport)
+ }
+ updatedReq, err := h.UpgradeTransport.WrapRequest(req)
+ if err != nil {
+ return nil, err
+ }
+ return dial(updatedReq, h.UpgradeTransport)
+}
+
+// getResponseCode reads a http response from the given reader, returns the response,
+// the bytes read from the reader, and any error encountered
+func getResponse(r io.Reader) (*http.Response, []byte, error) {
+ rawResponse := bytes.NewBuffer(make([]byte, 0, 256))
+ // Save the bytes read while reading the response headers into the rawResponse buffer
+ resp, err := http.ReadResponse(bufio.NewReader(io.TeeReader(r, rawResponse)), nil)
+ if err != nil {
+ return nil, nil, err
+ }
+ // return the http response and the raw bytes consumed from the reader in the process
+ return resp, rawResponse.Bytes(), nil
+}
+
+// dial dials the backend at req.URL and writes req to it.
+func dial(req *http.Request, transport http.RoundTripper) (net.Conn, error) {
+ conn, err := DialURL(req.Context(), req.URL, transport)
+ if err != nil {
+ return nil, fmt.Errorf("error dialing backend: %v", err)
+ }
+
+ if err = req.Write(conn); err != nil {
+ conn.Close()
+ return nil, fmt.Errorf("error sending request: %v", err)
+ }
+
+ return conn, err
+}
+
+func (h *UpgradeAwareHandler) defaultProxyTransport(url *url.URL, internalTransport http.RoundTripper) http.RoundTripper {
+ scheme := url.Scheme
+ host := url.Host
+ suffix := h.Location.Path
+ if strings.HasSuffix(url.Path, "/") && !strings.HasSuffix(suffix, "/") {
+ suffix += "/"
+ }
+ pathPrepend := strings.TrimSuffix(url.Path, suffix)
+ rewritingTransport := &Transport{
+ Scheme: scheme,
+ Host: host,
+ PathPrepend: pathPrepend,
+ RoundTripper: internalTransport,
+ }
+ return &corsRemovingTransport{
+ RoundTripper: rewritingTransport,
+ }
+}
+
+// corsRemovingTransport is a wrapper for an internal transport. It removes CORS headers
+// from the internal response.
+// Implements pkg/util/net.RoundTripperWrapper
+type corsRemovingTransport struct {
+ http.RoundTripper
+}
+
+var _ = utilnet.RoundTripperWrapper(&corsRemovingTransport{})
+
+func (rt *corsRemovingTransport) RoundTrip(req *http.Request) (*http.Response, error) {
+ resp, err := rt.RoundTripper.RoundTrip(req)
+ if err != nil {
+ return nil, err
+ }
+ removeCORSHeaders(resp)
+ return resp, nil
+}
+
+func (rt *corsRemovingTransport) WrappedRoundTripper() http.RoundTripper {
+ return rt.RoundTripper
+}
+
+// removeCORSHeaders strip CORS headers sent from the backend
+// This should be called on all responses before returning
+func removeCORSHeaders(resp *http.Response) {
+ resp.Header.Del("Access-Control-Allow-Credentials")
+ resp.Header.Del("Access-Control-Allow-Headers")
+ resp.Header.Del("Access-Control-Allow-Methods")
+ resp.Header.Del("Access-Control-Allow-Origin")
+}
diff --git a/vendor/k8s.io/apimachinery/pkg/util/remotecommand/constants.go b/vendor/k8s.io/apimachinery/pkg/util/remotecommand/constants.go
new file mode 100644
index 000000000..ba153ee24
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/pkg/util/remotecommand/constants.go
@@ -0,0 +1,67 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "time"
+
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+const (
+ DefaultStreamCreationTimeout = 30 * time.Second
+
+ // The SPDY subprotocol "channel.k8s.io" is used for remote command
+ // attachment/execution. This represents the initial unversioned subprotocol,
+ // which has the known bugs https://issues.k8s.io/13394 and
+ // https://issues.k8s.io/13395.
+ StreamProtocolV1Name = "channel.k8s.io"
+
+ // The SPDY subprotocol "v2.channel.k8s.io" is used for remote command
+ // attachment/execution. It is the second version of the subprotocol and
+ // resolves the issues present in the first version.
+ StreamProtocolV2Name = "v2.channel.k8s.io"
+
+ // The SPDY subprotocol "v3.channel.k8s.io" is used for remote command
+ // attachment/execution. It is the third version of the subprotocol and
+ // adds support for resizing container terminals.
+ StreamProtocolV3Name = "v3.channel.k8s.io"
+
+ // The SPDY subprotocol "v4.channel.k8s.io" is used for remote command
+ // attachment/execution. It is the 4th version of the subprotocol and
+ // adds support for exit codes.
+ StreamProtocolV4Name = "v4.channel.k8s.io"
+
+ // The subprotocol "v5.channel.k8s.io" is used for remote command
+ // attachment/execution. It is the 5th version of the subprotocol and
+ // adds support for a CLOSE signal.
+ StreamProtocolV5Name = "v5.channel.k8s.io"
+
+ NonZeroExitCodeReason = metav1.StatusReason("NonZeroExitCode")
+ ExitCodeCauseType = metav1.CauseType("ExitCode")
+
+ // RemoteCommand stream identifiers. The first three identifiers (for STDIN,
+ // STDOUT, STDERR) are the same as their file descriptors.
+ StreamStdIn = 0
+ StreamStdOut = 1
+ StreamStdErr = 2
+ StreamErr = 3
+ StreamResize = 4
+ StreamClose = 255
+)
+
+var SupportedStreamingProtocols = []string{StreamProtocolV4Name, StreamProtocolV3Name, StreamProtocolV2Name, StreamProtocolV1Name}
diff --git a/vendor/k8s.io/apimachinery/third_party/forked/golang/netutil/addr.go b/vendor/k8s.io/apimachinery/third_party/forked/golang/netutil/addr.go
new file mode 100644
index 000000000..bd26f427e
--- /dev/null
+++ b/vendor/k8s.io/apimachinery/third_party/forked/golang/netutil/addr.go
@@ -0,0 +1,28 @@
+package netutil
+
+import (
+ "net/url"
+ "strings"
+)
+
+// FROM: http://golang.org/src/net/http/client.go
+// Given a string of the form "host", "host:port", or "[ipv6::address]:port",
+// return true if the string includes a port.
+func hasPort(s string) bool { return strings.LastIndex(s, ":") > strings.LastIndex(s, "]") }
+
+// FROM: http://golang.org/src/net/http/transport.go
+var portMap = map[string]string{
+ "http": "80",
+ "https": "443",
+ "socks5": "1080",
+}
+
+// FROM: http://golang.org/src/net/http/transport.go
+// canonicalAddr returns url.Host but always with a ":port" suffix
+func CanonicalAddr(url *url.URL) string {
+ addr := url.Host
+ if !hasPort(addr) {
+ return addr + ":" + portMap[url.Scheme]
+ }
+ return addr
+}
diff --git a/vendor/k8s.io/client-go/dynamic/interface.go b/vendor/k8s.io/client-go/dynamic/interface.go
new file mode 100644
index 000000000..a310b63e5
--- /dev/null
+++ b/vendor/k8s.io/client-go/dynamic/interface.go
@@ -0,0 +1,63 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package dynamic
+
+import (
+ "context"
+
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/watch"
+)
+
+type Interface interface {
+ Resource(resource schema.GroupVersionResource) NamespaceableResourceInterface
+}
+
+type ResourceInterface interface {
+ Create(ctx context.Context, obj *unstructured.Unstructured, options metav1.CreateOptions, subresources ...string) (*unstructured.Unstructured, error)
+ Update(ctx context.Context, obj *unstructured.Unstructured, options metav1.UpdateOptions, subresources ...string) (*unstructured.Unstructured, error)
+ UpdateStatus(ctx context.Context, obj *unstructured.Unstructured, options metav1.UpdateOptions) (*unstructured.Unstructured, error)
+ Delete(ctx context.Context, name string, options metav1.DeleteOptions, subresources ...string) error
+ DeleteCollection(ctx context.Context, options metav1.DeleteOptions, listOptions metav1.ListOptions) error
+ Get(ctx context.Context, name string, options metav1.GetOptions, subresources ...string) (*unstructured.Unstructured, error)
+ List(ctx context.Context, opts metav1.ListOptions) (*unstructured.UnstructuredList, error)
+ Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
+ Patch(ctx context.Context, name string, pt types.PatchType, data []byte, options metav1.PatchOptions, subresources ...string) (*unstructured.Unstructured, error)
+ Apply(ctx context.Context, name string, obj *unstructured.Unstructured, options metav1.ApplyOptions, subresources ...string) (*unstructured.Unstructured, error)
+ ApplyStatus(ctx context.Context, name string, obj *unstructured.Unstructured, options metav1.ApplyOptions) (*unstructured.Unstructured, error)
+}
+
+type NamespaceableResourceInterface interface {
+ Namespace(string) ResourceInterface
+ ResourceInterface
+}
+
+// APIPathResolverFunc knows how to convert a groupVersion to its API path. The Kind field is optional.
+// TODO find a better place to move this for existing callers
+type APIPathResolverFunc func(kind schema.GroupVersionKind) string
+
+// LegacyAPIPathResolverFunc can resolve paths properly with the legacy API.
+// TODO find a better place to move this for existing callers
+func LegacyAPIPathResolverFunc(kind schema.GroupVersionKind) string {
+ if len(kind.Group) == 0 {
+ return "/api"
+ }
+ return "/apis"
+}
diff --git a/vendor/k8s.io/client-go/dynamic/scheme.go b/vendor/k8s.io/client-go/dynamic/scheme.go
new file mode 100644
index 000000000..3168c872c
--- /dev/null
+++ b/vendor/k8s.io/client-go/dynamic/scheme.go
@@ -0,0 +1,108 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package dynamic
+
+import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/apimachinery/pkg/runtime/serializer/json"
+)
+
+var watchScheme = runtime.NewScheme()
+var basicScheme = runtime.NewScheme()
+var deleteScheme = runtime.NewScheme()
+var parameterScheme = runtime.NewScheme()
+var deleteOptionsCodec = serializer.NewCodecFactory(deleteScheme)
+var dynamicParameterCodec = runtime.NewParameterCodec(parameterScheme)
+
+var versionV1 = schema.GroupVersion{Version: "v1"}
+
+func init() {
+ metav1.AddToGroupVersion(watchScheme, versionV1)
+ metav1.AddToGroupVersion(basicScheme, versionV1)
+ metav1.AddToGroupVersion(parameterScheme, versionV1)
+ metav1.AddToGroupVersion(deleteScheme, versionV1)
+}
+
+// basicNegotiatedSerializer is used to handle discovery and error handling serialization
+type basicNegotiatedSerializer struct{}
+
+func (s basicNegotiatedSerializer) SupportedMediaTypes() []runtime.SerializerInfo {
+ return []runtime.SerializerInfo{
+ {
+ MediaType: "application/json",
+ MediaTypeType: "application",
+ MediaTypeSubType: "json",
+ EncodesAsText: true,
+ Serializer: json.NewSerializer(json.DefaultMetaFactory, unstructuredCreater{basicScheme}, unstructuredTyper{basicScheme}, false),
+ PrettySerializer: json.NewSerializer(json.DefaultMetaFactory, unstructuredCreater{basicScheme}, unstructuredTyper{basicScheme}, true),
+ StreamSerializer: &runtime.StreamSerializerInfo{
+ EncodesAsText: true,
+ Serializer: json.NewSerializer(json.DefaultMetaFactory, basicScheme, basicScheme, false),
+ Framer: json.Framer,
+ },
+ },
+ }
+}
+
+func (s basicNegotiatedSerializer) EncoderForVersion(encoder runtime.Encoder, gv runtime.GroupVersioner) runtime.Encoder {
+ return runtime.WithVersionEncoder{
+ Version: gv,
+ Encoder: encoder,
+ ObjectTyper: unstructuredTyper{basicScheme},
+ }
+}
+
+func (s basicNegotiatedSerializer) DecoderToVersion(decoder runtime.Decoder, gv runtime.GroupVersioner) runtime.Decoder {
+ return decoder
+}
+
+type unstructuredCreater struct {
+ nested runtime.ObjectCreater
+}
+
+func (c unstructuredCreater) New(kind schema.GroupVersionKind) (runtime.Object, error) {
+ out, err := c.nested.New(kind)
+ if err == nil {
+ return out, nil
+ }
+ out = &unstructured.Unstructured{}
+ out.GetObjectKind().SetGroupVersionKind(kind)
+ return out, nil
+}
+
+type unstructuredTyper struct {
+ nested runtime.ObjectTyper
+}
+
+func (t unstructuredTyper) ObjectKinds(obj runtime.Object) ([]schema.GroupVersionKind, bool, error) {
+ kinds, unversioned, err := t.nested.ObjectKinds(obj)
+ if err == nil {
+ return kinds, unversioned, nil
+ }
+ if _, ok := obj.(runtime.Unstructured); ok && !obj.GetObjectKind().GroupVersionKind().Empty() {
+ return []schema.GroupVersionKind{obj.GetObjectKind().GroupVersionKind()}, false, nil
+ }
+ return nil, false, err
+}
+
+func (t unstructuredTyper) Recognizes(gvk schema.GroupVersionKind) bool {
+ return true
+}
diff --git a/vendor/k8s.io/client-go/dynamic/simple.go b/vendor/k8s.io/client-go/dynamic/simple.go
new file mode 100644
index 000000000..4b5485953
--- /dev/null
+++ b/vendor/k8s.io/client-go/dynamic/simple.go
@@ -0,0 +1,437 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package dynamic
+
+import (
+ "context"
+ "fmt"
+ "net/http"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/watch"
+ "k8s.io/client-go/rest"
+)
+
+type DynamicClient struct {
+ client rest.Interface
+}
+
+var _ Interface = &DynamicClient{}
+
+// ConfigFor returns a copy of the provided config with the
+// appropriate dynamic client defaults set.
+func ConfigFor(inConfig *rest.Config) *rest.Config {
+ config := rest.CopyConfig(inConfig)
+ config.AcceptContentTypes = "application/json"
+ config.ContentType = "application/json"
+ config.NegotiatedSerializer = basicNegotiatedSerializer{} // this gets used for discovery and error handling types
+ if config.UserAgent == "" {
+ config.UserAgent = rest.DefaultKubernetesUserAgent()
+ }
+ return config
+}
+
+// New creates a new DynamicClient for the given RESTClient.
+func New(c rest.Interface) *DynamicClient {
+ return &DynamicClient{client: c}
+}
+
+// NewForConfigOrDie creates a new DynamicClient for the given config and
+// panics if there is an error in the config.
+func NewForConfigOrDie(c *rest.Config) *DynamicClient {
+ ret, err := NewForConfig(c)
+ if err != nil {
+ panic(err)
+ }
+ return ret
+}
+
+// NewForConfig creates a new dynamic client or returns an error.
+// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
+// where httpClient was generated with rest.HTTPClientFor(c).
+func NewForConfig(inConfig *rest.Config) (*DynamicClient, error) {
+ config := ConfigFor(inConfig)
+
+ httpClient, err := rest.HTTPClientFor(config)
+ if err != nil {
+ return nil, err
+ }
+ return NewForConfigAndClient(config, httpClient)
+}
+
+// NewForConfigAndClient creates a new dynamic client for the given config and http client.
+// Note the http client provided takes precedence over the configured transport values.
+func NewForConfigAndClient(inConfig *rest.Config, h *http.Client) (*DynamicClient, error) {
+ config := ConfigFor(inConfig)
+ // for serializing the options
+ config.GroupVersion = &schema.GroupVersion{}
+ config.APIPath = "/if-you-see-this-search-for-the-break"
+
+ restClient, err := rest.RESTClientForConfigAndClient(config, h)
+ if err != nil {
+ return nil, err
+ }
+ return &DynamicClient{client: restClient}, nil
+}
+
+type dynamicResourceClient struct {
+ client *DynamicClient
+ namespace string
+ resource schema.GroupVersionResource
+}
+
+func (c *DynamicClient) Resource(resource schema.GroupVersionResource) NamespaceableResourceInterface {
+ return &dynamicResourceClient{client: c, resource: resource}
+}
+
+func (c *dynamicResourceClient) Namespace(ns string) ResourceInterface {
+ ret := *c
+ ret.namespace = ns
+ return &ret
+}
+
+func (c *dynamicResourceClient) Create(ctx context.Context, obj *unstructured.Unstructured, opts metav1.CreateOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ outBytes, err := runtime.Encode(unstructured.UnstructuredJSONScheme, obj)
+ if err != nil {
+ return nil, err
+ }
+ name := ""
+ if len(subresources) > 0 {
+ accessor, err := meta.Accessor(obj)
+ if err != nil {
+ return nil, err
+ }
+ name = accessor.GetName()
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ }
+ if err := validateNamespaceWithOptionalName(c.namespace, name); err != nil {
+ return nil, err
+ }
+
+ result := c.client.client.
+ Post().
+ AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ SetHeader("Content-Type", runtime.ContentTypeJSON).
+ Body(outBytes).
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+
+ retBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ uncastObj, err := runtime.Decode(unstructured.UnstructuredJSONScheme, retBytes)
+ if err != nil {
+ return nil, err
+ }
+ return uncastObj.(*unstructured.Unstructured), nil
+}
+
+func (c *dynamicResourceClient) Update(ctx context.Context, obj *unstructured.Unstructured, opts metav1.UpdateOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ accessor, err := meta.Accessor(obj)
+ if err != nil {
+ return nil, err
+ }
+ name := accessor.GetName()
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ if err := validateNamespaceWithOptionalName(c.namespace, name); err != nil {
+ return nil, err
+ }
+ outBytes, err := runtime.Encode(unstructured.UnstructuredJSONScheme, obj)
+ if err != nil {
+ return nil, err
+ }
+
+ result := c.client.client.
+ Put().
+ AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ SetHeader("Content-Type", runtime.ContentTypeJSON).
+ Body(outBytes).
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+
+ retBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ uncastObj, err := runtime.Decode(unstructured.UnstructuredJSONScheme, retBytes)
+ if err != nil {
+ return nil, err
+ }
+ return uncastObj.(*unstructured.Unstructured), nil
+}
+
+func (c *dynamicResourceClient) UpdateStatus(ctx context.Context, obj *unstructured.Unstructured, opts metav1.UpdateOptions) (*unstructured.Unstructured, error) {
+ accessor, err := meta.Accessor(obj)
+ if err != nil {
+ return nil, err
+ }
+ name := accessor.GetName()
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ if err := validateNamespaceWithOptionalName(c.namespace, name); err != nil {
+ return nil, err
+ }
+ outBytes, err := runtime.Encode(unstructured.UnstructuredJSONScheme, obj)
+ if err != nil {
+ return nil, err
+ }
+
+ result := c.client.client.
+ Put().
+ AbsPath(append(c.makeURLSegments(name), "status")...).
+ SetHeader("Content-Type", runtime.ContentTypeJSON).
+ Body(outBytes).
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+
+ retBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ uncastObj, err := runtime.Decode(unstructured.UnstructuredJSONScheme, retBytes)
+ if err != nil {
+ return nil, err
+ }
+ return uncastObj.(*unstructured.Unstructured), nil
+}
+
+func (c *dynamicResourceClient) Delete(ctx context.Context, name string, opts metav1.DeleteOptions, subresources ...string) error {
+ if len(name) == 0 {
+ return fmt.Errorf("name is required")
+ }
+ if err := validateNamespaceWithOptionalName(c.namespace, name); err != nil {
+ return err
+ }
+ deleteOptionsByte, err := runtime.Encode(deleteOptionsCodec.LegacyCodec(schema.GroupVersion{Version: "v1"}), &opts)
+ if err != nil {
+ return err
+ }
+
+ result := c.client.client.
+ Delete().
+ AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ SetHeader("Content-Type", runtime.ContentTypeJSON).
+ Body(deleteOptionsByte).
+ Do(ctx)
+ return result.Error()
+}
+
+func (c *dynamicResourceClient) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOptions metav1.ListOptions) error {
+ if err := validateNamespaceWithOptionalName(c.namespace); err != nil {
+ return err
+ }
+
+ deleteOptionsByte, err := runtime.Encode(deleteOptionsCodec.LegacyCodec(schema.GroupVersion{Version: "v1"}), &opts)
+ if err != nil {
+ return err
+ }
+
+ result := c.client.client.
+ Delete().
+ AbsPath(c.makeURLSegments("")...).
+ SetHeader("Content-Type", runtime.ContentTypeJSON).
+ Body(deleteOptionsByte).
+ SpecificallyVersionedParams(&listOptions, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ return result.Error()
+}
+
+func (c *dynamicResourceClient) Get(ctx context.Context, name string, opts metav1.GetOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ if err := validateNamespaceWithOptionalName(c.namespace, name); err != nil {
+ return nil, err
+ }
+ result := c.client.client.Get().AbsPath(append(c.makeURLSegments(name), subresources...)...).SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+ retBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ uncastObj, err := runtime.Decode(unstructured.UnstructuredJSONScheme, retBytes)
+ if err != nil {
+ return nil, err
+ }
+ return uncastObj.(*unstructured.Unstructured), nil
+}
+
+func (c *dynamicResourceClient) List(ctx context.Context, opts metav1.ListOptions) (*unstructured.UnstructuredList, error) {
+ if err := validateNamespaceWithOptionalName(c.namespace); err != nil {
+ return nil, err
+ }
+ result := c.client.client.Get().AbsPath(c.makeURLSegments("")...).SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+ retBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ uncastObj, err := runtime.Decode(unstructured.UnstructuredJSONScheme, retBytes)
+ if err != nil {
+ return nil, err
+ }
+ if list, ok := uncastObj.(*unstructured.UnstructuredList); ok {
+ return list, nil
+ }
+
+ list, err := uncastObj.(*unstructured.Unstructured).ToList()
+ if err != nil {
+ return nil, err
+ }
+ return list, nil
+}
+
+func (c *dynamicResourceClient) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
+ opts.Watch = true
+ if err := validateNamespaceWithOptionalName(c.namespace); err != nil {
+ return nil, err
+ }
+ return c.client.client.Get().AbsPath(c.makeURLSegments("")...).
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Watch(ctx)
+}
+
+func (c *dynamicResourceClient) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ if err := validateNamespaceWithOptionalName(c.namespace, name); err != nil {
+ return nil, err
+ }
+ result := c.client.client.
+ Patch(pt).
+ AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ Body(data).
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+ retBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ uncastObj, err := runtime.Decode(unstructured.UnstructuredJSONScheme, retBytes)
+ if err != nil {
+ return nil, err
+ }
+ return uncastObj.(*unstructured.Unstructured), nil
+}
+
+func (c *dynamicResourceClient) Apply(ctx context.Context, name string, obj *unstructured.Unstructured, opts metav1.ApplyOptions, subresources ...string) (*unstructured.Unstructured, error) {
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ if err := validateNamespaceWithOptionalName(c.namespace, name); err != nil {
+ return nil, err
+ }
+ outBytes, err := runtime.Encode(unstructured.UnstructuredJSONScheme, obj)
+ if err != nil {
+ return nil, err
+ }
+ accessor, err := meta.Accessor(obj)
+ if err != nil {
+ return nil, err
+ }
+ managedFields := accessor.GetManagedFields()
+ if len(managedFields) > 0 {
+ return nil, fmt.Errorf(`cannot apply an object with managed fields already set.
+ Use the client-go/applyconfigurations "UnstructructuredExtractor" to obtain the unstructured ApplyConfiguration for the given field manager that you can use/modify here to apply`)
+ }
+ patchOpts := opts.ToPatchOptions()
+
+ result := c.client.client.
+ Patch(types.ApplyPatchType).
+ AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ Body(outBytes).
+ SpecificallyVersionedParams(&patchOpts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+ retBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ uncastObj, err := runtime.Decode(unstructured.UnstructuredJSONScheme, retBytes)
+ if err != nil {
+ return nil, err
+ }
+ return uncastObj.(*unstructured.Unstructured), nil
+}
+func (c *dynamicResourceClient) ApplyStatus(ctx context.Context, name string, obj *unstructured.Unstructured, opts metav1.ApplyOptions) (*unstructured.Unstructured, error) {
+ return c.Apply(ctx, name, obj, opts, "status")
+}
+
+func validateNamespaceWithOptionalName(namespace string, name ...string) error {
+ if msgs := rest.IsValidPathSegmentName(namespace); len(msgs) != 0 {
+ return fmt.Errorf("invalid namespace %q: %v", namespace, msgs)
+ }
+ if len(name) > 1 {
+ panic("Invalid number of names")
+ } else if len(name) == 1 {
+ if msgs := rest.IsValidPathSegmentName(name[0]); len(msgs) != 0 {
+ return fmt.Errorf("invalid resource name %q: %v", name[0], msgs)
+ }
+ }
+ return nil
+}
+
+func (c *dynamicResourceClient) makeURLSegments(name string) []string {
+ url := []string{}
+ if len(c.resource.Group) == 0 {
+ url = append(url, "api")
+ } else {
+ url = append(url, "apis", c.resource.Group)
+ }
+ url = append(url, c.resource.Version)
+
+ if len(c.namespace) > 0 {
+ url = append(url, "namespaces", c.namespace)
+ }
+ url = append(url, c.resource.Resource)
+
+ if len(name) > 0 {
+ url = append(url, name)
+ }
+
+ return url
+}
diff --git a/vendor/k8s.io/client-go/metadata/interface.go b/vendor/k8s.io/client-go/metadata/interface.go
new file mode 100644
index 000000000..127c39501
--- /dev/null
+++ b/vendor/k8s.io/client-go/metadata/interface.go
@@ -0,0 +1,49 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package metadata
+
+import (
+ "context"
+
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/watch"
+)
+
+// Interface allows a caller to get the metadata (in the form of PartialObjectMetadata objects)
+// from any Kubernetes compatible resource API.
+type Interface interface {
+ Resource(resource schema.GroupVersionResource) Getter
+}
+
+// ResourceInterface contains the set of methods that may be invoked on objects by their metadata.
+// Update is not supported by the server, but Patch can be used for the actions Update would handle.
+type ResourceInterface interface {
+ Delete(ctx context.Context, name string, options metav1.DeleteOptions, subresources ...string) error
+ DeleteCollection(ctx context.Context, options metav1.DeleteOptions, listOptions metav1.ListOptions) error
+ Get(ctx context.Context, name string, options metav1.GetOptions, subresources ...string) (*metav1.PartialObjectMetadata, error)
+ List(ctx context.Context, opts metav1.ListOptions) (*metav1.PartialObjectMetadataList, error)
+ Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error)
+ Patch(ctx context.Context, name string, pt types.PatchType, data []byte, options metav1.PatchOptions, subresources ...string) (*metav1.PartialObjectMetadata, error)
+}
+
+// Getter handles both namespaced and non-namespaced resource types consistently.
+type Getter interface {
+ Namespace(string) ResourceInterface
+ ResourceInterface
+}
diff --git a/vendor/k8s.io/client-go/metadata/metadata.go b/vendor/k8s.io/client-go/metadata/metadata.go
new file mode 100644
index 000000000..2cc7e22ad
--- /dev/null
+++ b/vendor/k8s.io/client-go/metadata/metadata.go
@@ -0,0 +1,331 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package metadata
+
+import (
+ "context"
+ "encoding/json"
+ "fmt"
+ "net/http"
+ "time"
+
+ "k8s.io/klog/v2"
+
+ metainternalversionscheme "k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/watch"
+ "k8s.io/client-go/rest"
+)
+
+var deleteScheme = runtime.NewScheme()
+var parameterScheme = runtime.NewScheme()
+var deleteOptionsCodec = serializer.NewCodecFactory(deleteScheme)
+var dynamicParameterCodec = runtime.NewParameterCodec(parameterScheme)
+
+var versionV1 = schema.GroupVersion{Version: "v1"}
+
+func init() {
+ metav1.AddToGroupVersion(parameterScheme, versionV1)
+ metav1.AddToGroupVersion(deleteScheme, versionV1)
+}
+
+// Client allows callers to retrieve the object metadata for any
+// Kubernetes-compatible API endpoint. The client uses the
+// meta.k8s.io/v1 PartialObjectMetadata resource to more efficiently
+// retrieve just the necessary metadata, but on older servers
+// (Kubernetes 1.14 and before) will retrieve the object and then
+// convert the metadata.
+type Client struct {
+ client *rest.RESTClient
+}
+
+var _ Interface = &Client{}
+
+// ConfigFor returns a copy of the provided config with the
+// appropriate metadata client defaults set.
+func ConfigFor(inConfig *rest.Config) *rest.Config {
+ config := rest.CopyConfig(inConfig)
+ config.AcceptContentTypes = "application/vnd.kubernetes.protobuf,application/json"
+ config.ContentType = "application/vnd.kubernetes.protobuf"
+ config.NegotiatedSerializer = metainternalversionscheme.Codecs.WithoutConversion()
+ if config.UserAgent == "" {
+ config.UserAgent = rest.DefaultKubernetesUserAgent()
+ }
+ return config
+}
+
+// NewForConfigOrDie creates a new metadata client for the given config and
+// panics if there is an error in the config.
+func NewForConfigOrDie(c *rest.Config) Interface {
+ ret, err := NewForConfig(c)
+ if err != nil {
+ panic(err)
+ }
+ return ret
+}
+
+// NewForConfig creates a new metadata client that can retrieve object
+// metadata details about any Kubernetes object (core, aggregated, or custom
+// resource based) in the form of PartialObjectMetadata objects, or returns
+// an error.
+// NewForConfig is equivalent to NewForConfigAndClient(c, httpClient),
+// where httpClient was generated with rest.HTTPClientFor(c).
+func NewForConfig(inConfig *rest.Config) (Interface, error) {
+ config := ConfigFor(inConfig)
+
+ httpClient, err := rest.HTTPClientFor(config)
+ if err != nil {
+ return nil, err
+ }
+ return NewForConfigAndClient(config, httpClient)
+}
+
+// NewForConfigAndClient creates a new metadata client for the given config and http client.
+// Note the http client provided takes precedence over the configured transport values.
+func NewForConfigAndClient(inConfig *rest.Config, h *http.Client) (Interface, error) {
+ config := ConfigFor(inConfig)
+ // for serializing the options
+ config.GroupVersion = &schema.GroupVersion{}
+ config.APIPath = "/this-value-should-never-be-sent"
+
+ restClient, err := rest.RESTClientForConfigAndClient(config, h)
+ if err != nil {
+ return nil, err
+ }
+
+ return &Client{client: restClient}, nil
+}
+
+type client struct {
+ client *Client
+ namespace string
+ resource schema.GroupVersionResource
+}
+
+// Resource returns an interface that can access cluster or namespace
+// scoped instances of resource.
+func (c *Client) Resource(resource schema.GroupVersionResource) Getter {
+ return &client{client: c, resource: resource}
+}
+
+// Namespace returns an interface that can access namespace-scoped instances of the
+// provided resource.
+func (c *client) Namespace(ns string) ResourceInterface {
+ ret := *c
+ ret.namespace = ns
+ return &ret
+}
+
+// Delete removes the provided resource from the server.
+func (c *client) Delete(ctx context.Context, name string, opts metav1.DeleteOptions, subresources ...string) error {
+ if len(name) == 0 {
+ return fmt.Errorf("name is required")
+ }
+ // if DeleteOptions are delivered to Negotiator for serialization,
+ // HTTP-Request header will bring "Content-Type: application/vnd.kubernetes.protobuf"
+ // apiextensions-apiserver uses unstructuredNegotiatedSerializer to decode the input,
+ // server-side will reply with 406 errors.
+ // The special treatment here is to be compatible with CRD Handler
+ // see: https://github.com/kubernetes/kubernetes/blob/1a845ccd076bbf1b03420fe694c85a5cd3bd6bed/staging/src/k8s.io/apiextensions-apiserver/pkg/apiserver/customresource_handler.go#L843
+ deleteOptionsByte, err := runtime.Encode(deleteOptionsCodec.LegacyCodec(schema.GroupVersion{Version: "v1"}), &opts)
+ if err != nil {
+ return err
+ }
+
+ result := c.client.client.
+ Delete().
+ AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ SetHeader("Content-Type", runtime.ContentTypeJSON).
+ Body(deleteOptionsByte).
+ Do(ctx)
+ return result.Error()
+}
+
+// DeleteCollection triggers deletion of all resources in the specified scope (namespace or cluster).
+func (c *client) DeleteCollection(ctx context.Context, opts metav1.DeleteOptions, listOptions metav1.ListOptions) error {
+ // See comment on Delete
+ deleteOptionsByte, err := runtime.Encode(deleteOptionsCodec.LegacyCodec(schema.GroupVersion{Version: "v1"}), &opts)
+ if err != nil {
+ return err
+ }
+
+ result := c.client.client.
+ Delete().
+ AbsPath(c.makeURLSegments("")...).
+ SetHeader("Content-Type", runtime.ContentTypeJSON).
+ Body(deleteOptionsByte).
+ SpecificallyVersionedParams(&listOptions, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ return result.Error()
+}
+
+// Get returns the resource with name from the specified scope (namespace or cluster).
+func (c *client) Get(ctx context.Context, name string, opts metav1.GetOptions, subresources ...string) (*metav1.PartialObjectMetadata, error) {
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ result := c.client.client.Get().AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ SetHeader("Accept", "application/vnd.kubernetes.protobuf;as=PartialObjectMetadata;g=meta.k8s.io;v=v1,application/json;as=PartialObjectMetadata;g=meta.k8s.io;v=v1,application/json").
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+ obj, err := result.Get()
+ if runtime.IsNotRegisteredError(err) {
+ klog.FromContext(ctx).V(5).Info("Could not retrieve PartialObjectMetadata", "err", err)
+ rawBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ var partial metav1.PartialObjectMetadata
+ if err := json.Unmarshal(rawBytes, &partial); err != nil {
+ return nil, fmt.Errorf("unable to decode returned object as PartialObjectMetadata: %v", err)
+ }
+ if !isLikelyObjectMetadata(&partial) {
+ return nil, fmt.Errorf("object does not appear to match the ObjectMeta schema: %#v", partial)
+ }
+ partial.TypeMeta = metav1.TypeMeta{}
+ return &partial, nil
+ }
+ if err != nil {
+ return nil, err
+ }
+ partial, ok := obj.(*metav1.PartialObjectMetadata)
+ if !ok {
+ return nil, fmt.Errorf("unexpected object, expected PartialObjectMetadata but got %T", obj)
+ }
+ return partial, nil
+}
+
+// List returns all resources within the specified scope (namespace or cluster).
+func (c *client) List(ctx context.Context, opts metav1.ListOptions) (*metav1.PartialObjectMetadataList, error) {
+ result := c.client.client.Get().AbsPath(c.makeURLSegments("")...).
+ SetHeader("Accept", "application/vnd.kubernetes.protobuf;as=PartialObjectMetadataList;g=meta.k8s.io;v=v1,application/json;as=PartialObjectMetadataList;g=meta.k8s.io;v=v1,application/json").
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+ obj, err := result.Get()
+ if runtime.IsNotRegisteredError(err) {
+ klog.FromContext(ctx).V(5).Info("Could not retrieve PartialObjectMetadataList", "err", err)
+ rawBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ var partial metav1.PartialObjectMetadataList
+ if err := json.Unmarshal(rawBytes, &partial); err != nil {
+ return nil, fmt.Errorf("unable to decode returned object as PartialObjectMetadataList: %v", err)
+ }
+ partial.TypeMeta = metav1.TypeMeta{}
+ return &partial, nil
+ }
+ if err != nil {
+ return nil, err
+ }
+ partial, ok := obj.(*metav1.PartialObjectMetadataList)
+ if !ok {
+ return nil, fmt.Errorf("unexpected object, expected PartialObjectMetadata but got %T", obj)
+ }
+ return partial, nil
+}
+
+// Watch finds all changes to the resources in the specified scope (namespace or cluster).
+func (c *client) Watch(ctx context.Context, opts metav1.ListOptions) (watch.Interface, error) {
+ var timeout time.Duration
+ if opts.TimeoutSeconds != nil {
+ timeout = time.Duration(*opts.TimeoutSeconds) * time.Second
+ }
+ opts.Watch = true
+ return c.client.client.Get().
+ AbsPath(c.makeURLSegments("")...).
+ SetHeader("Accept", "application/vnd.kubernetes.protobuf;as=PartialObjectMetadata;g=meta.k8s.io;v=v1,application/json;as=PartialObjectMetadata;g=meta.k8s.io;v=v1,application/json").
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Timeout(timeout).
+ Watch(ctx)
+}
+
+// Patch modifies the named resource in the specified scope (namespace or cluster).
+func (c *client) Patch(ctx context.Context, name string, pt types.PatchType, data []byte, opts metav1.PatchOptions, subresources ...string) (*metav1.PartialObjectMetadata, error) {
+ if len(name) == 0 {
+ return nil, fmt.Errorf("name is required")
+ }
+ result := c.client.client.
+ Patch(pt).
+ AbsPath(append(c.makeURLSegments(name), subresources...)...).
+ Body(data).
+ SetHeader("Accept", "application/vnd.kubernetes.protobuf;as=PartialObjectMetadata;g=meta.k8s.io;v=v1,application/json;as=PartialObjectMetadata;g=meta.k8s.io;v=v1,application/json").
+ SpecificallyVersionedParams(&opts, dynamicParameterCodec, versionV1).
+ Do(ctx)
+ if err := result.Error(); err != nil {
+ return nil, err
+ }
+ obj, err := result.Get()
+ if runtime.IsNotRegisteredError(err) {
+ rawBytes, err := result.Raw()
+ if err != nil {
+ return nil, err
+ }
+ var partial metav1.PartialObjectMetadata
+ if err := json.Unmarshal(rawBytes, &partial); err != nil {
+ return nil, fmt.Errorf("unable to decode returned object as PartialObjectMetadata: %v", err)
+ }
+ if !isLikelyObjectMetadata(&partial) {
+ return nil, fmt.Errorf("object does not appear to match the ObjectMeta schema")
+ }
+ partial.TypeMeta = metav1.TypeMeta{}
+ return &partial, nil
+ }
+ if err != nil {
+ return nil, err
+ }
+ partial, ok := obj.(*metav1.PartialObjectMetadata)
+ if !ok {
+ return nil, fmt.Errorf("unexpected object, expected PartialObjectMetadata but got %T", obj)
+ }
+ return partial, nil
+}
+
+func (c *client) makeURLSegments(name string) []string {
+ url := []string{}
+ if len(c.resource.Group) == 0 {
+ url = append(url, "api")
+ } else {
+ url = append(url, "apis", c.resource.Group)
+ }
+ url = append(url, c.resource.Version)
+
+ if len(c.namespace) > 0 {
+ url = append(url, "namespaces", c.namespace)
+ }
+ url = append(url, c.resource.Resource)
+
+ if len(name) > 0 {
+ url = append(url, name)
+ }
+
+ return url
+}
+
+func isLikelyObjectMetadata(meta *metav1.PartialObjectMetadata) bool {
+ return len(meta.UID) > 0 || !meta.CreationTimestamp.IsZero() || len(meta.Name) > 0 || len(meta.GenerateName) > 0
+}
diff --git a/vendor/k8s.io/client-go/restmapper/category_expansion.go b/vendor/k8s.io/client-go/restmapper/category_expansion.go
new file mode 100644
index 000000000..484e4c839
--- /dev/null
+++ b/vendor/k8s.io/client-go/restmapper/category_expansion.go
@@ -0,0 +1,119 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package restmapper
+
+import (
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/client-go/discovery"
+)
+
+// CategoryExpander maps category strings to GroupResources.
+// Categories are classification or 'tag' of a group of resources.
+type CategoryExpander interface {
+ Expand(category string) ([]schema.GroupResource, bool)
+}
+
+// SimpleCategoryExpander implements CategoryExpander interface
+// using a static mapping of categories to GroupResource mapping.
+type SimpleCategoryExpander struct {
+ Expansions map[string][]schema.GroupResource
+}
+
+// Expand fulfills CategoryExpander
+func (e SimpleCategoryExpander) Expand(category string) ([]schema.GroupResource, bool) {
+ ret, ok := e.Expansions[category]
+ return ret, ok
+}
+
+// discoveryCategoryExpander struct lets a REST Client wrapper (discoveryClient) to retrieve list of APIResourceList,
+// and then convert to fallbackExpander
+type discoveryCategoryExpander struct {
+ discoveryClient discovery.DiscoveryInterface
+}
+
+// NewDiscoveryCategoryExpander returns a category expander that makes use of the "categories" fields from
+// the API, found through the discovery client. In case of any error or no category found (which likely
+// means we're at a cluster prior to categories support, fallback to the expander provided.
+func NewDiscoveryCategoryExpander(client discovery.DiscoveryInterface) CategoryExpander {
+ if client == nil {
+ panic("Please provide discovery client to shortcut expander")
+ }
+ return discoveryCategoryExpander{discoveryClient: client}
+}
+
+// Expand fulfills CategoryExpander
+func (e discoveryCategoryExpander) Expand(category string) ([]schema.GroupResource, bool) {
+ // Get all supported resources for groups and versions from server, if no resource found, fallback anyway.
+ _, apiResourceLists, _ := e.discoveryClient.ServerGroupsAndResources()
+ if len(apiResourceLists) == 0 {
+ return nil, false
+ }
+
+ discoveredExpansions := map[string][]schema.GroupResource{}
+ for _, apiResourceList := range apiResourceLists {
+ gv, err := schema.ParseGroupVersion(apiResourceList.GroupVersion)
+ if err != nil {
+ continue
+ }
+ // Collect GroupVersions by categories
+ for _, apiResource := range apiResourceList.APIResources {
+ if categories := apiResource.Categories; len(categories) > 0 {
+ for _, category := range categories {
+ groupResource := schema.GroupResource{
+ Group: gv.Group,
+ Resource: apiResource.Name,
+ }
+ discoveredExpansions[category] = append(discoveredExpansions[category], groupResource)
+ }
+ }
+ }
+ }
+
+ ret, ok := discoveredExpansions[category]
+ return ret, ok
+}
+
+// UnionCategoryExpander implements CategoryExpander interface.
+// It maps given category string to union of expansions returned by all the CategoryExpanders in the list.
+type UnionCategoryExpander []CategoryExpander
+
+// Expand fulfills CategoryExpander
+func (u UnionCategoryExpander) Expand(category string) ([]schema.GroupResource, bool) {
+ ret := []schema.GroupResource{}
+ ok := false
+
+ // Expand the category for each CategoryExpander in the list and merge/combine the results.
+ for _, expansion := range u {
+ curr, currOk := expansion.Expand(category)
+
+ for _, currGR := range curr {
+ found := false
+ for _, existing := range ret {
+ if existing == currGR {
+ found = true
+ break
+ }
+ }
+ if !found {
+ ret = append(ret, currGR)
+ }
+ }
+ ok = ok || currOk
+ }
+
+ return ret, ok
+}
diff --git a/vendor/k8s.io/client-go/restmapper/discovery.go b/vendor/k8s.io/client-go/restmapper/discovery.go
new file mode 100644
index 000000000..3505178b6
--- /dev/null
+++ b/vendor/k8s.io/client-go/restmapper/discovery.go
@@ -0,0 +1,338 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package restmapper
+
+import (
+ "fmt"
+ "strings"
+ "sync"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/client-go/discovery"
+
+ "k8s.io/klog/v2"
+)
+
+// APIGroupResources is an API group with a mapping of versions to
+// resources.
+type APIGroupResources struct {
+ Group metav1.APIGroup
+ // A mapping of version string to a slice of APIResources for
+ // that version.
+ VersionedResources map[string][]metav1.APIResource
+}
+
+// NewDiscoveryRESTMapper returns a PriorityRESTMapper based on the discovered
+// groups and resources passed in.
+func NewDiscoveryRESTMapper(groupResources []*APIGroupResources) meta.RESTMapper {
+ unionMapper := meta.MultiRESTMapper{}
+
+ var groupPriority []string
+ // /v1 is special. It should always come first
+ resourcePriority := []schema.GroupVersionResource{{Group: "", Version: "v1", Resource: meta.AnyResource}}
+ kindPriority := []schema.GroupVersionKind{{Group: "", Version: "v1", Kind: meta.AnyKind}}
+
+ for _, group := range groupResources {
+ groupPriority = append(groupPriority, group.Group.Name)
+
+ // Make sure the preferred version comes first
+ if len(group.Group.PreferredVersion.Version) != 0 {
+ preferred := group.Group.PreferredVersion.Version
+ if _, ok := group.VersionedResources[preferred]; ok {
+ resourcePriority = append(resourcePriority, schema.GroupVersionResource{
+ Group: group.Group.Name,
+ Version: group.Group.PreferredVersion.Version,
+ Resource: meta.AnyResource,
+ })
+
+ kindPriority = append(kindPriority, schema.GroupVersionKind{
+ Group: group.Group.Name,
+ Version: group.Group.PreferredVersion.Version,
+ Kind: meta.AnyKind,
+ })
+ }
+ }
+
+ for _, discoveryVersion := range group.Group.Versions {
+ resources, ok := group.VersionedResources[discoveryVersion.Version]
+ if !ok {
+ continue
+ }
+
+ // Add non-preferred versions after the preferred version, in case there are resources that only exist in those versions
+ if discoveryVersion.Version != group.Group.PreferredVersion.Version {
+ resourcePriority = append(resourcePriority, schema.GroupVersionResource{
+ Group: group.Group.Name,
+ Version: discoveryVersion.Version,
+ Resource: meta.AnyResource,
+ })
+
+ kindPriority = append(kindPriority, schema.GroupVersionKind{
+ Group: group.Group.Name,
+ Version: discoveryVersion.Version,
+ Kind: meta.AnyKind,
+ })
+ }
+
+ gv := schema.GroupVersion{Group: group.Group.Name, Version: discoveryVersion.Version}
+ versionMapper := meta.NewDefaultRESTMapper([]schema.GroupVersion{gv})
+
+ for _, resource := range resources {
+ scope := meta.RESTScopeNamespace
+ if !resource.Namespaced {
+ scope = meta.RESTScopeRoot
+ }
+
+ // if we have a slash, then this is a subresource and we shouldn't create mappings for those.
+ if strings.Contains(resource.Name, "/") {
+ continue
+ }
+
+ plural := gv.WithResource(resource.Name)
+ singular := gv.WithResource(resource.SingularName)
+ // this is for legacy resources and servers which don't list singular forms. For those we must still guess.
+ if len(resource.SingularName) == 0 {
+ _, singular = meta.UnsafeGuessKindToResource(gv.WithKind(resource.Kind))
+ }
+
+ versionMapper.AddSpecific(gv.WithKind(strings.ToLower(resource.Kind)), plural, singular, scope)
+ versionMapper.AddSpecific(gv.WithKind(resource.Kind), plural, singular, scope)
+ // TODO this is producing unsafe guesses that don't actually work, but it matches previous behavior
+ versionMapper.Add(gv.WithKind(resource.Kind+"List"), scope)
+ }
+ // TODO why is this type not in discovery (at least for "v1")
+ versionMapper.Add(gv.WithKind("List"), meta.RESTScopeRoot)
+ unionMapper = append(unionMapper, versionMapper)
+ }
+ }
+
+ for _, group := range groupPriority {
+ resourcePriority = append(resourcePriority, schema.GroupVersionResource{
+ Group: group,
+ Version: meta.AnyVersion,
+ Resource: meta.AnyResource,
+ })
+ kindPriority = append(kindPriority, schema.GroupVersionKind{
+ Group: group,
+ Version: meta.AnyVersion,
+ Kind: meta.AnyKind,
+ })
+ }
+
+ return meta.PriorityRESTMapper{
+ Delegate: unionMapper,
+ ResourcePriority: resourcePriority,
+ KindPriority: kindPriority,
+ }
+}
+
+// GetAPIGroupResources uses the provided discovery client to gather
+// discovery information and populate a slice of APIGroupResources.
+func GetAPIGroupResources(cl discovery.DiscoveryInterface) ([]*APIGroupResources, error) {
+ gs, rs, err := cl.ServerGroupsAndResources()
+ if rs == nil || gs == nil {
+ return nil, err
+ // TODO track the errors and update callers to handle partial errors.
+ }
+ rsm := map[string]*metav1.APIResourceList{}
+ for _, r := range rs {
+ rsm[r.GroupVersion] = r
+ }
+
+ var result []*APIGroupResources
+ for _, group := range gs {
+ groupResources := &APIGroupResources{
+ Group: *group,
+ VersionedResources: make(map[string][]metav1.APIResource),
+ }
+ for _, version := range group.Versions {
+ resources, ok := rsm[version.GroupVersion]
+ if !ok {
+ continue
+ }
+ groupResources.VersionedResources[version.Version] = resources.APIResources
+ }
+ result = append(result, groupResources)
+ }
+ return result, nil
+}
+
+// DeferredDiscoveryRESTMapper is a RESTMapper that will defer
+// initialization of the RESTMapper until the first mapping is
+// requested.
+type DeferredDiscoveryRESTMapper struct {
+ initMu sync.Mutex
+ delegate meta.RESTMapper
+ cl discovery.CachedDiscoveryInterface
+}
+
+// NewDeferredDiscoveryRESTMapper returns a
+// DeferredDiscoveryRESTMapper that will lazily query the provided
+// client for discovery information to do REST mappings.
+func NewDeferredDiscoveryRESTMapper(cl discovery.CachedDiscoveryInterface) *DeferredDiscoveryRESTMapper {
+ return &DeferredDiscoveryRESTMapper{
+ cl: cl,
+ }
+}
+
+func (d *DeferredDiscoveryRESTMapper) getDelegate() (meta.RESTMapper, error) {
+ d.initMu.Lock()
+ defer d.initMu.Unlock()
+
+ if d.delegate != nil {
+ return d.delegate, nil
+ }
+
+ groupResources, err := GetAPIGroupResources(d.cl)
+ if err != nil {
+ return nil, err
+ }
+
+ d.delegate = NewDiscoveryRESTMapper(groupResources)
+ return d.delegate, nil
+}
+
+// Reset resets the internally cached Discovery information and will
+// cause the next mapping request to re-discover.
+func (d *DeferredDiscoveryRESTMapper) Reset() {
+ klog.V(5).Info("Invalidating discovery information")
+
+ d.initMu.Lock()
+ defer d.initMu.Unlock()
+
+ d.cl.Invalidate()
+ d.delegate = nil
+}
+
+// KindFor takes a partial resource and returns back the single match.
+// It returns an error if there are multiple matches.
+func (d *DeferredDiscoveryRESTMapper) KindFor(resource schema.GroupVersionResource) (gvk schema.GroupVersionKind, err error) {
+ del, err := d.getDelegate()
+ if err != nil {
+ return schema.GroupVersionKind{}, err
+ }
+ gvk, err = del.KindFor(resource)
+ if err != nil && !d.cl.Fresh() {
+ d.Reset()
+ gvk, err = d.KindFor(resource)
+ }
+ return
+}
+
+// KindsFor takes a partial resource and returns back the list of
+// potential kinds in priority order.
+func (d *DeferredDiscoveryRESTMapper) KindsFor(resource schema.GroupVersionResource) (gvks []schema.GroupVersionKind, err error) {
+ del, err := d.getDelegate()
+ if err != nil {
+ return nil, err
+ }
+ gvks, err = del.KindsFor(resource)
+ if len(gvks) == 0 && !d.cl.Fresh() {
+ d.Reset()
+ gvks, err = d.KindsFor(resource)
+ }
+ return
+}
+
+// ResourceFor takes a partial resource and returns back the single
+// match. It returns an error if there are multiple matches.
+func (d *DeferredDiscoveryRESTMapper) ResourceFor(input schema.GroupVersionResource) (gvr schema.GroupVersionResource, err error) {
+ del, err := d.getDelegate()
+ if err != nil {
+ return schema.GroupVersionResource{}, err
+ }
+ gvr, err = del.ResourceFor(input)
+ if err != nil && !d.cl.Fresh() {
+ d.Reset()
+ gvr, err = d.ResourceFor(input)
+ }
+ return
+}
+
+// ResourcesFor takes a partial resource and returns back the list of
+// potential resource in priority order.
+func (d *DeferredDiscoveryRESTMapper) ResourcesFor(input schema.GroupVersionResource) (gvrs []schema.GroupVersionResource, err error) {
+ del, err := d.getDelegate()
+ if err != nil {
+ return nil, err
+ }
+ gvrs, err = del.ResourcesFor(input)
+ if len(gvrs) == 0 && !d.cl.Fresh() {
+ d.Reset()
+ gvrs, err = d.ResourcesFor(input)
+ }
+ return
+}
+
+// RESTMapping identifies a preferred resource mapping for the
+// provided group kind.
+func (d *DeferredDiscoveryRESTMapper) RESTMapping(gk schema.GroupKind, versions ...string) (m *meta.RESTMapping, err error) {
+ del, err := d.getDelegate()
+ if err != nil {
+ return nil, err
+ }
+ m, err = del.RESTMapping(gk, versions...)
+ if err != nil && !d.cl.Fresh() {
+ d.Reset()
+ m, err = d.RESTMapping(gk, versions...)
+ }
+ return
+}
+
+// RESTMappings returns the RESTMappings for the provided group kind
+// in a rough internal preferred order. If no kind is found, it will
+// return a NoResourceMatchError.
+func (d *DeferredDiscoveryRESTMapper) RESTMappings(gk schema.GroupKind, versions ...string) (ms []*meta.RESTMapping, err error) {
+ del, err := d.getDelegate()
+ if err != nil {
+ return nil, err
+ }
+ ms, err = del.RESTMappings(gk, versions...)
+ if len(ms) == 0 && !d.cl.Fresh() {
+ d.Reset()
+ ms, err = d.RESTMappings(gk, versions...)
+ }
+ return
+}
+
+// ResourceSingularizer converts a resource name from plural to
+// singular (e.g., from pods to pod).
+func (d *DeferredDiscoveryRESTMapper) ResourceSingularizer(resource string) (singular string, err error) {
+ del, err := d.getDelegate()
+ if err != nil {
+ return resource, err
+ }
+ singular, err = del.ResourceSingularizer(resource)
+ if err != nil && !d.cl.Fresh() {
+ d.Reset()
+ singular, err = d.ResourceSingularizer(resource)
+ }
+ return
+}
+
+func (d *DeferredDiscoveryRESTMapper) String() string {
+ del, err := d.getDelegate()
+ if err != nil {
+ return fmt.Sprintf("DeferredDiscoveryRESTMapper{%v}", err)
+ }
+ return fmt.Sprintf("DeferredDiscoveryRESTMapper{\n\t%v\n}", del)
+}
+
+// Make sure it satisfies the interface
+var _ meta.ResettableRESTMapper = &DeferredDiscoveryRESTMapper{}
diff --git a/vendor/k8s.io/client-go/restmapper/shortcut.go b/vendor/k8s.io/client-go/restmapper/shortcut.go
new file mode 100644
index 000000000..0afc8689d
--- /dev/null
+++ b/vendor/k8s.io/client-go/restmapper/shortcut.go
@@ -0,0 +1,211 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package restmapper
+
+import (
+ "fmt"
+ "strings"
+
+ "k8s.io/klog/v2"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/client-go/discovery"
+)
+
+// shortcutExpander is a RESTMapper that can be used for Kubernetes resources. It expands the resource first, then invokes the wrapped
+type shortcutExpander struct {
+ RESTMapper meta.RESTMapper
+
+ discoveryClient discovery.DiscoveryInterface
+
+ warningHandler func(string)
+}
+
+var _ meta.ResettableRESTMapper = shortcutExpander{}
+
+// NewShortcutExpander wraps a restmapper in a layer that expands shortcuts found via discovery
+func NewShortcutExpander(delegate meta.RESTMapper, client discovery.DiscoveryInterface, warningHandler func(string)) meta.RESTMapper {
+ return shortcutExpander{RESTMapper: delegate, discoveryClient: client, warningHandler: warningHandler}
+}
+
+// KindFor fulfills meta.RESTMapper
+func (e shortcutExpander) KindFor(resource schema.GroupVersionResource) (schema.GroupVersionKind, error) {
+ // expandResourceShortcut works with current API resources as read from discovery cache.
+ // In case of new CRDs this means we potentially don't have current state of discovery.
+ // In the current wiring in k8s.io/cli-runtime/pkg/genericclioptions/config_flags.go#toRESTMapper,
+ // we are using DeferredDiscoveryRESTMapper which on KindFor failure will clear the
+ // cache and fetch all data from a cluster (see k8s.io/client-go/restmapper/discovery.go#KindFor).
+ // Thus another call to expandResourceShortcut, after a NoMatchError should successfully
+ // read Kind to the user or an error.
+ gvk, err := e.RESTMapper.KindFor(e.expandResourceShortcut(resource))
+ if meta.IsNoMatchError(err) {
+ return e.RESTMapper.KindFor(e.expandResourceShortcut(resource))
+ }
+ return gvk, err
+}
+
+// KindsFor fulfills meta.RESTMapper
+func (e shortcutExpander) KindsFor(resource schema.GroupVersionResource) ([]schema.GroupVersionKind, error) {
+ return e.RESTMapper.KindsFor(e.expandResourceShortcut(resource))
+}
+
+// ResourcesFor fulfills meta.RESTMapper
+func (e shortcutExpander) ResourcesFor(resource schema.GroupVersionResource) ([]schema.GroupVersionResource, error) {
+ return e.RESTMapper.ResourcesFor(e.expandResourceShortcut(resource))
+}
+
+// ResourceFor fulfills meta.RESTMapper
+func (e shortcutExpander) ResourceFor(resource schema.GroupVersionResource) (schema.GroupVersionResource, error) {
+ return e.RESTMapper.ResourceFor(e.expandResourceShortcut(resource))
+}
+
+// ResourceSingularizer fulfills meta.RESTMapper
+func (e shortcutExpander) ResourceSingularizer(resource string) (string, error) {
+ return e.RESTMapper.ResourceSingularizer(e.expandResourceShortcut(schema.GroupVersionResource{Resource: resource}).Resource)
+}
+
+// RESTMapping fulfills meta.RESTMapper
+func (e shortcutExpander) RESTMapping(gk schema.GroupKind, versions ...string) (*meta.RESTMapping, error) {
+ return e.RESTMapper.RESTMapping(gk, versions...)
+}
+
+// RESTMappings fulfills meta.RESTMapper
+func (e shortcutExpander) RESTMappings(gk schema.GroupKind, versions ...string) ([]*meta.RESTMapping, error) {
+ return e.RESTMapper.RESTMappings(gk, versions...)
+}
+
+// getShortcutMappings returns a set of tuples which holds short names for resources.
+// First the list of potential resources will be taken from the API server.
+// Next we will append the hardcoded list of resources - to be backward compatible with old servers.
+// NOTE that the list is ordered by group priority.
+func (e shortcutExpander) getShortcutMappings() ([]*metav1.APIResourceList, []resourceShortcuts, error) {
+ res := []resourceShortcuts{}
+ // get server resources
+ // This can return an error *and* the results it was able to find. We don't need to fail on the error.
+ _, apiResList, err := e.discoveryClient.ServerGroupsAndResources()
+ if err != nil {
+ klog.V(1).Infof("Error loading discovery information: %v", err)
+ }
+ for _, apiResources := range apiResList {
+ gv, err := schema.ParseGroupVersion(apiResources.GroupVersion)
+ if err != nil {
+ klog.V(1).Infof("Unable to parse groupversion = %s due to = %s", apiResources.GroupVersion, err.Error())
+ continue
+ }
+ for _, apiRes := range apiResources.APIResources {
+ for _, shortName := range apiRes.ShortNames {
+ rs := resourceShortcuts{
+ ShortForm: schema.GroupResource{Group: gv.Group, Resource: shortName},
+ LongForm: schema.GroupResource{Group: gv.Group, Resource: apiRes.Name},
+ }
+ res = append(res, rs)
+ }
+ }
+ }
+
+ return apiResList, res, nil
+}
+
+// expandResourceShortcut will return the expanded version of resource
+// (something that a pkg/api/meta.RESTMapper can understand), if it is
+// indeed a shortcut. If no match has been found, we will match on group prefixing.
+// Lastly we will return resource unmodified.
+func (e shortcutExpander) expandResourceShortcut(resource schema.GroupVersionResource) schema.GroupVersionResource {
+ // get the shortcut mappings and return on first match.
+ if allResources, shortcutResources, err := e.getShortcutMappings(); err == nil {
+ // avoid expanding if there's an exact match to a full resource name
+ for _, apiResources := range allResources {
+ gv, err := schema.ParseGroupVersion(apiResources.GroupVersion)
+ if err != nil {
+ continue
+ }
+ if len(resource.Group) != 0 && resource.Group != gv.Group {
+ continue
+ }
+ for _, apiRes := range apiResources.APIResources {
+ if resource.Resource == apiRes.Name {
+ return resource
+ }
+ if resource.Resource == apiRes.SingularName {
+ return resource
+ }
+ }
+ }
+
+ found := false
+ var rsc schema.GroupVersionResource
+ warnedAmbiguousShortcut := make(map[schema.GroupResource]bool)
+ for _, item := range shortcutResources {
+ if len(resource.Group) != 0 && resource.Group != item.ShortForm.Group {
+ continue
+ }
+ if resource.Resource == item.ShortForm.Resource {
+ if found {
+ if item.LongForm.Group == rsc.Group && item.LongForm.Resource == rsc.Resource {
+ // It is common and acceptable that group/resource has multiple
+ // versions registered in cluster. This does not introduce ambiguity
+ // in terms of shortname usage.
+ continue
+ }
+ if !warnedAmbiguousShortcut[item.LongForm] {
+ if e.warningHandler != nil {
+ e.warningHandler(fmt.Sprintf("short name %q could also match lower priority resource %s", resource.Resource, item.LongForm.String()))
+ }
+ warnedAmbiguousShortcut[item.LongForm] = true
+ }
+ continue
+ }
+ rsc.Resource = item.LongForm.Resource
+ rsc.Group = item.LongForm.Group
+ found = true
+ }
+ }
+ if found {
+ return rsc
+ }
+
+ // we didn't find exact match so match on group prefixing. This allows autoscal to match autoscaling
+ if len(resource.Group) == 0 {
+ return resource
+ }
+ for _, item := range shortcutResources {
+ if !strings.HasPrefix(item.ShortForm.Group, resource.Group) {
+ continue
+ }
+ if resource.Resource == item.ShortForm.Resource {
+ resource.Resource = item.LongForm.Resource
+ resource.Group = item.LongForm.Group
+ return resource
+ }
+ }
+ }
+
+ return resource
+}
+
+func (e shortcutExpander) Reset() {
+ meta.MaybeResetRESTMapper(e.RESTMapper)
+}
+
+// ResourceShortcuts represents a structure that holds the information how to
+// transition from resource's shortcut to its full name.
+type resourceShortcuts struct {
+ ShortForm schema.GroupResource
+ LongForm schema.GroupResource
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/OWNERS b/vendor/k8s.io/client-go/tools/remotecommand/OWNERS
new file mode 100644
index 000000000..307848307
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/OWNERS
@@ -0,0 +1,10 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+approvers:
+ - aojea
+ - liggitt
+ - seans3
+reviewers:
+ - aojea
+ - liggitt
+ - seans3
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/doc.go b/vendor/k8s.io/client-go/tools/remotecommand/doc.go
new file mode 100644
index 000000000..ac06a9cd3
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/doc.go
@@ -0,0 +1,20 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package remotecommand adds support for executing commands in containers,
+// with support for separate stdin, stdout, and stderr streams, as well as
+// TTY.
+package remotecommand // import "k8s.io/client-go/tools/remotecommand"
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/errorstream.go b/vendor/k8s.io/client-go/tools/remotecommand/errorstream.go
new file mode 100644
index 000000000..e60dd7cdc
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/errorstream.go
@@ -0,0 +1,54 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "fmt"
+ "io"
+
+ "k8s.io/apimachinery/pkg/util/runtime"
+)
+
+// errorStreamDecoder interprets the data on the error channel and creates a go error object from it.
+type errorStreamDecoder interface {
+ decode(message []byte) error
+}
+
+// watchErrorStream watches the errorStream for remote command error data,
+// decodes it with the given errorStreamDecoder, sends the decoded error (or nil if the remote
+// command exited successfully) to the returned error channel, and closes it.
+// This function returns immediately.
+func watchErrorStream(errorStream io.Reader, d errorStreamDecoder) chan error {
+ errorChan := make(chan error)
+
+ go func() {
+ defer runtime.HandleCrash()
+
+ message, err := io.ReadAll(errorStream)
+ switch {
+ case err != nil && err != io.EOF:
+ errorChan <- fmt.Errorf("error reading from error stream: %s", err)
+ case len(message) > 0:
+ errorChan <- d.decode(message)
+ default:
+ errorChan <- nil
+ }
+ close(errorChan)
+ }()
+
+ return errorChan
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/fallback.go b/vendor/k8s.io/client-go/tools/remotecommand/fallback.go
new file mode 100644
index 000000000..3efde3c58
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/fallback.go
@@ -0,0 +1,57 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "context"
+)
+
+var _ Executor = &FallbackExecutor{}
+
+type FallbackExecutor struct {
+ primary Executor
+ secondary Executor
+ shouldFallback func(error) bool
+}
+
+// NewFallbackExecutor creates an Executor that first attempts to use the
+// WebSocketExecutor, falling back to the legacy SPDYExecutor if the initial
+// websocket "StreamWithContext" call fails.
+// func NewFallbackExecutor(config *restclient.Config, method string, url *url.URL) (Executor, error) {
+func NewFallbackExecutor(primary, secondary Executor, shouldFallback func(error) bool) (Executor, error) {
+ return &FallbackExecutor{
+ primary: primary,
+ secondary: secondary,
+ shouldFallback: shouldFallback,
+ }, nil
+}
+
+// Stream is deprecated. Please use "StreamWithContext".
+func (f *FallbackExecutor) Stream(options StreamOptions) error {
+ return f.StreamWithContext(context.Background(), options)
+}
+
+// StreamWithContext initially attempts to call "StreamWithContext" using the
+// primary executor, falling back to calling the secondary executor if the
+// initial primary call to upgrade to a websocket connection fails.
+func (f *FallbackExecutor) StreamWithContext(ctx context.Context, options StreamOptions) error {
+ err := f.primary.StreamWithContext(ctx, options)
+ if f.shouldFallback(err) {
+ return f.secondary.StreamWithContext(ctx, options)
+ }
+ return err
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/reader.go b/vendor/k8s.io/client-go/tools/remotecommand/reader.go
new file mode 100644
index 000000000..d1f1be34c
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/reader.go
@@ -0,0 +1,41 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "io"
+)
+
+// readerWrapper delegates to an io.Reader so that only the io.Reader interface is implemented,
+// to keep io.Copy from doing things we don't want when copying from the reader to the data stream.
+//
+// If the Stdin io.Reader provided to remotecommand implements a WriteTo function (like bytes.Buffer does[1]),
+// io.Copy calls that method[2] to attempt to write the entire buffer to the stream in one call.
+// That results in an oversized call to spdystream.Stream#Write [3],
+// which results in a single oversized data frame[4] that is too large.
+//
+// [1] https://golang.org/pkg/bytes/#Buffer.WriteTo
+// [2] https://golang.org/pkg/io/#Copy
+// [3] https://github.com/kubernetes/kubernetes/blob/90295640ef87db9daa0144c5617afe889e7992b2/vendor/github.com/docker/spdystream/stream.go#L66-L73
+// [4] https://github.com/kubernetes/kubernetes/blob/90295640ef87db9daa0144c5617afe889e7992b2/vendor/github.com/docker/spdystream/spdy/write.go#L302-L304
+type readerWrapper struct {
+ reader io.Reader
+}
+
+func (r readerWrapper) Read(p []byte) (int, error) {
+ return r.reader.Read(p)
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/remotecommand.go b/vendor/k8s.io/client-go/tools/remotecommand/remotecommand.go
new file mode 100644
index 000000000..1ae67729b
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/remotecommand.go
@@ -0,0 +1,58 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "context"
+ "io"
+ "net/http"
+
+ "k8s.io/apimachinery/pkg/util/httpstream"
+)
+
+// StreamOptions holds information pertaining to the current streaming session:
+// input/output streams, if the client is requesting a TTY, and a terminal size queue to
+// support terminal resizing.
+type StreamOptions struct {
+ Stdin io.Reader
+ Stdout io.Writer
+ Stderr io.Writer
+ Tty bool
+ TerminalSizeQueue TerminalSizeQueue
+}
+
+// Executor is an interface for transporting shell-style streams.
+type Executor interface {
+ // Deprecated: use StreamWithContext instead to avoid possible resource leaks.
+ // See https://github.com/kubernetes/kubernetes/pull/103177 for details.
+ Stream(options StreamOptions) error
+
+ // StreamWithContext initiates the transport of the standard shell streams. It will
+ // transport any non-nil stream to a remote system, and return an error if a problem
+ // occurs. If tty is set, the stderr stream is not used (raw TTY manages stdout and
+ // stderr over the stdout stream).
+ // The context controls the entire lifetime of stream execution.
+ StreamWithContext(ctx context.Context, options StreamOptions) error
+}
+
+type streamCreator interface {
+ CreateStream(headers http.Header) (httpstream.Stream, error)
+}
+
+type streamProtocolHandler interface {
+ stream(conn streamCreator) error
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/resize.go b/vendor/k8s.io/client-go/tools/remotecommand/resize.go
new file mode 100644
index 000000000..c838f21ba
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/resize.go
@@ -0,0 +1,33 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+// TerminalSize and TerminalSizeQueue was a part of k8s.io/kubernetes/pkg/util/term
+// and were moved in order to decouple client from other term dependencies
+
+// TerminalSize represents the width and height of a terminal.
+type TerminalSize struct {
+ Width uint16
+ Height uint16
+}
+
+// TerminalSizeQueue is capable of returning terminal resize events as they occur.
+type TerminalSizeQueue interface {
+ // Next returns the new terminal size after the terminal has been resized. It returns nil when
+ // monitoring has been stopped.
+ Next() *TerminalSize
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/spdy.go b/vendor/k8s.io/client-go/tools/remotecommand/spdy.go
new file mode 100644
index 000000000..c2bfcf8a6
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/spdy.go
@@ -0,0 +1,171 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "context"
+ "fmt"
+ "net/http"
+ "net/url"
+
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/apimachinery/pkg/util/remotecommand"
+ restclient "k8s.io/client-go/rest"
+ "k8s.io/client-go/transport/spdy"
+ "k8s.io/klog/v2"
+)
+
+// spdyStreamExecutor handles transporting standard shell streams over an httpstream connection.
+type spdyStreamExecutor struct {
+ upgrader spdy.Upgrader
+ transport http.RoundTripper
+
+ method string
+ url *url.URL
+ protocols []string
+ rejectRedirects bool // if true, receiving redirect from upstream is an error
+}
+
+// NewSPDYExecutor connects to the provided server and upgrades the connection to
+// multiplexed bidirectional streams.
+func NewSPDYExecutor(config *restclient.Config, method string, url *url.URL) (Executor, error) {
+ wrapper, upgradeRoundTripper, err := spdy.RoundTripperFor(config)
+ if err != nil {
+ return nil, err
+ }
+ return NewSPDYExecutorForTransports(wrapper, upgradeRoundTripper, method, url)
+}
+
+// NewSPDYExecutorRejectRedirects returns an Executor that will upgrade the future
+// connection to a SPDY bi-directional streaming connection when calling "Stream" (deprecated)
+// or "StreamWithContext" (preferred). Additionally, if the upstream server returns a redirect
+// during the attempted upgrade in these "Stream" calls, an error is returned.
+func NewSPDYExecutorRejectRedirects(transport http.RoundTripper, upgrader spdy.Upgrader, method string, url *url.URL) (Executor, error) {
+ executor, err := NewSPDYExecutorForTransports(transport, upgrader, method, url)
+ if err != nil {
+ return nil, err
+ }
+ spdyExecutor := executor.(*spdyStreamExecutor)
+ spdyExecutor.rejectRedirects = true
+ return spdyExecutor, nil
+}
+
+// NewSPDYExecutorForTransports connects to the provided server using the given transport,
+// upgrades the response using the given upgrader to multiplexed bidirectional streams.
+func NewSPDYExecutorForTransports(transport http.RoundTripper, upgrader spdy.Upgrader, method string, url *url.URL) (Executor, error) {
+ return NewSPDYExecutorForProtocols(
+ transport, upgrader, method, url,
+ remotecommand.StreamProtocolV5Name,
+ remotecommand.StreamProtocolV4Name,
+ remotecommand.StreamProtocolV3Name,
+ remotecommand.StreamProtocolV2Name,
+ remotecommand.StreamProtocolV1Name,
+ )
+}
+
+// NewSPDYExecutorForProtocols connects to the provided server and upgrades the connection to
+// multiplexed bidirectional streams using only the provided protocols. Exposed for testing, most
+// callers should use NewSPDYExecutor or NewSPDYExecutorForTransports.
+func NewSPDYExecutorForProtocols(transport http.RoundTripper, upgrader spdy.Upgrader, method string, url *url.URL, protocols ...string) (Executor, error) {
+ return &spdyStreamExecutor{
+ upgrader: upgrader,
+ transport: transport,
+ method: method,
+ url: url,
+ protocols: protocols,
+ }, nil
+}
+
+// Stream opens a protocol streamer to the server and streams until a client closes
+// the connection or the server disconnects.
+func (e *spdyStreamExecutor) Stream(options StreamOptions) error {
+ return e.StreamWithContext(context.Background(), options)
+}
+
+// newConnectionAndStream creates a new SPDY connection and a stream protocol handler upon it.
+func (e *spdyStreamExecutor) newConnectionAndStream(ctx context.Context, options StreamOptions) (httpstream.Connection, streamProtocolHandler, error) {
+ req, err := http.NewRequestWithContext(ctx, e.method, e.url.String(), nil)
+ if err != nil {
+ return nil, nil, fmt.Errorf("error creating request: %v", err)
+ }
+
+ client := http.Client{Transport: e.transport}
+ if e.rejectRedirects {
+ client.CheckRedirect = func(req *http.Request, via []*http.Request) error {
+ return fmt.Errorf("redirect not allowed")
+ }
+ }
+ conn, protocol, err := spdy.Negotiate(
+ e.upgrader,
+ &client,
+ req,
+ e.protocols...,
+ )
+ if err != nil {
+ return nil, nil, err
+ }
+
+ var streamer streamProtocolHandler
+
+ switch protocol {
+ case remotecommand.StreamProtocolV5Name:
+ streamer = newStreamProtocolV5(options)
+ case remotecommand.StreamProtocolV4Name:
+ streamer = newStreamProtocolV4(options)
+ case remotecommand.StreamProtocolV3Name:
+ streamer = newStreamProtocolV3(options)
+ case remotecommand.StreamProtocolV2Name:
+ streamer = newStreamProtocolV2(options)
+ case "":
+ klog.V(4).Infof("The server did not negotiate a streaming protocol version. Falling back to %s", remotecommand.StreamProtocolV1Name)
+ fallthrough
+ case remotecommand.StreamProtocolV1Name:
+ streamer = newStreamProtocolV1(options)
+ }
+
+ return conn, streamer, nil
+}
+
+// StreamWithContext opens a protocol streamer to the server and streams until a client closes
+// the connection or the server disconnects or the context is done.
+func (e *spdyStreamExecutor) StreamWithContext(ctx context.Context, options StreamOptions) error {
+ conn, streamer, err := e.newConnectionAndStream(ctx, options)
+ if err != nil {
+ return err
+ }
+ defer conn.Close()
+
+ panicChan := make(chan any, 1)
+ errorChan := make(chan error, 1)
+ go func() {
+ defer func() {
+ if p := recover(); p != nil {
+ panicChan <- p
+ }
+ }()
+ errorChan <- streamer.stream(conn)
+ }()
+
+ select {
+ case p := <-panicChan:
+ panic(p)
+ case err := <-errorChan:
+ return err
+ case <-ctx.Done():
+ return ctx.Err()
+ }
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/v1.go b/vendor/k8s.io/client-go/tools/remotecommand/v1.go
new file mode 100644
index 000000000..efa9a6c99
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/v1.go
@@ -0,0 +1,159 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "fmt"
+ "io"
+ "net/http"
+
+ "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/klog/v2"
+)
+
+// streamProtocolV1 implements the first version of the streaming exec & attach
+// protocol. This version has some bugs, such as not being able to detect when
+// non-interactive stdin data has ended. See https://issues.k8s.io/13394 and
+// https://issues.k8s.io/13395 for more details.
+type streamProtocolV1 struct {
+ StreamOptions
+
+ errorStream httpstream.Stream
+ remoteStdin httpstream.Stream
+ remoteStdout httpstream.Stream
+ remoteStderr httpstream.Stream
+}
+
+var _ streamProtocolHandler = &streamProtocolV1{}
+
+func newStreamProtocolV1(options StreamOptions) streamProtocolHandler {
+ return &streamProtocolV1{
+ StreamOptions: options,
+ }
+}
+
+func (p *streamProtocolV1) stream(conn streamCreator) error {
+ doneChan := make(chan struct{}, 2)
+ errorChan := make(chan error)
+
+ cp := func(s string, dst io.Writer, src io.Reader) {
+ klog.V(6).Infof("Copying %s", s)
+ defer klog.V(6).Infof("Done copying %s", s)
+ if _, err := io.Copy(dst, src); err != nil && err != io.EOF {
+ klog.Errorf("Error copying %s: %v", s, err)
+ }
+ if s == v1.StreamTypeStdout || s == v1.StreamTypeStderr {
+ doneChan <- struct{}{}
+ }
+ }
+
+ // set up all the streams first
+ var err error
+ headers := http.Header{}
+ headers.Set(v1.StreamType, v1.StreamTypeError)
+ p.errorStream, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ defer p.errorStream.Reset()
+
+ // Create all the streams first, then start the copy goroutines. The server doesn't start its copy
+ // goroutines until it's received all of the streams. If the client creates the stdin stream and
+ // immediately begins copying stdin data to the server, it's possible to overwhelm and wedge the
+ // spdy frame handler in the server so that it is full of unprocessed frames. The frames aren't
+ // getting processed because the server hasn't started its copying, and it won't do that until it
+ // gets all the streams. By creating all the streams first, we ensure that the server is ready to
+ // process data before the client starts sending any. See https://issues.k8s.io/16373 for more info.
+ if p.Stdin != nil {
+ headers.Set(v1.StreamType, v1.StreamTypeStdin)
+ p.remoteStdin, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ defer p.remoteStdin.Reset()
+ }
+
+ if p.Stdout != nil {
+ headers.Set(v1.StreamType, v1.StreamTypeStdout)
+ p.remoteStdout, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ defer p.remoteStdout.Reset()
+ }
+
+ if p.Stderr != nil && !p.Tty {
+ headers.Set(v1.StreamType, v1.StreamTypeStderr)
+ p.remoteStderr, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ defer p.remoteStderr.Reset()
+ }
+
+ // now that all the streams have been created, proceed with reading & copying
+
+ // always read from errorStream
+ go func() {
+ message, err := io.ReadAll(p.errorStream)
+ if err != nil && err != io.EOF {
+ errorChan <- fmt.Errorf("Error reading from error stream: %s", err)
+ return
+ }
+ if len(message) > 0 {
+ errorChan <- fmt.Errorf("Error executing remote command: %s", message)
+ return
+ }
+ }()
+
+ if p.Stdin != nil {
+ // TODO this goroutine will never exit cleanly (the io.Copy never unblocks)
+ // because stdin is not closed until the process exits. If we try to call
+ // stdin.Close(), it returns no error but doesn't unblock the copy. It will
+ // exit when the process exits, instead.
+ go cp(v1.StreamTypeStdin, p.remoteStdin, readerWrapper{p.Stdin})
+ }
+
+ waitCount := 0
+ completedStreams := 0
+
+ if p.Stdout != nil {
+ waitCount++
+ go cp(v1.StreamTypeStdout, p.Stdout, p.remoteStdout)
+ }
+
+ if p.Stderr != nil && !p.Tty {
+ waitCount++
+ go cp(v1.StreamTypeStderr, p.Stderr, p.remoteStderr)
+ }
+
+Loop:
+ for {
+ select {
+ case <-doneChan:
+ completedStreams++
+ if completedStreams == waitCount {
+ break Loop
+ }
+ case err := <-errorChan:
+ return err
+ }
+ }
+
+ return nil
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/v2.go b/vendor/k8s.io/client-go/tools/remotecommand/v2.go
new file mode 100644
index 000000000..d54612f4c
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/v2.go
@@ -0,0 +1,199 @@
+/*
+Copyright 2015 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "fmt"
+ "io"
+ "net/http"
+ "sync"
+
+ "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/util/runtime"
+)
+
+// streamProtocolV2 implements version 2 of the streaming protocol for attach
+// and exec. The original streaming protocol was metav1. As a result, this
+// version is referred to as version 2, even though it is the first actual
+// numbered version.
+type streamProtocolV2 struct {
+ StreamOptions
+
+ errorStream io.Reader
+ remoteStdin io.ReadWriteCloser
+ remoteStdout io.Reader
+ remoteStderr io.Reader
+}
+
+var _ streamProtocolHandler = &streamProtocolV2{}
+
+func newStreamProtocolV2(options StreamOptions) streamProtocolHandler {
+ return &streamProtocolV2{
+ StreamOptions: options,
+ }
+}
+
+func (p *streamProtocolV2) createStreams(conn streamCreator) error {
+ var err error
+ headers := http.Header{}
+
+ // set up error stream
+ headers.Set(v1.StreamType, v1.StreamTypeError)
+ p.errorStream, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+
+ // set up stdin stream
+ if p.Stdin != nil {
+ headers.Set(v1.StreamType, v1.StreamTypeStdin)
+ p.remoteStdin, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ }
+
+ // set up stdout stream
+ if p.Stdout != nil {
+ headers.Set(v1.StreamType, v1.StreamTypeStdout)
+ p.remoteStdout, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ }
+
+ // set up stderr stream
+ if p.Stderr != nil && !p.Tty {
+ headers.Set(v1.StreamType, v1.StreamTypeStderr)
+ p.remoteStderr, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (p *streamProtocolV2) copyStdin() {
+ if p.Stdin != nil {
+ var once sync.Once
+
+ // copy from client's stdin to container's stdin
+ go func() {
+ defer runtime.HandleCrash()
+
+ // if p.stdin is noninteractive, p.g. `echo abc | kubectl exec -i <pod> -- cat`, make sure
+ // we close remoteStdin as soon as the copy from p.stdin to remoteStdin finishes. Otherwise
+ // the executed command will remain running.
+ defer once.Do(func() { p.remoteStdin.Close() })
+
+ if _, err := io.Copy(p.remoteStdin, readerWrapper{p.Stdin}); err != nil {
+ runtime.HandleError(err)
+ }
+ }()
+
+ // read from remoteStdin until the stream is closed. this is essential to
+ // be able to exit interactive sessions cleanly and not leak goroutines or
+ // hang the client's terminal.
+ //
+ // TODO we aren't using go-dockerclient any more; revisit this to determine if it's still
+ // required by engine-api.
+ //
+ // go-dockerclient's current hijack implementation
+ // (https://github.com/fsouza/go-dockerclient/blob/89f3d56d93788dfe85f864a44f85d9738fca0670/client.go#L564)
+ // waits for all three streams (stdin/stdout/stderr) to finish copying
+ // before returning. When hijack finishes copying stdout/stderr, it calls
+ // Close() on its side of remoteStdin, which allows this copy to complete.
+ // When that happens, we must Close() on our side of remoteStdin, to
+ // allow the copy in hijack to complete, and hijack to return.
+ go func() {
+ defer runtime.HandleCrash()
+ defer once.Do(func() { p.remoteStdin.Close() })
+
+ // this "copy" doesn't actually read anything - it's just here to wait for
+ // the server to close remoteStdin.
+ if _, err := io.Copy(io.Discard, p.remoteStdin); err != nil {
+ runtime.HandleError(err)
+ }
+ }()
+ }
+}
+
+func (p *streamProtocolV2) copyStdout(wg *sync.WaitGroup) {
+ if p.Stdout == nil {
+ return
+ }
+
+ wg.Add(1)
+ go func() {
+ defer runtime.HandleCrash()
+ defer wg.Done()
+ // make sure, packet in queue can be consumed.
+ // block in queue may lead to deadlock in conn.server
+ // issue: https://github.com/kubernetes/kubernetes/issues/96339
+ defer io.Copy(io.Discard, p.remoteStdout)
+
+ if _, err := io.Copy(p.Stdout, p.remoteStdout); err != nil {
+ runtime.HandleError(err)
+ }
+ }()
+}
+
+func (p *streamProtocolV2) copyStderr(wg *sync.WaitGroup) {
+ if p.Stderr == nil || p.Tty {
+ return
+ }
+
+ wg.Add(1)
+ go func() {
+ defer runtime.HandleCrash()
+ defer wg.Done()
+ defer io.Copy(io.Discard, p.remoteStderr)
+
+ if _, err := io.Copy(p.Stderr, p.remoteStderr); err != nil {
+ runtime.HandleError(err)
+ }
+ }()
+}
+
+func (p *streamProtocolV2) stream(conn streamCreator) error {
+ if err := p.createStreams(conn); err != nil {
+ return err
+ }
+
+ // now that all the streams have been created, proceed with reading & copying
+
+ errorChan := watchErrorStream(p.errorStream, &errorDecoderV2{})
+
+ p.copyStdin()
+
+ var wg sync.WaitGroup
+ p.copyStdout(&wg)
+ p.copyStderr(&wg)
+
+ // we're waiting for stdout/stderr to finish copying
+ wg.Wait()
+
+ // waits for errorStream to finish reading with an error or nil
+ return <-errorChan
+}
+
+// errorDecoderV2 interprets the error channel data as plain text.
+type errorDecoderV2 struct{}
+
+func (d *errorDecoderV2) decode(message []byte) error {
+ return fmt.Errorf("error executing remote command: %s", message)
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/v3.go b/vendor/k8s.io/client-go/tools/remotecommand/v3.go
new file mode 100644
index 000000000..846dd24a5
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/v3.go
@@ -0,0 +1,111 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "encoding/json"
+ "io"
+ "net/http"
+ "sync"
+
+ "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/util/runtime"
+)
+
+// streamProtocolV3 implements version 3 of the streaming protocol for attach
+// and exec. This version adds support for resizing the container's terminal.
+type streamProtocolV3 struct {
+ *streamProtocolV2
+
+ resizeStream io.Writer
+}
+
+var _ streamProtocolHandler = &streamProtocolV3{}
+
+func newStreamProtocolV3(options StreamOptions) streamProtocolHandler {
+ return &streamProtocolV3{
+ streamProtocolV2: newStreamProtocolV2(options).(*streamProtocolV2),
+ }
+}
+
+func (p *streamProtocolV3) createStreams(conn streamCreator) error {
+ // set up the streams from v2
+ if err := p.streamProtocolV2.createStreams(conn); err != nil {
+ return err
+ }
+
+ // set up resize stream
+ if p.Tty {
+ headers := http.Header{}
+ headers.Set(v1.StreamType, v1.StreamTypeResize)
+ var err error
+ p.resizeStream, err = conn.CreateStream(headers)
+ if err != nil {
+ return err
+ }
+ }
+
+ return nil
+}
+
+func (p *streamProtocolV3) handleResizes() {
+ if p.resizeStream == nil || p.TerminalSizeQueue == nil {
+ return
+ }
+ go func() {
+ defer runtime.HandleCrash()
+
+ encoder := json.NewEncoder(p.resizeStream)
+ for {
+ size := p.TerminalSizeQueue.Next()
+ if size == nil {
+ return
+ }
+ if err := encoder.Encode(&size); err != nil {
+ runtime.HandleError(err)
+ }
+ }
+ }()
+}
+
+func (p *streamProtocolV3) stream(conn streamCreator) error {
+ if err := p.createStreams(conn); err != nil {
+ return err
+ }
+
+ // now that all the streams have been created, proceed with reading & copying
+
+ errorChan := watchErrorStream(p.errorStream, &errorDecoderV3{})
+
+ p.handleResizes()
+
+ p.copyStdin()
+
+ var wg sync.WaitGroup
+ p.copyStdout(&wg)
+ p.copyStderr(&wg)
+
+ // we're waiting for stdout/stderr to finish copying
+ wg.Wait()
+
+ // waits for errorStream to finish reading with an error or nil
+ return <-errorChan
+}
+
+type errorDecoderV3 struct {
+ errorDecoderV2
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/v4.go b/vendor/k8s.io/client-go/tools/remotecommand/v4.go
new file mode 100644
index 000000000..69ca934a0
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/v4.go
@@ -0,0 +1,119 @@
+/*
+Copyright 2016 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "encoding/json"
+ "errors"
+ "fmt"
+ "strconv"
+ "sync"
+
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/util/remotecommand"
+ "k8s.io/client-go/util/exec"
+)
+
+// streamProtocolV4 implements version 4 of the streaming protocol for attach
+// and exec. This version adds support for exit codes on the error stream through
+// the use of metav1.Status instead of plain text messages.
+type streamProtocolV4 struct {
+ *streamProtocolV3
+}
+
+var _ streamProtocolHandler = &streamProtocolV4{}
+
+func newStreamProtocolV4(options StreamOptions) streamProtocolHandler {
+ return &streamProtocolV4{
+ streamProtocolV3: newStreamProtocolV3(options).(*streamProtocolV3),
+ }
+}
+
+func (p *streamProtocolV4) createStreams(conn streamCreator) error {
+ return p.streamProtocolV3.createStreams(conn)
+}
+
+func (p *streamProtocolV4) handleResizes() {
+ p.streamProtocolV3.handleResizes()
+}
+
+func (p *streamProtocolV4) stream(conn streamCreator) error {
+ if err := p.createStreams(conn); err != nil {
+ return err
+ }
+
+ // now that all the streams have been created, proceed with reading & copying
+
+ errorChan := watchErrorStream(p.errorStream, &errorDecoderV4{})
+
+ p.handleResizes()
+
+ p.copyStdin()
+
+ var wg sync.WaitGroup
+ p.copyStdout(&wg)
+ p.copyStderr(&wg)
+
+ // we're waiting for stdout/stderr to finish copying
+ wg.Wait()
+
+ // waits for errorStream to finish reading with an error or nil
+ return <-errorChan
+}
+
+// errorDecoderV4 interprets the json-marshaled metav1.Status on the error channel
+// and creates an exec.ExitError from it.
+type errorDecoderV4 struct{}
+
+func (d *errorDecoderV4) decode(message []byte) error {
+ status := metav1.Status{}
+ err := json.Unmarshal(message, &status)
+ if err != nil {
+ return fmt.Errorf("error stream protocol error: %v in %q", err, string(message))
+ }
+ switch status.Status {
+ case metav1.StatusSuccess:
+ return nil
+ case metav1.StatusFailure:
+ if status.Reason == remotecommand.NonZeroExitCodeReason {
+ if status.Details == nil {
+ return errors.New("error stream protocol error: details must be set")
+ }
+ for i := range status.Details.Causes {
+ c := &status.Details.Causes[i]
+ if c.Type != remotecommand.ExitCodeCauseType {
+ continue
+ }
+
+ rc, err := strconv.ParseUint(c.Message, 10, 8)
+ if err != nil {
+ return fmt.Errorf("error stream protocol error: invalid exit code value %q", c.Message)
+ }
+ return exec.CodeExitError{
+ Err: fmt.Errorf("command terminated with exit code %d", rc),
+ Code: int(rc),
+ }
+ }
+
+ return fmt.Errorf("error stream protocol error: no %s cause given", remotecommand.ExitCodeCauseType)
+ }
+ default:
+ return errors.New("error stream protocol error: unknown error")
+ }
+
+ return fmt.Errorf(status.Message)
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/v5.go b/vendor/k8s.io/client-go/tools/remotecommand/v5.go
new file mode 100644
index 000000000..4da7bfb13
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/v5.go
@@ -0,0 +1,35 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+// streamProtocolV5 add support for V5 of the remote command subprotocol.
+// For the streamProtocolHandler, this version is the same as V4.
+type streamProtocolV5 struct {
+ *streamProtocolV4
+}
+
+var _ streamProtocolHandler = &streamProtocolV5{}
+
+func newStreamProtocolV5(options StreamOptions) streamProtocolHandler {
+ return &streamProtocolV5{
+ streamProtocolV4: newStreamProtocolV4(options).(*streamProtocolV4),
+ }
+}
+
+func (p *streamProtocolV5) stream(conn streamCreator) error {
+ return p.streamProtocolV4.stream(conn)
+}
diff --git a/vendor/k8s.io/client-go/tools/remotecommand/websocket.go b/vendor/k8s.io/client-go/tools/remotecommand/websocket.go
new file mode 100644
index 000000000..1dc679cb1
--- /dev/null
+++ b/vendor/k8s.io/client-go/tools/remotecommand/websocket.go
@@ -0,0 +1,515 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package remotecommand
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "io"
+ "net"
+ "net/http"
+ "sync"
+ "time"
+
+ gwebsocket "github.com/gorilla/websocket"
+
+ v1 "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/apimachinery/pkg/util/remotecommand"
+ restclient "k8s.io/client-go/rest"
+ "k8s.io/client-go/transport/websocket"
+ "k8s.io/klog/v2"
+)
+
+// writeDeadline defines the time that a client-side write to the websocket
+// connection must complete before an i/o timeout occurs.
+const writeDeadline = 60 * time.Second
+
+var (
+ _ Executor = &wsStreamExecutor{}
+ _ streamCreator = &wsStreamCreator{}
+ _ httpstream.Stream = &stream{}
+
+ streamType2streamID = map[string]byte{
+ v1.StreamTypeStdin: remotecommand.StreamStdIn,
+ v1.StreamTypeStdout: remotecommand.StreamStdOut,
+ v1.StreamTypeStderr: remotecommand.StreamStdErr,
+ v1.StreamTypeError: remotecommand.StreamErr,
+ v1.StreamTypeResize: remotecommand.StreamResize,
+ }
+)
+
+const (
+ // pingPeriod defines how often a heartbeat "ping" message is sent.
+ pingPeriod = 5 * time.Second
+ // pingReadDeadline defines the time waiting for a response heartbeat
+ // "pong" message before a timeout error occurs for websocket reading.
+ // This duration must always be greater than the "pingPeriod". By defining
+ // this deadline in terms of the ping period, we are essentially saying
+ // we can drop "X" (e.g. 12) pings before firing the timeout.
+ pingReadDeadline = (pingPeriod * 12) + (1 * time.Second)
+)
+
+// wsStreamExecutor handles transporting standard shell streams over an httpstream connection.
+type wsStreamExecutor struct {
+ transport http.RoundTripper
+ upgrader websocket.ConnectionHolder
+ method string
+ url string
+ // requested protocols in priority order (e.g. v5.channel.k8s.io before v4.channel.k8s.io).
+ protocols []string
+ // selected protocol from the handshake process; could be empty string if handshake fails.
+ negotiated string
+ // period defines how often a "ping" heartbeat message is sent to the other endpoint.
+ heartbeatPeriod time.Duration
+ // deadline defines the amount of time before "pong" response must be received.
+ heartbeatDeadline time.Duration
+}
+
+func NewWebSocketExecutor(config *restclient.Config, method, url string) (Executor, error) {
+ // Only supports V5 protocol for correct version skew functionality.
+ // Previous api servers will proxy upgrade requests to legacy websocket
+ // servers on container runtimes which support V1-V4. These legacy
+ // websocket servers will not handle the new CLOSE signal.
+ return NewWebSocketExecutorForProtocols(config, method, url, remotecommand.StreamProtocolV5Name)
+}
+
+// NewWebSocketExecutorForProtocols allows to execute commands via a WebSocket connection.
+func NewWebSocketExecutorForProtocols(config *restclient.Config, method, url string, protocols ...string) (Executor, error) {
+ transport, upgrader, err := websocket.RoundTripperFor(config)
+ if err != nil {
+ return nil, fmt.Errorf("error creating websocket transports: %v", err)
+ }
+ return &wsStreamExecutor{
+ transport: transport,
+ upgrader: upgrader,
+ method: method,
+ url: url,
+ protocols: protocols,
+ heartbeatPeriod: pingPeriod,
+ heartbeatDeadline: pingReadDeadline,
+ }, nil
+}
+
+// Deprecated: use StreamWithContext instead to avoid possible resource leaks.
+// See https://github.com/kubernetes/kubernetes/pull/103177 for details.
+func (e *wsStreamExecutor) Stream(options StreamOptions) error {
+ return e.StreamWithContext(context.Background(), options)
+}
+
+// StreamWithContext upgrades an HTTPRequest to a WebSocket connection, and starts the various
+// goroutines to implement the necessary streams over the connection. The "options" parameter
+// defines which streams are requested. Returns an error if one occurred. This method is NOT
+// safe to run concurrently with the same executor (because of the state stored in the upgrader).
+func (e *wsStreamExecutor) StreamWithContext(ctx context.Context, options StreamOptions) error {
+ req, err := http.NewRequestWithContext(ctx, e.method, e.url, nil)
+ if err != nil {
+ return err
+ }
+ conn, err := websocket.Negotiate(e.transport, e.upgrader, req, e.protocols...)
+ if err != nil {
+ return err
+ }
+ if conn == nil {
+ panic(fmt.Errorf("websocket connection is nil"))
+ }
+ defer conn.Close()
+ e.negotiated = conn.Subprotocol()
+ klog.V(4).Infof("The subprotocol is %s", e.negotiated)
+
+ var streamer streamProtocolHandler
+ switch e.negotiated {
+ case remotecommand.StreamProtocolV5Name:
+ streamer = newStreamProtocolV5(options)
+ case remotecommand.StreamProtocolV4Name:
+ streamer = newStreamProtocolV4(options)
+ case remotecommand.StreamProtocolV3Name:
+ streamer = newStreamProtocolV3(options)
+ case remotecommand.StreamProtocolV2Name:
+ streamer = newStreamProtocolV2(options)
+ case "":
+ klog.V(4).Infof("The server did not negotiate a streaming protocol version. Falling back to %s", remotecommand.StreamProtocolV1Name)
+ fallthrough
+ case remotecommand.StreamProtocolV1Name:
+ streamer = newStreamProtocolV1(options)
+ }
+
+ panicChan := make(chan any, 1)
+ errorChan := make(chan error, 1)
+ go func() {
+ defer func() {
+ if p := recover(); p != nil {
+ panicChan <- p
+ }
+ }()
+ creator := newWSStreamCreator(conn)
+ go creator.readDemuxLoop(
+ e.upgrader.DataBufferSize(),
+ e.heartbeatPeriod,
+ e.heartbeatDeadline,
+ )
+ errorChan <- streamer.stream(creator)
+ }()
+
+ select {
+ case p := <-panicChan:
+ panic(p)
+ case err := <-errorChan:
+ return err
+ case <-ctx.Done():
+ return ctx.Err()
+ }
+}
+
+type wsStreamCreator struct {
+ conn *gwebsocket.Conn
+ // Protects writing to websocket connection; reading is lock-free
+ connWriteLock sync.Mutex
+ // map of stream id to stream; multiple streams read/write the connection
+ streams map[byte]*stream
+ streamsMu sync.Mutex
+ // setStreamErr holds the error to return to anyone calling setStreams.
+ // this is populated in closeAllStreamReaders
+ setStreamErr error
+}
+
+func newWSStreamCreator(conn *gwebsocket.Conn) *wsStreamCreator {
+ return &wsStreamCreator{
+ conn: conn,
+ streams: map[byte]*stream{},
+ }
+}
+
+func (c *wsStreamCreator) getStream(id byte) *stream {
+ c.streamsMu.Lock()
+ defer c.streamsMu.Unlock()
+ return c.streams[id]
+}
+
+func (c *wsStreamCreator) setStream(id byte, s *stream) error {
+ c.streamsMu.Lock()
+ defer c.streamsMu.Unlock()
+ if c.setStreamErr != nil {
+ return c.setStreamErr
+ }
+ c.streams[id] = s
+ return nil
+}
+
+// CreateStream uses id from passed headers to create a stream over "c.conn" connection.
+// Returns a Stream structure or nil and an error if one occurred.
+func (c *wsStreamCreator) CreateStream(headers http.Header) (httpstream.Stream, error) {
+ streamType := headers.Get(v1.StreamType)
+ id, ok := streamType2streamID[streamType]
+ if !ok {
+ return nil, fmt.Errorf("unknown stream type: %s", streamType)
+ }
+ if s := c.getStream(id); s != nil {
+ return nil, fmt.Errorf("duplicate stream for type %s", streamType)
+ }
+ reader, writer := io.Pipe()
+ s := &stream{
+ headers: headers,
+ readPipe: reader,
+ writePipe: writer,
+ conn: c.conn,
+ connWriteLock: &c.connWriteLock,
+ id: id,
+ }
+ if err := c.setStream(id, s); err != nil {
+ _ = s.writePipe.Close()
+ _ = s.readPipe.Close()
+ return nil, err
+ }
+ return s, nil
+}
+
+// readDemuxLoop is the lock-free reading processor for this endpoint of the websocket
+// connection. This loop reads the connection, and demultiplexes the data
+// into one of the individual stream pipes (by checking the stream id). This
+// loop can *not* be run concurrently, because there can only be one websocket
+// connection reader at a time (a read mutex would provide no benefit).
+func (c *wsStreamCreator) readDemuxLoop(bufferSize int, period time.Duration, deadline time.Duration) {
+ // Initialize and start the ping/pong heartbeat.
+ h := newHeartbeat(c.conn, period, deadline)
+ // Set initial timeout for websocket connection reading.
+ if err := c.conn.SetReadDeadline(time.Now().Add(deadline)); err != nil {
+ klog.Errorf("Websocket initial setting read deadline failed %v", err)
+ return
+ }
+ go h.start()
+ // Buffer size must correspond to the same size allocated
+ // for the read buffer during websocket client creation. A
+ // difference can cause incomplete connection reads.
+ readBuffer := make([]byte, bufferSize)
+ for {
+ // NextReader() only returns data messages (BinaryMessage or Text
+ // Message). Even though this call will never return control frames
+ // such as ping, pong, or close, this call is necessary for these
+ // message types to be processed. There can only be one reader
+ // at a time, so this reader loop must *not* be run concurrently;
+ // there is no lock for reading. Calling "NextReader()" before the
+ // current reader has been processed will close the current reader.
+ // If the heartbeat read deadline times out, this "NextReader()" will
+ // return an i/o error, and error handling will clean up.
+ messageType, r, err := c.conn.NextReader()
+ if err != nil {
+ websocketErr, ok := err.(*gwebsocket.CloseError)
+ if ok && websocketErr.Code == gwebsocket.CloseNormalClosure {
+ err = nil // readers will get io.EOF as it's a normal closure
+ } else {
+ err = fmt.Errorf("next reader: %w", err)
+ }
+ c.closeAllStreamReaders(err)
+ return
+ }
+ // All remote command protocols send/receive only binary data messages.
+ if messageType != gwebsocket.BinaryMessage {
+ c.closeAllStreamReaders(fmt.Errorf("unexpected message type: %d", messageType))
+ return
+ }
+ // It's ok to read just a single byte because the underlying library wraps the actual
+ // connection with a buffered reader anyway.
+ _, err = io.ReadFull(r, readBuffer[:1])
+ if err != nil {
+ c.closeAllStreamReaders(fmt.Errorf("read stream id: %w", err))
+ return
+ }
+ streamID := readBuffer[0]
+ s := c.getStream(streamID)
+ if s == nil {
+ klog.Errorf("Unknown stream id %d, discarding message", streamID)
+ continue
+ }
+ for {
+ nr, errRead := r.Read(readBuffer)
+ if nr > 0 {
+ // Write the data to the stream's pipe. This can block.
+ _, errWrite := s.writePipe.Write(readBuffer[:nr])
+ if errWrite != nil {
+ // Pipe must have been closed by the stream user.
+ // Nothing to do, discard the message.
+ break
+ }
+ }
+ if errRead != nil {
+ if errRead == io.EOF {
+ break
+ }
+ c.closeAllStreamReaders(fmt.Errorf("read message: %w", err))
+ return
+ }
+ }
+ }
+}
+
+// closeAllStreamReaders closes readers in all streams.
+// This unblocks all stream.Read() calls, and keeps any future streams from being created.
+func (c *wsStreamCreator) closeAllStreamReaders(err error) {
+ c.streamsMu.Lock()
+ defer c.streamsMu.Unlock()
+ for _, s := range c.streams {
+ // Closing writePipe unblocks all readPipe.Read() callers and prevents any future writes.
+ _ = s.writePipe.CloseWithError(err)
+ }
+ // ensure callers to setStreams receive an error after this point
+ if err != nil {
+ c.setStreamErr = err
+ } else {
+ c.setStreamErr = fmt.Errorf("closed all streams")
+ }
+}
+
+type stream struct {
+ headers http.Header
+ readPipe *io.PipeReader
+ writePipe *io.PipeWriter
+ // conn is used for writing directly into the connection.
+ // Is nil after Close() / Reset() to prevent future writes.
+ conn *gwebsocket.Conn
+ // connWriteLock protects conn against concurrent write operations. There must be a single writer and a single reader only.
+ // The mutex is shared across all streams because the underlying connection is shared.
+ connWriteLock *sync.Mutex
+ id byte
+}
+
+func (s *stream) Read(p []byte) (n int, err error) {
+ return s.readPipe.Read(p)
+}
+
+// Write writes directly to the underlying WebSocket connection.
+func (s *stream) Write(p []byte) (n int, err error) {
+ klog.V(4).Infof("Write() on stream %d", s.id)
+ defer klog.V(4).Infof("Write() done on stream %d", s.id)
+ s.connWriteLock.Lock()
+ defer s.connWriteLock.Unlock()
+ if s.conn == nil {
+ return 0, fmt.Errorf("write on closed stream %d", s.id)
+ }
+ err = s.conn.SetWriteDeadline(time.Now().Add(writeDeadline))
+ if err != nil {
+ klog.V(7).Infof("Websocket setting write deadline failed %v", err)
+ return 0, err
+ }
+ // Message writer buffers the message data, so we don't need to do that ourselves.
+ // Just write id and the data as two separate writes to avoid allocating an intermediate buffer.
+ w, err := s.conn.NextWriter(gwebsocket.BinaryMessage)
+ if err != nil {
+ return 0, err
+ }
+ defer func() {
+ if w != nil {
+ w.Close()
+ }
+ }()
+ _, err = w.Write([]byte{s.id})
+ if err != nil {
+ return 0, err
+ }
+ n, err = w.Write(p)
+ if err != nil {
+ return n, err
+ }
+ err = w.Close()
+ w = nil
+ return n, err
+}
+
+// Close half-closes the stream, indicating this side is finished with the stream.
+func (s *stream) Close() error {
+ klog.V(4).Infof("Close() on stream %d", s.id)
+ defer klog.V(4).Infof("Close() done on stream %d", s.id)
+ s.connWriteLock.Lock()
+ defer s.connWriteLock.Unlock()
+ if s.conn == nil {
+ return fmt.Errorf("Close() on already closed stream %d", s.id)
+ }
+ // Communicate the CLOSE stream signal to the other websocket endpoint.
+ err := s.conn.WriteMessage(gwebsocket.BinaryMessage, []byte{remotecommand.StreamClose, s.id})
+ s.conn = nil
+ return err
+}
+
+func (s *stream) Reset() error {
+ klog.V(4).Infof("Reset() on stream %d", s.id)
+ defer klog.V(4).Infof("Reset() done on stream %d", s.id)
+ s.Close()
+ return s.writePipe.Close()
+}
+
+func (s *stream) Headers() http.Header {
+ return s.headers
+}
+
+func (s *stream) Identifier() uint32 {
+ return uint32(s.id)
+}
+
+// heartbeat encasulates data necessary for the websocket ping/pong heartbeat. This
+// heartbeat works by setting a read deadline on the websocket connection, then
+// pushing this deadline into the future for every successful heartbeat. If the
+// heartbeat "pong" fails to respond within the deadline, then the "NextReader()" call
+// inside the "readDemuxLoop" will return an i/o error prompting a connection close
+// and cleanup.
+type heartbeat struct {
+ conn *gwebsocket.Conn
+ // period defines how often a "ping" heartbeat message is sent to the other endpoint
+ period time.Duration
+ // closing the "closer" channel will clean up the heartbeat timers
+ closer chan struct{}
+ // optional data to send with "ping" message
+ message []byte
+ // optionally received data message with "pong" message, same as sent with ping
+ pongMessage []byte
+}
+
+// newHeartbeat creates heartbeat structure encapsulating fields necessary to
+// run the websocket connection ping/pong mechanism and sets up handlers on
+// the websocket connection.
+func newHeartbeat(conn *gwebsocket.Conn, period time.Duration, deadline time.Duration) *heartbeat {
+ h := &heartbeat{
+ conn: conn,
+ period: period,
+ closer: make(chan struct{}),
+ }
+ // Set up handler for receiving returned "pong" message from other endpoint
+ // by pushing the read deadline into the future. The "msg" received could
+ // be empty.
+ h.conn.SetPongHandler(func(msg string) error {
+ // Push the read deadline into the future.
+ klog.V(8).Infof("Pong message received (%s)--resetting read deadline", msg)
+ err := h.conn.SetReadDeadline(time.Now().Add(deadline))
+ if err != nil {
+ klog.Errorf("Websocket setting read deadline failed %v", err)
+ return err
+ }
+ if len(msg) > 0 {
+ h.pongMessage = []byte(msg)
+ }
+ return nil
+ })
+ // Set up handler to cleanup timers when this endpoint receives "Close" message.
+ closeHandler := h.conn.CloseHandler()
+ h.conn.SetCloseHandler(func(code int, text string) error {
+ close(h.closer)
+ return closeHandler(code, text)
+ })
+ return h
+}
+
+// setMessage is optional data sent with "ping" heartbeat. According to the websocket RFC
+// this data sent with "ping" message should be returned in "pong" message.
+func (h *heartbeat) setMessage(msg string) {
+ h.message = []byte(msg)
+}
+
+// start the heartbeat by setting up necesssary handlers and looping by sending "ping"
+// message every "period" until the "closer" channel is closed.
+func (h *heartbeat) start() {
+ // Loop to continually send "ping" message through websocket connection every "period".
+ t := time.NewTicker(h.period)
+ defer t.Stop()
+ for {
+ select {
+ case <-h.closer:
+ klog.V(8).Infof("closed channel--returning")
+ return
+ case <-t.C:
+ // "WriteControl" does not need to be protected by a mutex. According to
+ // gorilla/websockets library docs: "The Close and WriteControl methods can
+ // be called concurrently with all other methods."
+ if err := h.conn.WriteControl(gwebsocket.PingMessage, h.message, time.Now().Add(pingReadDeadline)); err == nil {
+ klog.V(8).Infof("Websocket Ping succeeeded")
+ } else {
+ klog.Errorf("Websocket Ping failed: %v", err)
+ if errors.Is(err, gwebsocket.ErrCloseSent) {
+ // we continue because c.conn.CloseChan will manage closing the connection already
+ continue
+ } else if e, ok := err.(net.Error); ok && e.Timeout() {
+ // Continue, in case this is a transient failure.
+ // c.conn.CloseChan above will tell us when the connection is
+ // actually closed.
+ // If Temporary function hadn't been deprecated, we would have used it.
+ // But most of temporary errors are timeout errors anyway.
+ continue
+ }
+ return
+ }
+ }
+ }
+}
diff --git a/vendor/k8s.io/client-go/transport/spdy/spdy.go b/vendor/k8s.io/client-go/transport/spdy/spdy.go
new file mode 100644
index 000000000..9fddc6c5f
--- /dev/null
+++ b/vendor/k8s.io/client-go/transport/spdy/spdy.go
@@ -0,0 +1,107 @@
+/*
+Copyright 2017 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package spdy
+
+import (
+ "fmt"
+ "net/http"
+ "net/url"
+ "time"
+
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/apimachinery/pkg/util/httpstream/spdy"
+ restclient "k8s.io/client-go/rest"
+)
+
+// Upgrader validates a response from the server after a SPDY upgrade.
+type Upgrader interface {
+ // NewConnection validates the response and creates a new Connection.
+ NewConnection(resp *http.Response) (httpstream.Connection, error)
+}
+
+// RoundTripperFor returns a round tripper and upgrader to use with SPDY.
+func RoundTripperFor(config *restclient.Config) (http.RoundTripper, Upgrader, error) {
+ tlsConfig, err := restclient.TLSConfigFor(config)
+ if err != nil {
+ return nil, nil, err
+ }
+ proxy := http.ProxyFromEnvironment
+ if config.Proxy != nil {
+ proxy = config.Proxy
+ }
+ upgradeRoundTripper, err := spdy.NewRoundTripperWithConfig(spdy.RoundTripperConfig{
+ TLS: tlsConfig,
+ Proxier: proxy,
+ PingPeriod: time.Second * 5,
+ UpgradeTransport: nil,
+ })
+ if err != nil {
+ return nil, nil, err
+ }
+ wrapper, err := restclient.HTTPWrappersForConfig(config, upgradeRoundTripper)
+ if err != nil {
+ return nil, nil, err
+ }
+ return wrapper, upgradeRoundTripper, nil
+}
+
+// dialer implements the httpstream.Dialer interface.
+type dialer struct {
+ client *http.Client
+ upgrader Upgrader
+ method string
+ url *url.URL
+}
+
+var _ httpstream.Dialer = &dialer{}
+
+// NewDialer will create a dialer that connects to the provided URL and upgrades the connection to SPDY.
+func NewDialer(upgrader Upgrader, client *http.Client, method string, url *url.URL) httpstream.Dialer {
+ return &dialer{
+ client: client,
+ upgrader: upgrader,
+ method: method,
+ url: url,
+ }
+}
+
+func (d *dialer) Dial(protocols ...string) (httpstream.Connection, string, error) {
+ req, err := http.NewRequest(d.method, d.url.String(), nil)
+ if err != nil {
+ return nil, "", fmt.Errorf("error creating request: %v", err)
+ }
+ return Negotiate(d.upgrader, d.client, req, protocols...)
+}
+
+// Negotiate opens a connection to a remote server and attempts to negotiate
+// a SPDY connection. Upon success, it returns the connection and the protocol selected by
+// the server. The client transport must use the upgradeRoundTripper - see RoundTripperFor.
+func Negotiate(upgrader Upgrader, client *http.Client, req *http.Request, protocols ...string) (httpstream.Connection, string, error) {
+ for i := range protocols {
+ req.Header.Add(httpstream.HeaderProtocolVersion, protocols[i])
+ }
+ resp, err := client.Do(req)
+ if err != nil {
+ return nil, "", fmt.Errorf("error sending request: %v", err)
+ }
+ defer resp.Body.Close()
+ conn, err := upgrader.NewConnection(resp)
+ if err != nil {
+ return nil, "", err
+ }
+ return conn, resp.Header.Get(httpstream.HeaderProtocolVersion), nil
+}
diff --git a/vendor/k8s.io/client-go/transport/websocket/roundtripper.go b/vendor/k8s.io/client-go/transport/websocket/roundtripper.go
new file mode 100644
index 000000000..624dd5473
--- /dev/null
+++ b/vendor/k8s.io/client-go/transport/websocket/roundtripper.go
@@ -0,0 +1,182 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package websocket
+
+import (
+ "crypto/tls"
+ "errors"
+ "fmt"
+ "net/http"
+ "net/url"
+
+ gwebsocket "github.com/gorilla/websocket"
+
+ "k8s.io/apimachinery/pkg/util/httpstream"
+ "k8s.io/apimachinery/pkg/util/httpstream/wsstream"
+ utilnet "k8s.io/apimachinery/pkg/util/net"
+ restclient "k8s.io/client-go/rest"
+ "k8s.io/client-go/transport"
+)
+
+var (
+ _ utilnet.TLSClientConfigHolder = &RoundTripper{}
+ _ http.RoundTripper = &RoundTripper{}
+)
+
+// ConnectionHolder defines functions for structure providing
+// access to the websocket connection.
+type ConnectionHolder interface {
+ DataBufferSize() int
+ Connection() *gwebsocket.Conn
+}
+
+// RoundTripper knows how to establish a connection to a remote WebSocket endpoint and make it available for use.
+// RoundTripper must not be reused.
+type RoundTripper struct {
+ // TLSConfig holds the TLS configuration settings to use when connecting
+ // to the remote server.
+ TLSConfig *tls.Config
+
+ // Proxier specifies a function to return a proxy for a given
+ // Request. If the function returns a non-nil error, the
+ // request is aborted with the provided error.
+ // If Proxy is nil or returns a nil *URL, no proxy is used.
+ Proxier func(req *http.Request) (*url.URL, error)
+
+ // Conn holds the WebSocket connection after a round trip.
+ Conn *gwebsocket.Conn
+}
+
+// Connection returns the stored websocket connection.
+func (rt *RoundTripper) Connection() *gwebsocket.Conn {
+ return rt.Conn
+}
+
+// DataBufferSize returns the size of buffers for the
+// websocket connection.
+func (rt *RoundTripper) DataBufferSize() int {
+ return 32 * 1024
+}
+
+// TLSClientConfig implements pkg/util/net.TLSClientConfigHolder.
+func (rt *RoundTripper) TLSClientConfig() *tls.Config {
+ return rt.TLSConfig
+}
+
+// RoundTrip connects to the remote websocket using the headers in the request and the TLS
+// configuration from the config
+func (rt *RoundTripper) RoundTrip(request *http.Request) (retResp *http.Response, retErr error) {
+ defer func() {
+ if request.Body != nil {
+ err := request.Body.Close()
+ if retErr == nil {
+ retErr = err
+ }
+ }
+ }()
+
+ // set the protocol version directly on the dialer from the header
+ protocolVersions := request.Header[wsstream.WebSocketProtocolHeader]
+ delete(request.Header, wsstream.WebSocketProtocolHeader)
+
+ dialer := gwebsocket.Dialer{
+ Proxy: rt.Proxier,
+ TLSClientConfig: rt.TLSConfig,
+ Subprotocols: protocolVersions,
+ ReadBufferSize: rt.DataBufferSize() + 1024, // add space for the protocol byte indicating which channel the data is for
+ WriteBufferSize: rt.DataBufferSize() + 1024, // add space for the protocol byte indicating which channel the data is for
+ }
+ switch request.URL.Scheme {
+ case "https":
+ request.URL.Scheme = "wss"
+ case "http":
+ request.URL.Scheme = "ws"
+ default:
+ return nil, fmt.Errorf("unknown url scheme: %s", request.URL.Scheme)
+ }
+ wsConn, resp, err := dialer.DialContext(request.Context(), request.URL.String(), request.Header)
+ if err != nil {
+ if errors.Is(err, gwebsocket.ErrBadHandshake) {
+ return nil, &httpstream.UpgradeFailureError{Cause: err}
+ }
+ return nil, err
+ }
+
+ // Ensure we got back a protocol we understand
+ foundProtocol := false
+ for _, protocolVersion := range protocolVersions {
+ if protocolVersion == wsConn.Subprotocol() {
+ foundProtocol = true
+ break
+ }
+ }
+ if !foundProtocol {
+ wsConn.Close() // nolint:errcheck
+ return nil, &httpstream.UpgradeFailureError{Cause: fmt.Errorf("invalid protocol, expected one of %q, got %q", protocolVersions, wsConn.Subprotocol())}
+ }
+
+ rt.Conn = wsConn
+
+ return resp, nil
+}
+
+// RoundTripperFor transforms the passed rest config into a wrapped roundtripper, as well
+// as a pointer to the websocket RoundTripper. The websocket RoundTripper contains the
+// websocket connection after RoundTrip() on the wrapper. Returns an error if there is
+// a problem creating the round trippers.
+func RoundTripperFor(config *restclient.Config) (http.RoundTripper, ConnectionHolder, error) {
+ transportCfg, err := config.TransportConfig()
+ if err != nil {
+ return nil, nil, err
+ }
+ tlsConfig, err := transport.TLSConfigFor(transportCfg)
+ if err != nil {
+ return nil, nil, err
+ }
+ proxy := config.Proxy
+ if proxy == nil {
+ proxy = utilnet.NewProxierWithNoProxyCIDR(http.ProxyFromEnvironment)
+ }
+
+ upgradeRoundTripper := &RoundTripper{
+ TLSConfig: tlsConfig,
+ Proxier: proxy,
+ }
+ wrapper, err := transport.HTTPWrappersForConfig(transportCfg, upgradeRoundTripper)
+ if err != nil {
+ return nil, nil, err
+ }
+ return wrapper, upgradeRoundTripper, nil
+}
+
+// Negotiate opens a connection to a remote server and attempts to negotiate
+// a WebSocket connection. Upon success, it returns the negotiated connection.
+// The round tripper rt must use the WebSocket round tripper wsRt - see RoundTripperFor.
+func Negotiate(rt http.RoundTripper, connectionInfo ConnectionHolder, req *http.Request, protocols ...string) (*gwebsocket.Conn, error) {
+ // Plumb protocols to RoundTripper#RoundTrip
+ req.Header[wsstream.WebSocketProtocolHeader] = protocols
+ resp, err := rt.RoundTrip(req)
+ if err != nil {
+ return nil, err
+ }
+ err = resp.Body.Close()
+ if err != nil {
+ connectionInfo.Connection().Close()
+ return nil, fmt.Errorf("error closing response body: %v", err)
+ }
+ return connectionInfo.Connection(), nil
+}
diff --git a/vendor/k8s.io/client-go/util/exec/exec.go b/vendor/k8s.io/client-go/util/exec/exec.go
new file mode 100644
index 000000000..d170badb6
--- /dev/null
+++ b/vendor/k8s.io/client-go/util/exec/exec.go
@@ -0,0 +1,52 @@
+/*
+Copyright 2014 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package exec
+
+// ExitError is an interface that presents an API similar to os.ProcessState, which is
+// what ExitError from os/exec is. This is designed to make testing a bit easier and
+// probably loses some of the cross-platform properties of the underlying library.
+type ExitError interface {
+ String() string
+ Error() string
+ Exited() bool
+ ExitStatus() int
+}
+
+// CodeExitError is an implementation of ExitError consisting of an error object
+// and an exit code (the upper bits of os.exec.ExitStatus).
+type CodeExitError struct {
+ Err error
+ Code int
+}
+
+var _ ExitError = CodeExitError{}
+
+func (e CodeExitError) Error() string {
+ return e.Err.Error()
+}
+
+func (e CodeExitError) String() string {
+ return e.Err.Error()
+}
+
+func (e CodeExitError) Exited() bool {
+ return true
+}
+
+func (e CodeExitError) ExitStatus() int {
+ return e.Code
+}
diff --git a/vendor/k8s.io/utils/ptr/OWNERS b/vendor/k8s.io/utils/ptr/OWNERS
new file mode 100644
index 000000000..0d6392752
--- /dev/null
+++ b/vendor/k8s.io/utils/ptr/OWNERS
@@ -0,0 +1,10 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+approvers:
+- apelisse
+- stewart-yu
+- thockin
+reviewers:
+- apelisse
+- stewart-yu
+- thockin
diff --git a/vendor/k8s.io/utils/ptr/README.md b/vendor/k8s.io/utils/ptr/README.md
new file mode 100644
index 000000000..2ca8073dc
--- /dev/null
+++ b/vendor/k8s.io/utils/ptr/README.md
@@ -0,0 +1,3 @@
+# Pointer
+
+This package provides some functions for pointer-based operations.
diff --git a/vendor/k8s.io/utils/ptr/ptr.go b/vendor/k8s.io/utils/ptr/ptr.go
new file mode 100644
index 000000000..659ed3b9e
--- /dev/null
+++ b/vendor/k8s.io/utils/ptr/ptr.go
@@ -0,0 +1,73 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package ptr
+
+import (
+ "fmt"
+ "reflect"
+)
+
+// AllPtrFieldsNil tests whether all pointer fields in a struct are nil. This is useful when,
+// for example, an API struct is handled by plugins which need to distinguish
+// "no plugin accepted this spec" from "this spec is empty".
+//
+// This function is only valid for structs and pointers to structs. Any other
+// type will cause a panic. Passing a typed nil pointer will return true.
+func AllPtrFieldsNil(obj interface{}) bool {
+ v := reflect.ValueOf(obj)
+ if !v.IsValid() {
+ panic(fmt.Sprintf("reflect.ValueOf() produced a non-valid Value for %#v", obj))
+ }
+ if v.Kind() == reflect.Ptr {
+ if v.IsNil() {
+ return true
+ }
+ v = v.Elem()
+ }
+ for i := 0; i < v.NumField(); i++ {
+ if v.Field(i).Kind() == reflect.Ptr && !v.Field(i).IsNil() {
+ return false
+ }
+ }
+ return true
+}
+
+// To returns a pointer to the given value.
+func To[T any](v T) *T {
+ return &v
+}
+
+// Deref dereferences ptr and returns the value it points to if no nil, or else
+// returns def.
+func Deref[T any](ptr *T, def T) T {
+ if ptr != nil {
+ return *ptr
+ }
+ return def
+}
+
+// Equal returns true if both arguments are nil or both arguments
+// dereference to the same value.
+func Equal[T comparable](a, b *T) bool {
+ if (a == nil) != (b == nil) {
+ return false
+ }
+ if a == nil {
+ return true
+ }
+ return *a == *b
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 2d68822b1..65fc6227c 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -17,6 +17,10 @@ github.com/emicklei/go-restful/v3/log
# github.com/evanphx/json-patch v4.12.0+incompatible
## explicit
github.com/evanphx/json-patch
+# github.com/evanphx/json-patch/v5 v5.9.0
+## explicit; go 1.18
+github.com/evanphx/json-patch/v5
+github.com/evanphx/json-patch/v5/internal/json
# github.com/go-logr/logr v1.4.1
## explicit; go 1.18
github.com/go-logr/logr
@@ -55,8 +59,11 @@ github.com/google/gofuzz/bytesource
# github.com/google/uuid v1.6.0
## explicit
github.com/google/uuid
-# github.com/imdario/mergo v0.3.6
-## explicit
+# github.com/gorilla/websocket v1.5.0
+## explicit; go 1.12
+github.com/gorilla/websocket
+# github.com/imdario/mergo v0.3.15
+## explicit; go 1.13
github.com/imdario/mergo
# github.com/inconshreveable/mousetrap v1.1.0
## explicit; go 1.18
@@ -72,6 +79,10 @@ github.com/json-iterator/go
github.com/mailru/easyjson/buffer
github.com/mailru/easyjson/jlexer
github.com/mailru/easyjson/jwriter
+# github.com/moby/spdystream v0.2.0
+## explicit; go 1.13
+github.com/moby/spdystream
+github.com/moby/spdystream/spdy
# github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd
## explicit
github.com/modern-go/concurrent
@@ -81,6 +92,9 @@ github.com/modern-go/reflect2
# github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
## explicit
github.com/munnerz/goautoneg
+# github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f
+## explicit
+github.com/mxk/go-flowrate/flowrate
# github.com/pkg/errors v0.9.1
## explicit
github.com/pkg/errors
@@ -118,6 +132,14 @@ github.com/spf13/pflag
# github.com/stretchr/testify v1.9.0
## explicit; go 1.17
github.com/stretchr/testify/assert
+# github.com/vladimirvivien/gexe v0.2.0
+## explicit; go 1.16
+github.com/vladimirvivien/gexe
+github.com/vladimirvivien/gexe/exec
+github.com/vladimirvivien/gexe/fs
+github.com/vladimirvivien/gexe/http
+github.com/vladimirvivien/gexe/prog
+github.com/vladimirvivien/gexe/vars
# go.uber.org/goleak v1.3.0
## explicit; go 1.20
go.uber.org/goleak
@@ -127,12 +149,17 @@ go.uber.org/goleak/internal/stack
go.uber.org/mock/gomock
# golang.org/x/net v0.26.0
## explicit; go 1.18
+golang.org/x/net/html
+golang.org/x/net/html/atom
golang.org/x/net/http/httpguts
golang.org/x/net/http2
golang.org/x/net/http2/hpack
golang.org/x/net/idna
+golang.org/x/net/internal/socks
golang.org/x/net/internal/timeseries
+golang.org/x/net/proxy
golang.org/x/net/trace
+golang.org/x/net/websocket
# golang.org/x/oauth2 v0.19.0
## explicit; go 1.18
golang.org/x/oauth2
@@ -321,9 +348,12 @@ k8s.io/apimachinery/pkg/api/errors
k8s.io/apimachinery/pkg/api/meta
k8s.io/apimachinery/pkg/api/resource
k8s.io/apimachinery/pkg/api/validation
+k8s.io/apimachinery/pkg/apis/meta/internalversion
+k8s.io/apimachinery/pkg/apis/meta/internalversion/scheme
k8s.io/apimachinery/pkg/apis/meta/v1
k8s.io/apimachinery/pkg/apis/meta/v1/unstructured
k8s.io/apimachinery/pkg/apis/meta/v1/validation
+k8s.io/apimachinery/pkg/apis/meta/v1beta1
k8s.io/apimachinery/pkg/conversion
k8s.io/apimachinery/pkg/conversion/queryparams
k8s.io/apimachinery/pkg/fields
@@ -341,6 +371,9 @@ k8s.io/apimachinery/pkg/types
k8s.io/apimachinery/pkg/util/dump
k8s.io/apimachinery/pkg/util/errors
k8s.io/apimachinery/pkg/util/framer
+k8s.io/apimachinery/pkg/util/httpstream
+k8s.io/apimachinery/pkg/util/httpstream/spdy
+k8s.io/apimachinery/pkg/util/httpstream/wsstream
k8s.io/apimachinery/pkg/util/intstr
k8s.io/apimachinery/pkg/util/json
k8s.io/apimachinery/pkg/util/managedfields
@@ -348,6 +381,9 @@ k8s.io/apimachinery/pkg/util/managedfields/internal
k8s.io/apimachinery/pkg/util/mergepatch
k8s.io/apimachinery/pkg/util/naming
k8s.io/apimachinery/pkg/util/net
+k8s.io/apimachinery/pkg/util/portforward
+k8s.io/apimachinery/pkg/util/proxy
+k8s.io/apimachinery/pkg/util/remotecommand
k8s.io/apimachinery/pkg/util/runtime
k8s.io/apimachinery/pkg/util/sets
k8s.io/apimachinery/pkg/util/strategicpatch
@@ -359,6 +395,7 @@ k8s.io/apimachinery/pkg/util/yaml
k8s.io/apimachinery/pkg/version
k8s.io/apimachinery/pkg/watch
k8s.io/apimachinery/third_party/forked/golang/json
+k8s.io/apimachinery/third_party/forked/golang/netutil
k8s.io/apimachinery/third_party/forked/golang/reflect
# k8s.io/client-go v0.30.2
## explicit; go 1.22.0
@@ -413,6 +450,7 @@ k8s.io/client-go/applyconfigurations/storage/v1beta1
k8s.io/client-go/applyconfigurations/storagemigration/v1alpha1
k8s.io/client-go/discovery
k8s.io/client-go/discovery/fake
+k8s.io/client-go/dynamic
k8s.io/client-go/kubernetes
k8s.io/client-go/kubernetes/fake
k8s.io/client-go/kubernetes/scheme
@@ -520,6 +558,7 @@ k8s.io/client-go/kubernetes/typed/storage/v1beta1
k8s.io/client-go/kubernetes/typed/storage/v1beta1/fake
k8s.io/client-go/kubernetes/typed/storagemigration/v1alpha1
k8s.io/client-go/kubernetes/typed/storagemigration/v1alpha1/fake
+k8s.io/client-go/metadata
k8s.io/client-go/openapi
k8s.io/client-go/pkg/apis/clientauthentication
k8s.io/client-go/pkg/apis/clientauthentication/install
@@ -530,6 +569,7 @@ k8s.io/client-go/plugin/pkg/client/auth/exec
k8s.io/client-go/rest
k8s.io/client-go/rest/fake
k8s.io/client-go/rest/watch
+k8s.io/client-go/restmapper
k8s.io/client-go/testing
k8s.io/client-go/tools/auth
k8s.io/client-go/tools/clientcmd
@@ -538,9 +578,13 @@ k8s.io/client-go/tools/clientcmd/api/latest
k8s.io/client-go/tools/clientcmd/api/v1
k8s.io/client-go/tools/metrics
k8s.io/client-go/tools/reference
+k8s.io/client-go/tools/remotecommand
k8s.io/client-go/transport
+k8s.io/client-go/transport/spdy
+k8s.io/client-go/transport/websocket
k8s.io/client-go/util/cert
k8s.io/client-go/util/connrotation
+k8s.io/client-go/util/exec
k8s.io/client-go/util/flowcontrol
k8s.io/client-go/util/homedir
k8s.io/client-go/util/keyutil
@@ -579,6 +623,7 @@ k8s.io/utils/clock
k8s.io/utils/clock/testing
k8s.io/utils/internal/third_party/forked/golang/net
k8s.io/utils/net
+k8s.io/utils/ptr
k8s.io/utils/strings/slices
# sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.0 => ./konnectivity-client
## explicit; go 1.21
@@ -587,6 +632,32 @@ sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/client/metrics
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/common/metrics
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/pkg/common/metrics/testing
sigs.k8s.io/apiserver-network-proxy/konnectivity-client/proto/client
+# sigs.k8s.io/controller-runtime v0.18.2
+## explicit; go 1.22.0
+sigs.k8s.io/controller-runtime/pkg/client
+sigs.k8s.io/controller-runtime/pkg/client/apiutil
+sigs.k8s.io/controller-runtime/pkg/controller/controllerutil
+sigs.k8s.io/controller-runtime/pkg/log
+# sigs.k8s.io/e2e-framework v0.4.0
+## explicit; go 1.22.3
+sigs.k8s.io/e2e-framework/klient
+sigs.k8s.io/e2e-framework/klient/conf
+sigs.k8s.io/e2e-framework/klient/decoder
+sigs.k8s.io/e2e-framework/klient/k8s
+sigs.k8s.io/e2e-framework/klient/k8s/resources
+sigs.k8s.io/e2e-framework/klient/k8s/watcher
+sigs.k8s.io/e2e-framework/klient/wait
+sigs.k8s.io/e2e-framework/klient/wait/conditions
+sigs.k8s.io/e2e-framework/pkg/env
+sigs.k8s.io/e2e-framework/pkg/envconf
+sigs.k8s.io/e2e-framework/pkg/envfuncs
+sigs.k8s.io/e2e-framework/pkg/featuregate
+sigs.k8s.io/e2e-framework/pkg/features
+sigs.k8s.io/e2e-framework/pkg/flags
+sigs.k8s.io/e2e-framework/pkg/types
+sigs.k8s.io/e2e-framework/support
+sigs.k8s.io/e2e-framework/support/kind
+sigs.k8s.io/e2e-framework/support/utils
# sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd
## explicit; go 1.18
sigs.k8s.io/json
@@ -598,7 +669,8 @@ sigs.k8s.io/structured-merge-diff/v4/merge
sigs.k8s.io/structured-merge-diff/v4/schema
sigs.k8s.io/structured-merge-diff/v4/typed
sigs.k8s.io/structured-merge-diff/v4/value
-# sigs.k8s.io/yaml v1.3.0
+# sigs.k8s.io/yaml v1.4.0
## explicit; go 1.12
sigs.k8s.io/yaml
+sigs.k8s.io/yaml/goyaml.v2
# sigs.k8s.io/apiserver-network-proxy/konnectivity-client => ./konnectivity-client
diff --git a/vendor/sigs.k8s.io/controller-runtime/LICENSE b/vendor/sigs.k8s.io/controller-runtime/LICENSE
new file mode 100644
index 000000000..8dada3eda
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/LICENSE
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "{}"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright {yyyy} {name of copyright owner}
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/apimachinery.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/apimachinery.go
new file mode 100644
index 000000000..3c0206bea
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/apimachinery.go
@@ -0,0 +1,225 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package apiutil contains utilities for working with raw Kubernetes
+// API machinery, such as creating RESTMappers and raw REST clients,
+// and extracting the GVK of an object.
+package apiutil
+
+import (
+ "errors"
+ "fmt"
+ "net/http"
+ "reflect"
+ "sync"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/client-go/dynamic"
+ clientgoscheme "k8s.io/client-go/kubernetes/scheme"
+ "k8s.io/client-go/rest"
+)
+
+var (
+ protobufScheme = runtime.NewScheme()
+ protobufSchemeLock sync.RWMutex
+)
+
+func init() {
+ // Currently only enabled for built-in resources which are guaranteed to implement Protocol Buffers.
+ // For custom resources, CRDs can not support Protocol Buffers but Aggregated API can.
+ // See doc: https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#advanced-features-and-flexibility
+ if err := clientgoscheme.AddToScheme(protobufScheme); err != nil {
+ panic(err)
+ }
+}
+
+// AddToProtobufScheme add the given SchemeBuilder into protobufScheme, which should
+// be additional types that do support protobuf.
+func AddToProtobufScheme(addToScheme func(*runtime.Scheme) error) error {
+ protobufSchemeLock.Lock()
+ defer protobufSchemeLock.Unlock()
+ return addToScheme(protobufScheme)
+}
+
+// IsObjectNamespaced returns true if the object is namespace scoped.
+// For unstructured objects the gvk is found from the object itself.
+func IsObjectNamespaced(obj runtime.Object, scheme *runtime.Scheme, restmapper meta.RESTMapper) (bool, error) {
+ gvk, err := GVKForObject(obj, scheme)
+ if err != nil {
+ return false, err
+ }
+
+ return IsGVKNamespaced(gvk, restmapper)
+}
+
+// IsGVKNamespaced returns true if the object having the provided
+// GVK is namespace scoped.
+func IsGVKNamespaced(gvk schema.GroupVersionKind, restmapper meta.RESTMapper) (bool, error) {
+ restmapping, err := restmapper.RESTMapping(schema.GroupKind{Group: gvk.Group, Kind: gvk.Kind})
+ if err != nil {
+ return false, fmt.Errorf("failed to get restmapping: %w", err)
+ }
+
+ scope := restmapping.Scope.Name()
+ if scope == "" {
+ return false, errors.New("scope cannot be identified, empty scope returned")
+ }
+
+ if scope != meta.RESTScopeNameRoot {
+ return true, nil
+ }
+ return false, nil
+}
+
+// GVKForObject finds the GroupVersionKind associated with the given object, if there is only a single such GVK.
+func GVKForObject(obj runtime.Object, scheme *runtime.Scheme) (schema.GroupVersionKind, error) {
+ // TODO(directxman12): do we want to generalize this to arbitrary container types?
+ // I think we'd need a generalized form of scheme or something. It's a
+ // shame there's not a reliable "GetGVK" interface that works by default
+ // for unpopulated static types and populated "dynamic" types
+ // (unstructured, partial, etc)
+
+ // check for PartialObjectMetadata, which is analogous to unstructured, but isn't handled by ObjectKinds
+ _, isPartial := obj.(*metav1.PartialObjectMetadata)
+ _, isPartialList := obj.(*metav1.PartialObjectMetadataList)
+ if isPartial || isPartialList {
+ // we require that the GVK be populated in order to recognize the object
+ gvk := obj.GetObjectKind().GroupVersionKind()
+ if len(gvk.Kind) == 0 {
+ return schema.GroupVersionKind{}, runtime.NewMissingKindErr("unstructured object has no kind")
+ }
+ if len(gvk.Version) == 0 {
+ return schema.GroupVersionKind{}, runtime.NewMissingVersionErr("unstructured object has no version")
+ }
+ return gvk, nil
+ }
+
+ // Use the given scheme to retrieve all the GVKs for the object.
+ gvks, isUnversioned, err := scheme.ObjectKinds(obj)
+ if err != nil {
+ return schema.GroupVersionKind{}, err
+ }
+ if isUnversioned {
+ return schema.GroupVersionKind{}, fmt.Errorf("cannot create group-version-kind for unversioned type %T", obj)
+ }
+
+ switch {
+ case len(gvks) < 1:
+ // If the object has no GVK, the object might not have been registered with the scheme.
+ // or it's not a valid object.
+ return schema.GroupVersionKind{}, fmt.Errorf("no GroupVersionKind associated with Go type %T, was the type registered with the Scheme?", obj)
+ case len(gvks) > 1:
+ err := fmt.Errorf("multiple GroupVersionKinds associated with Go type %T within the Scheme, this can happen when a type is registered for multiple GVKs at the same time", obj)
+
+ // We've found multiple GVKs for the object.
+ currentGVK := obj.GetObjectKind().GroupVersionKind()
+ if !currentGVK.Empty() {
+ // If the base object has a GVK, check if it's in the list of GVKs before using it.
+ for _, gvk := range gvks {
+ if gvk == currentGVK {
+ return gvk, nil
+ }
+ }
+
+ return schema.GroupVersionKind{}, fmt.Errorf(
+ "%w: the object's supplied GroupVersionKind %q was not found in the Scheme's list; refusing to guess at one: %q", err, currentGVK, gvks)
+ }
+
+ // This should only trigger for things like metav1.XYZ --
+ // normal versioned types should be fine.
+ //
+ // See https://github.com/kubernetes-sigs/controller-runtime/issues/362
+ // for more information.
+ return schema.GroupVersionKind{}, fmt.Errorf(
+ "%w: callers can either fix their type registration to only register it once, or specify the GroupVersionKind to use for object passed in; refusing to guess at one: %q", err, gvks)
+ default:
+ // In any other case, we've found a single GVK for the object.
+ return gvks[0], nil
+ }
+}
+
+// RESTClientForGVK constructs a new rest.Interface capable of accessing the resource associated
+// with the given GroupVersionKind. The REST client will be configured to use the negotiated serializer from
+// baseConfig, if set, otherwise a default serializer will be set.
+func RESTClientForGVK(gvk schema.GroupVersionKind, isUnstructured bool, baseConfig *rest.Config, codecs serializer.CodecFactory, httpClient *http.Client) (rest.Interface, error) {
+ if httpClient == nil {
+ return nil, fmt.Errorf("httpClient must not be nil, consider using rest.HTTPClientFor(c) to create a client")
+ }
+ return rest.RESTClientForConfigAndClient(createRestConfig(gvk, isUnstructured, baseConfig, codecs), httpClient)
+}
+
+// createRestConfig copies the base config and updates needed fields for a new rest config.
+func createRestConfig(gvk schema.GroupVersionKind, isUnstructured bool, baseConfig *rest.Config, codecs serializer.CodecFactory) *rest.Config {
+ gv := gvk.GroupVersion()
+
+ cfg := rest.CopyConfig(baseConfig)
+ cfg.GroupVersion = &gv
+ if gvk.Group == "" {
+ cfg.APIPath = "/api"
+ } else {
+ cfg.APIPath = "/apis"
+ }
+ if cfg.UserAgent == "" {
+ cfg.UserAgent = rest.DefaultKubernetesUserAgent()
+ }
+ // TODO(FillZpp): In the long run, we want to check discovery or something to make sure that this is actually true.
+ if cfg.ContentType == "" && !isUnstructured {
+ protobufSchemeLock.RLock()
+ if protobufScheme.Recognizes(gvk) {
+ cfg.ContentType = runtime.ContentTypeProtobuf
+ }
+ protobufSchemeLock.RUnlock()
+ }
+
+ if isUnstructured {
+ // If the object is unstructured, we use the client-go dynamic serializer.
+ cfg = dynamic.ConfigFor(cfg)
+ } else {
+ cfg.NegotiatedSerializer = serializerWithTargetZeroingDecode{NegotiatedSerializer: serializer.WithoutConversionCodecFactory{CodecFactory: codecs}}
+ }
+
+ return cfg
+}
+
+type serializerWithTargetZeroingDecode struct {
+ runtime.NegotiatedSerializer
+}
+
+func (s serializerWithTargetZeroingDecode) DecoderToVersion(serializer runtime.Decoder, r runtime.GroupVersioner) runtime.Decoder {
+ return targetZeroingDecoder{upstream: s.NegotiatedSerializer.DecoderToVersion(serializer, r)}
+}
+
+type targetZeroingDecoder struct {
+ upstream runtime.Decoder
+}
+
+func (t targetZeroingDecoder) Decode(data []byte, defaults *schema.GroupVersionKind, into runtime.Object) (runtime.Object, *schema.GroupVersionKind, error) {
+ zero(into)
+ return t.upstream.Decode(data, defaults, into)
+}
+
+// zero zeros the value of a pointer.
+func zero(x interface{}) {
+ if x == nil {
+ return
+ }
+ res := reflect.ValueOf(x).Elem()
+ res.Set(reflect.Zero(res.Type()))
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/errors.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/errors.go
new file mode 100644
index 000000000..c216c49d2
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/errors.go
@@ -0,0 +1,54 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package apiutil
+
+import (
+ "fmt"
+ "sort"
+ "strings"
+
+ apierrors "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/api/meta"
+
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// ErrResourceDiscoveryFailed is returned if the RESTMapper cannot discover supported resources for some GroupVersions.
+// It wraps the errors encountered, except "NotFound" errors are replaced with meta.NoResourceMatchError, for
+// backwards compatibility with code that uses meta.IsNoMatchError() to check for unsupported APIs.
+type ErrResourceDiscoveryFailed map[schema.GroupVersion]error
+
+// Error implements the error interface.
+func (e *ErrResourceDiscoveryFailed) Error() string {
+ subErrors := []string{}
+ for k, v := range *e {
+ subErrors = append(subErrors, fmt.Sprintf("%s: %v", k, v))
+ }
+ sort.Strings(subErrors)
+ return fmt.Sprintf("unable to retrieve the complete list of server APIs: %s", strings.Join(subErrors, ", "))
+}
+
+func (e *ErrResourceDiscoveryFailed) Unwrap() []error {
+ subErrors := []error{}
+ for gv, err := range *e {
+ if apierrors.IsNotFound(err) {
+ err = &meta.NoResourceMatchError{PartialResource: gv.WithResource("")}
+ }
+ subErrors = append(subErrors, err)
+ }
+ return subErrors
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/restmapper.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/restmapper.go
new file mode 100644
index 000000000..927be22b4
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/apiutil/restmapper.go
@@ -0,0 +1,335 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package apiutil
+
+import (
+ "fmt"
+ "net/http"
+ "sync"
+
+ apierrors "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/client-go/discovery"
+ "k8s.io/client-go/rest"
+ "k8s.io/client-go/restmapper"
+)
+
+// NewDynamicRESTMapper returns a dynamic RESTMapper for cfg. The dynamic
+// RESTMapper dynamically discovers resource types at runtime.
+func NewDynamicRESTMapper(cfg *rest.Config, httpClient *http.Client) (meta.RESTMapper, error) {
+ if httpClient == nil {
+ return nil, fmt.Errorf("httpClient must not be nil, consider using rest.HTTPClientFor(c) to create a client")
+ }
+
+ client, err := discovery.NewDiscoveryClientForConfigAndClient(cfg, httpClient)
+ if err != nil {
+ return nil, err
+ }
+ return &mapper{
+ mapper: restmapper.NewDiscoveryRESTMapper([]*restmapper.APIGroupResources{}),
+ client: client,
+ knownGroups: map[string]*restmapper.APIGroupResources{},
+ apiGroups: map[string]*metav1.APIGroup{},
+ }, nil
+}
+
+// mapper is a RESTMapper that will lazily query the provided
+// client for discovery information to do REST mappings.
+type mapper struct {
+ mapper meta.RESTMapper
+ client discovery.DiscoveryInterface
+ knownGroups map[string]*restmapper.APIGroupResources
+ apiGroups map[string]*metav1.APIGroup
+
+ // mutex to provide thread-safe mapper reloading.
+ mu sync.RWMutex
+}
+
+// KindFor implements Mapper.KindFor.
+func (m *mapper) KindFor(resource schema.GroupVersionResource) (schema.GroupVersionKind, error) {
+ res, err := m.getMapper().KindFor(resource)
+ if meta.IsNoMatchError(err) {
+ if err := m.addKnownGroupAndReload(resource.Group, resource.Version); err != nil {
+ return schema.GroupVersionKind{}, err
+ }
+ res, err = m.getMapper().KindFor(resource)
+ }
+
+ return res, err
+}
+
+// KindsFor implements Mapper.KindsFor.
+func (m *mapper) KindsFor(resource schema.GroupVersionResource) ([]schema.GroupVersionKind, error) {
+ res, err := m.getMapper().KindsFor(resource)
+ if meta.IsNoMatchError(err) {
+ if err := m.addKnownGroupAndReload(resource.Group, resource.Version); err != nil {
+ return nil, err
+ }
+ res, err = m.getMapper().KindsFor(resource)
+ }
+
+ return res, err
+}
+
+// ResourceFor implements Mapper.ResourceFor.
+func (m *mapper) ResourceFor(input schema.GroupVersionResource) (schema.GroupVersionResource, error) {
+ res, err := m.getMapper().ResourceFor(input)
+ if meta.IsNoMatchError(err) {
+ if err := m.addKnownGroupAndReload(input.Group, input.Version); err != nil {
+ return schema.GroupVersionResource{}, err
+ }
+ res, err = m.getMapper().ResourceFor(input)
+ }
+
+ return res, err
+}
+
+// ResourcesFor implements Mapper.ResourcesFor.
+func (m *mapper) ResourcesFor(input schema.GroupVersionResource) ([]schema.GroupVersionResource, error) {
+ res, err := m.getMapper().ResourcesFor(input)
+ if meta.IsNoMatchError(err) {
+ if err := m.addKnownGroupAndReload(input.Group, input.Version); err != nil {
+ return nil, err
+ }
+ res, err = m.getMapper().ResourcesFor(input)
+ }
+
+ return res, err
+}
+
+// RESTMapping implements Mapper.RESTMapping.
+func (m *mapper) RESTMapping(gk schema.GroupKind, versions ...string) (*meta.RESTMapping, error) {
+ res, err := m.getMapper().RESTMapping(gk, versions...)
+ if meta.IsNoMatchError(err) {
+ if err := m.addKnownGroupAndReload(gk.Group, versions...); err != nil {
+ return nil, err
+ }
+ res, err = m.getMapper().RESTMapping(gk, versions...)
+ }
+
+ return res, err
+}
+
+// RESTMappings implements Mapper.RESTMappings.
+func (m *mapper) RESTMappings(gk schema.GroupKind, versions ...string) ([]*meta.RESTMapping, error) {
+ res, err := m.getMapper().RESTMappings(gk, versions...)
+ if meta.IsNoMatchError(err) {
+ if err := m.addKnownGroupAndReload(gk.Group, versions...); err != nil {
+ return nil, err
+ }
+ res, err = m.getMapper().RESTMappings(gk, versions...)
+ }
+
+ return res, err
+}
+
+// ResourceSingularizer implements Mapper.ResourceSingularizer.
+func (m *mapper) ResourceSingularizer(resource string) (string, error) {
+ return m.getMapper().ResourceSingularizer(resource)
+}
+
+func (m *mapper) getMapper() meta.RESTMapper {
+ m.mu.RLock()
+ defer m.mu.RUnlock()
+ return m.mapper
+}
+
+// addKnownGroupAndReload reloads the mapper with updated information about missing API group.
+// versions can be specified for partial updates, for instance for v1beta1 version only.
+func (m *mapper) addKnownGroupAndReload(groupName string, versions ...string) error {
+ // versions will here be [""] if the forwarded Version value of
+ // GroupVersionResource (in calling method) was not specified.
+ if len(versions) == 1 && versions[0] == "" {
+ versions = nil
+ }
+
+ // If no specific versions are set by user, we will scan all available ones for the API group.
+ // This operation requires 2 requests: /api and /apis, but only once. For all subsequent calls
+ // this data will be taken from cache.
+ if len(versions) == 0 {
+ apiGroup, err := m.findAPIGroupByName(groupName)
+ if err != nil {
+ return err
+ }
+ if apiGroup != nil {
+ for _, version := range apiGroup.Versions {
+ versions = append(versions, version.Version)
+ }
+ }
+ }
+
+ m.mu.Lock()
+ defer m.mu.Unlock()
+
+ // Create or fetch group resources from cache.
+ groupResources := &restmapper.APIGroupResources{
+ Group: metav1.APIGroup{Name: groupName},
+ VersionedResources: make(map[string][]metav1.APIResource),
+ }
+
+ // Update information for group resources about versioned resources.
+ // The number of API calls is equal to the number of versions: /apis/<group>/<version>.
+ // If we encounter a missing API version (NotFound error), we will remove the group from
+ // the m.apiGroups and m.knownGroups caches.
+ // If this happens, in the next call the group will be added back to apiGroups
+ // and only the existing versions will be loaded in knownGroups.
+ groupVersionResources, err := m.fetchGroupVersionResourcesLocked(groupName, versions...)
+ if err != nil {
+ return fmt.Errorf("failed to get API group resources: %w", err)
+ }
+
+ if _, ok := m.knownGroups[groupName]; ok {
+ groupResources = m.knownGroups[groupName]
+ }
+
+ // Update information for group resources about the API group by adding new versions.
+ // Ignore the versions that are already registered.
+ for groupVersion, resources := range groupVersionResources {
+ version := groupVersion.Version
+
+ groupResources.VersionedResources[version] = resources.APIResources
+ found := false
+ for _, v := range groupResources.Group.Versions {
+ if v.Version == version {
+ found = true
+ break
+ }
+ }
+
+ if !found {
+ groupResources.Group.Versions = append(groupResources.Group.Versions, metav1.GroupVersionForDiscovery{
+ GroupVersion: metav1.GroupVersion{Group: groupName, Version: version}.String(),
+ Version: version,
+ })
+ }
+ }
+
+ // Update data in the cache.
+ m.knownGroups[groupName] = groupResources
+
+ // Finally, update the group with received information and regenerate the mapper.
+ updatedGroupResources := make([]*restmapper.APIGroupResources, 0, len(m.knownGroups))
+ for _, agr := range m.knownGroups {
+ updatedGroupResources = append(updatedGroupResources, agr)
+ }
+
+ m.mapper = restmapper.NewDiscoveryRESTMapper(updatedGroupResources)
+ return nil
+}
+
+// findAPIGroupByNameLocked returns API group by its name.
+func (m *mapper) findAPIGroupByName(groupName string) (*metav1.APIGroup, error) {
+ // Looking in the cache first.
+ {
+ m.mu.RLock()
+ group, ok := m.apiGroups[groupName]
+ m.mu.RUnlock()
+ if ok {
+ return group, nil
+ }
+ }
+
+ // Update the cache if nothing was found.
+ apiGroups, err := m.client.ServerGroups()
+ if err != nil {
+ return nil, fmt.Errorf("failed to get server groups: %w", err)
+ }
+ if len(apiGroups.Groups) == 0 {
+ return nil, fmt.Errorf("received an empty API groups list")
+ }
+
+ m.mu.Lock()
+ for i := range apiGroups.Groups {
+ group := &apiGroups.Groups[i]
+ m.apiGroups[group.Name] = group
+ }
+ m.mu.Unlock()
+
+ // Looking in the cache again.
+ m.mu.RLock()
+ defer m.mu.RUnlock()
+
+ // Don't return an error here if the API group is not present.
+ // The reloaded RESTMapper will take care of returning a NoMatchError.
+ return m.apiGroups[groupName], nil
+}
+
+// fetchGroupVersionResourcesLocked fetches the resources for the specified group and its versions.
+// This method might modify the cache so it needs to be called under the lock.
+func (m *mapper) fetchGroupVersionResourcesLocked(groupName string, versions ...string) (map[schema.GroupVersion]*metav1.APIResourceList, error) {
+ groupVersionResources := make(map[schema.GroupVersion]*metav1.APIResourceList)
+ failedGroups := make(map[schema.GroupVersion]error)
+
+ for _, version := range versions {
+ groupVersion := schema.GroupVersion{Group: groupName, Version: version}
+
+ apiResourceList, err := m.client.ServerResourcesForGroupVersion(groupVersion.String())
+ if apierrors.IsNotFound(err) {
+ // If the version is not found, we remove the group from the cache
+ // so it gets refreshed on the next call.
+ if m.isAPIGroupCached(groupVersion) {
+ delete(m.apiGroups, groupName)
+ }
+ if m.isGroupVersionCached(groupVersion) {
+ delete(m.knownGroups, groupName)
+ }
+ continue
+ } else if err != nil {
+ failedGroups[groupVersion] = err
+ }
+
+ if apiResourceList != nil {
+ // even in case of error, some fallback might have been returned.
+ groupVersionResources[groupVersion] = apiResourceList
+ }
+ }
+
+ if len(failedGroups) > 0 {
+ err := ErrResourceDiscoveryFailed(failedGroups)
+ return nil, &err
+ }
+
+ return groupVersionResources, nil
+}
+
+// isGroupVersionCached checks if a version for a group is cached in the known groups cache.
+func (m *mapper) isGroupVersionCached(gv schema.GroupVersion) bool {
+ if cachedGroup, ok := m.knownGroups[gv.Group]; ok {
+ _, cached := cachedGroup.VersionedResources[gv.Version]
+ return cached
+ }
+
+ return false
+}
+
+// isAPIGroupCached checks if a version for a group is cached in the api groups cache.
+func (m *mapper) isAPIGroupCached(gv schema.GroupVersion) bool {
+ cachedGroup, ok := m.apiGroups[gv.Group]
+ if !ok {
+ return false
+ }
+
+ for _, version := range cachedGroup.Versions {
+ if version.Version == gv.Version {
+ return true
+ }
+ }
+
+ return false
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/client.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/client.go
new file mode 100644
index 000000000..e6c075eb0
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/client.go
@@ -0,0 +1,605 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+ "errors"
+ "fmt"
+ "net/http"
+ "strings"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/client-go/kubernetes/scheme"
+ "k8s.io/client-go/metadata"
+ "k8s.io/client-go/rest"
+
+ "sigs.k8s.io/controller-runtime/pkg/client/apiutil"
+ "sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+// Options are creation options for a Client.
+type Options struct {
+ // HTTPClient is the HTTP client to use for requests.
+ HTTPClient *http.Client
+
+ // Scheme, if provided, will be used to map go structs to GroupVersionKinds
+ Scheme *runtime.Scheme
+
+ // Mapper, if provided, will be used to map GroupVersionKinds to Resources
+ Mapper meta.RESTMapper
+
+ // Cache, if provided, is used to read objects from the cache.
+ Cache *CacheOptions
+
+ // WarningHandler is used to configure the warning handler responsible for
+ // surfacing and handling warnings messages sent by the API server.
+ WarningHandler WarningHandlerOptions
+
+ // DryRun instructs the client to only perform dry run requests.
+ DryRun *bool
+}
+
+// WarningHandlerOptions are options for configuring a
+// warning handler for the client which is responsible
+// for surfacing API Server warnings.
+type WarningHandlerOptions struct {
+ // SuppressWarnings decides if the warnings from the
+ // API server are suppressed or surfaced in the client.
+ SuppressWarnings bool
+ // AllowDuplicateLogs does not deduplicate the to-be
+ // logged surfaced warnings messages. See
+ // log.WarningHandlerOptions for considerations
+ // regarding deduplication
+ AllowDuplicateLogs bool
+}
+
+// CacheOptions are options for creating a cache-backed client.
+type CacheOptions struct {
+ // Reader is a cache-backed reader that will be used to read objects from the cache.
+ // +required
+ Reader Reader
+ // DisableFor is a list of objects that should never be read from the cache.
+ // Objects configured here always result in a live lookup.
+ DisableFor []Object
+ // Unstructured is a flag that indicates whether the cache-backed client should
+ // read unstructured objects or lists from the cache.
+ // If false, unstructured objects will always result in a live lookup.
+ Unstructured bool
+}
+
+// NewClientFunc allows a user to define how to create a client.
+type NewClientFunc func(config *rest.Config, options Options) (Client, error)
+
+// New returns a new Client using the provided config and Options.
+//
+// The client's read behavior is determined by Options.Cache.
+// If either Options.Cache or Options.Cache.Reader is nil,
+// the client reads directly from the API server.
+// If both Options.Cache and Options.Cache.Reader are non-nil,
+// the client reads from a local cache. However, specific
+// resources can still be configured to bypass the cache based
+// on Options.Cache.Unstructured and Options.Cache.DisableFor.
+// Write operations are always performed directly on the API server.
+//
+// The client understands how to work with normal types (both custom resources
+// and aggregated/built-in resources), as well as unstructured types.
+// In the case of normal types, the scheme will be used to look up the
+// corresponding group, version, and kind for the given type. In the
+// case of unstructured types, the group, version, and kind will be extracted
+// from the corresponding fields on the object.
+func New(config *rest.Config, options Options) (c Client, err error) {
+ c, err = newClient(config, options)
+ if err == nil && options.DryRun != nil && *options.DryRun {
+ c = NewDryRunClient(c)
+ }
+ return c, err
+}
+
+func newClient(config *rest.Config, options Options) (*client, error) {
+ if config == nil {
+ return nil, fmt.Errorf("must provide non-nil rest.Config to client.New")
+ }
+
+ config = rest.CopyConfig(config)
+ if config.UserAgent == "" {
+ config.UserAgent = rest.DefaultKubernetesUserAgent()
+ }
+
+ if !options.WarningHandler.SuppressWarnings {
+ // surface warnings
+ logger := log.Log.WithName("KubeAPIWarningLogger")
+ // Set a WarningHandler, the default WarningHandler
+ // is log.KubeAPIWarningLogger with deduplication enabled.
+ // See log.KubeAPIWarningLoggerOptions for considerations
+ // regarding deduplication.
+ config.WarningHandler = log.NewKubeAPIWarningLogger(
+ logger,
+ log.KubeAPIWarningLoggerOptions{
+ Deduplicate: !options.WarningHandler.AllowDuplicateLogs,
+ },
+ )
+ }
+
+ // Use the rest HTTP client for the provided config if unset
+ if options.HTTPClient == nil {
+ var err error
+ options.HTTPClient, err = rest.HTTPClientFor(config)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ // Init a scheme if none provided
+ if options.Scheme == nil {
+ options.Scheme = scheme.Scheme
+ }
+
+ // Init a Mapper if none provided
+ if options.Mapper == nil {
+ var err error
+ options.Mapper, err = apiutil.NewDynamicRESTMapper(config, options.HTTPClient)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ resources := &clientRestResources{
+ httpClient: options.HTTPClient,
+ config: config,
+ scheme: options.Scheme,
+ mapper: options.Mapper,
+ codecs: serializer.NewCodecFactory(options.Scheme),
+
+ structuredResourceByType: make(map[schema.GroupVersionKind]*resourceMeta),
+ unstructuredResourceByType: make(map[schema.GroupVersionKind]*resourceMeta),
+ }
+
+ rawMetaClient, err := metadata.NewForConfigAndClient(metadata.ConfigFor(config), options.HTTPClient)
+ if err != nil {
+ return nil, fmt.Errorf("unable to construct metadata-only client for use as part of client: %w", err)
+ }
+
+ c := &client{
+ typedClient: typedClient{
+ resources: resources,
+ paramCodec: runtime.NewParameterCodec(options.Scheme),
+ },
+ unstructuredClient: unstructuredClient{
+ resources: resources,
+ paramCodec: noConversionParamCodec{},
+ },
+ metadataClient: metadataClient{
+ client: rawMetaClient,
+ restMapper: options.Mapper,
+ },
+ scheme: options.Scheme,
+ mapper: options.Mapper,
+ }
+ if options.Cache == nil || options.Cache.Reader == nil {
+ return c, nil
+ }
+
+ // We want a cache if we're here.
+ // Set the cache.
+ c.cache = options.Cache.Reader
+
+ // Load uncached GVKs.
+ c.cacheUnstructured = options.Cache.Unstructured
+ c.uncachedGVKs = map[schema.GroupVersionKind]struct{}{}
+ for _, obj := range options.Cache.DisableFor {
+ gvk, err := c.GroupVersionKindFor(obj)
+ if err != nil {
+ return nil, err
+ }
+ c.uncachedGVKs[gvk] = struct{}{}
+ }
+ return c, nil
+}
+
+var _ Client = &client{}
+
+// client is a client.Client configured to either read from a local cache or directly from the API server.
+// Write operations are always performed directly on the API server.
+// It lazily initializes new clients at the time they are used.
+type client struct {
+ typedClient typedClient
+ unstructuredClient unstructuredClient
+ metadataClient metadataClient
+ scheme *runtime.Scheme
+ mapper meta.RESTMapper
+
+ cache Reader
+ uncachedGVKs map[schema.GroupVersionKind]struct{}
+ cacheUnstructured bool
+}
+
+func (c *client) shouldBypassCache(obj runtime.Object) (bool, error) {
+ if c.cache == nil {
+ return true, nil
+ }
+
+ gvk, err := c.GroupVersionKindFor(obj)
+ if err != nil {
+ return false, err
+ }
+ // TODO: this is producing unsafe guesses that don't actually work,
+ // but it matches ~99% of the cases out there.
+ if meta.IsListType(obj) {
+ gvk.Kind = strings.TrimSuffix(gvk.Kind, "List")
+ }
+ if _, isUncached := c.uncachedGVKs[gvk]; isUncached {
+ return true, nil
+ }
+ if !c.cacheUnstructured {
+ _, isUnstructured := obj.(runtime.Unstructured)
+ return isUnstructured, nil
+ }
+ return false, nil
+}
+
+// resetGroupVersionKind is a helper function to restore and preserve GroupVersionKind on an object.
+func (c *client) resetGroupVersionKind(obj runtime.Object, gvk schema.GroupVersionKind) {
+ if gvk != schema.EmptyObjectKind.GroupVersionKind() {
+ if v, ok := obj.(schema.ObjectKind); ok {
+ v.SetGroupVersionKind(gvk)
+ }
+ }
+}
+
+// GroupVersionKindFor returns the GroupVersionKind for the given object.
+func (c *client) GroupVersionKindFor(obj runtime.Object) (schema.GroupVersionKind, error) {
+ return apiutil.GVKForObject(obj, c.scheme)
+}
+
+// IsObjectNamespaced returns true if the GroupVersionKind of the object is namespaced.
+func (c *client) IsObjectNamespaced(obj runtime.Object) (bool, error) {
+ return apiutil.IsObjectNamespaced(obj, c.scheme, c.mapper)
+}
+
+// Scheme returns the scheme this client is using.
+func (c *client) Scheme() *runtime.Scheme {
+ return c.scheme
+}
+
+// RESTMapper returns the scheme this client is using.
+func (c *client) RESTMapper() meta.RESTMapper {
+ return c.mapper
+}
+
+// Create implements client.Client.
+func (c *client) Create(ctx context.Context, obj Object, opts ...CreateOption) error {
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return c.unstructuredClient.Create(ctx, obj, opts...)
+ case *metav1.PartialObjectMetadata:
+ return fmt.Errorf("cannot create using only metadata")
+ default:
+ return c.typedClient.Create(ctx, obj, opts...)
+ }
+}
+
+// Update implements client.Client.
+func (c *client) Update(ctx context.Context, obj Object, opts ...UpdateOption) error {
+ defer c.resetGroupVersionKind(obj, obj.GetObjectKind().GroupVersionKind())
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return c.unstructuredClient.Update(ctx, obj, opts...)
+ case *metav1.PartialObjectMetadata:
+ return fmt.Errorf("cannot update using only metadata -- did you mean to patch?")
+ default:
+ return c.typedClient.Update(ctx, obj, opts...)
+ }
+}
+
+// Delete implements client.Client.
+func (c *client) Delete(ctx context.Context, obj Object, opts ...DeleteOption) error {
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return c.unstructuredClient.Delete(ctx, obj, opts...)
+ case *metav1.PartialObjectMetadata:
+ return c.metadataClient.Delete(ctx, obj, opts...)
+ default:
+ return c.typedClient.Delete(ctx, obj, opts...)
+ }
+}
+
+// DeleteAllOf implements client.Client.
+func (c *client) DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error {
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return c.unstructuredClient.DeleteAllOf(ctx, obj, opts...)
+ case *metav1.PartialObjectMetadata:
+ return c.metadataClient.DeleteAllOf(ctx, obj, opts...)
+ default:
+ return c.typedClient.DeleteAllOf(ctx, obj, opts...)
+ }
+}
+
+// Patch implements client.Client.
+func (c *client) Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error {
+ defer c.resetGroupVersionKind(obj, obj.GetObjectKind().GroupVersionKind())
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return c.unstructuredClient.Patch(ctx, obj, patch, opts...)
+ case *metav1.PartialObjectMetadata:
+ return c.metadataClient.Patch(ctx, obj, patch, opts...)
+ default:
+ return c.typedClient.Patch(ctx, obj, patch, opts...)
+ }
+}
+
+// Get implements client.Client.
+func (c *client) Get(ctx context.Context, key ObjectKey, obj Object, opts ...GetOption) error {
+ if isUncached, err := c.shouldBypassCache(obj); err != nil {
+ return err
+ } else if !isUncached {
+ // Attempt to get from the cache.
+ return c.cache.Get(ctx, key, obj, opts...)
+ }
+
+ // Perform a live lookup.
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return c.unstructuredClient.Get(ctx, key, obj, opts...)
+ case *metav1.PartialObjectMetadata:
+ // Metadata only object should always preserve the GVK coming in from the caller.
+ defer c.resetGroupVersionKind(obj, obj.GetObjectKind().GroupVersionKind())
+ return c.metadataClient.Get(ctx, key, obj, opts...)
+ default:
+ return c.typedClient.Get(ctx, key, obj, opts...)
+ }
+}
+
+// List implements client.Client.
+func (c *client) List(ctx context.Context, obj ObjectList, opts ...ListOption) error {
+ if isUncached, err := c.shouldBypassCache(obj); err != nil {
+ return err
+ } else if !isUncached {
+ // Attempt to get from the cache.
+ return c.cache.List(ctx, obj, opts...)
+ }
+
+ // Perform a live lookup.
+ switch x := obj.(type) {
+ case runtime.Unstructured:
+ return c.unstructuredClient.List(ctx, obj, opts...)
+ case *metav1.PartialObjectMetadataList:
+ // Metadata only object should always preserve the GVK.
+ gvk := obj.GetObjectKind().GroupVersionKind()
+ defer c.resetGroupVersionKind(obj, gvk)
+
+ // Call the list client.
+ if err := c.metadataClient.List(ctx, obj, opts...); err != nil {
+ return err
+ }
+
+ // Restore the GVK for each item in the list.
+ itemGVK := schema.GroupVersionKind{
+ Group: gvk.Group,
+ Version: gvk.Version,
+ // TODO: this is producing unsafe guesses that don't actually work,
+ // but it matches ~99% of the cases out there.
+ Kind: strings.TrimSuffix(gvk.Kind, "List"),
+ }
+ for i := range x.Items {
+ item := &x.Items[i]
+ item.SetGroupVersionKind(itemGVK)
+ }
+
+ return nil
+ default:
+ return c.typedClient.List(ctx, obj, opts...)
+ }
+}
+
+// Status implements client.StatusClient.
+func (c *client) Status() SubResourceWriter {
+ return c.SubResource("status")
+}
+
+func (c *client) SubResource(subResource string) SubResourceClient {
+ return &subResourceClient{client: c, subResource: subResource}
+}
+
+// subResourceClient is client.SubResourceWriter that writes to subresources.
+type subResourceClient struct {
+ client *client
+ subResource string
+}
+
+// ensure subResourceClient implements client.SubResourceClient.
+var _ SubResourceClient = &subResourceClient{}
+
+// SubResourceGetOptions holds all the possible configuration
+// for a subresource Get request.
+type SubResourceGetOptions struct {
+ Raw *metav1.GetOptions
+}
+
+// ApplyToSubResourceGet updates the configuaration to the given get options.
+func (getOpt *SubResourceGetOptions) ApplyToSubResourceGet(o *SubResourceGetOptions) {
+ if getOpt.Raw != nil {
+ o.Raw = getOpt.Raw
+ }
+}
+
+// ApplyOptions applues the given options.
+func (getOpt *SubResourceGetOptions) ApplyOptions(opts []SubResourceGetOption) *SubResourceGetOptions {
+ for _, o := range opts {
+ o.ApplyToSubResourceGet(getOpt)
+ }
+
+ return getOpt
+}
+
+// AsGetOptions returns the configured options as *metav1.GetOptions.
+func (getOpt *SubResourceGetOptions) AsGetOptions() *metav1.GetOptions {
+ if getOpt.Raw == nil {
+ return &metav1.GetOptions{}
+ }
+ return getOpt.Raw
+}
+
+// SubResourceUpdateOptions holds all the possible configuration
+// for a subresource update request.
+type SubResourceUpdateOptions struct {
+ UpdateOptions
+ SubResourceBody Object
+}
+
+// ApplyToSubResourceUpdate updates the configuration on the given create options
+func (uo *SubResourceUpdateOptions) ApplyToSubResourceUpdate(o *SubResourceUpdateOptions) {
+ uo.UpdateOptions.ApplyToUpdate(&o.UpdateOptions)
+ if uo.SubResourceBody != nil {
+ o.SubResourceBody = uo.SubResourceBody
+ }
+}
+
+// ApplyOptions applies the given options.
+func (uo *SubResourceUpdateOptions) ApplyOptions(opts []SubResourceUpdateOption) *SubResourceUpdateOptions {
+ for _, o := range opts {
+ o.ApplyToSubResourceUpdate(uo)
+ }
+
+ return uo
+}
+
+// SubResourceUpdateAndPatchOption is an option that can be used for either
+// a subresource update or patch request.
+type SubResourceUpdateAndPatchOption interface {
+ SubResourceUpdateOption
+ SubResourcePatchOption
+}
+
+// WithSubResourceBody returns an option that uses the given body
+// for a subresource Update or Patch operation.
+func WithSubResourceBody(body Object) SubResourceUpdateAndPatchOption {
+ return &withSubresourceBody{body: body}
+}
+
+type withSubresourceBody struct {
+ body Object
+}
+
+func (wsr *withSubresourceBody) ApplyToSubResourceUpdate(o *SubResourceUpdateOptions) {
+ o.SubResourceBody = wsr.body
+}
+
+func (wsr *withSubresourceBody) ApplyToSubResourcePatch(o *SubResourcePatchOptions) {
+ o.SubResourceBody = wsr.body
+}
+
+// SubResourceCreateOptions are all the possible configurations for a subresource
+// create request.
+type SubResourceCreateOptions struct {
+ CreateOptions
+}
+
+// ApplyOptions applies the given options.
+func (co *SubResourceCreateOptions) ApplyOptions(opts []SubResourceCreateOption) *SubResourceCreateOptions {
+ for _, o := range opts {
+ o.ApplyToSubResourceCreate(co)
+ }
+
+ return co
+}
+
+// ApplyToSubResourceCreate applies the the configuration on the given create options.
+func (co *SubResourceCreateOptions) ApplyToSubResourceCreate(o *SubResourceCreateOptions) {
+ co.CreateOptions.ApplyToCreate(&co.CreateOptions)
+}
+
+// SubResourcePatchOptions holds all possible configurations for a subresource patch
+// request.
+type SubResourcePatchOptions struct {
+ PatchOptions
+ SubResourceBody Object
+}
+
+// ApplyOptions applies the given options.
+func (po *SubResourcePatchOptions) ApplyOptions(opts []SubResourcePatchOption) *SubResourcePatchOptions {
+ for _, o := range opts {
+ o.ApplyToSubResourcePatch(po)
+ }
+
+ return po
+}
+
+// ApplyToSubResourcePatch applies the configuration on the given patch options.
+func (po *SubResourcePatchOptions) ApplyToSubResourcePatch(o *SubResourcePatchOptions) {
+ po.PatchOptions.ApplyToPatch(&o.PatchOptions)
+ if po.SubResourceBody != nil {
+ o.SubResourceBody = po.SubResourceBody
+ }
+}
+
+func (sc *subResourceClient) Get(ctx context.Context, obj Object, subResource Object, opts ...SubResourceGetOption) error {
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return sc.client.unstructuredClient.GetSubResource(ctx, obj, subResource, sc.subResource, opts...)
+ case *metav1.PartialObjectMetadata:
+ return errors.New("can not get subresource using only metadata")
+ default:
+ return sc.client.typedClient.GetSubResource(ctx, obj, subResource, sc.subResource, opts...)
+ }
+}
+
+// Create implements client.SubResourceClient
+func (sc *subResourceClient) Create(ctx context.Context, obj Object, subResource Object, opts ...SubResourceCreateOption) error {
+ defer sc.client.resetGroupVersionKind(obj, obj.GetObjectKind().GroupVersionKind())
+ defer sc.client.resetGroupVersionKind(subResource, subResource.GetObjectKind().GroupVersionKind())
+
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return sc.client.unstructuredClient.CreateSubResource(ctx, obj, subResource, sc.subResource, opts...)
+ case *metav1.PartialObjectMetadata:
+ return fmt.Errorf("cannot update status using only metadata -- did you mean to patch?")
+ default:
+ return sc.client.typedClient.CreateSubResource(ctx, obj, subResource, sc.subResource, opts...)
+ }
+}
+
+// Update implements client.SubResourceClient
+func (sc *subResourceClient) Update(ctx context.Context, obj Object, opts ...SubResourceUpdateOption) error {
+ defer sc.client.resetGroupVersionKind(obj, obj.GetObjectKind().GroupVersionKind())
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return sc.client.unstructuredClient.UpdateSubResource(ctx, obj, sc.subResource, opts...)
+ case *metav1.PartialObjectMetadata:
+ return fmt.Errorf("cannot update status using only metadata -- did you mean to patch?")
+ default:
+ return sc.client.typedClient.UpdateSubResource(ctx, obj, sc.subResource, opts...)
+ }
+}
+
+// Patch implements client.SubResourceWriter.
+func (sc *subResourceClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...SubResourcePatchOption) error {
+ defer sc.client.resetGroupVersionKind(obj, obj.GetObjectKind().GroupVersionKind())
+ switch obj.(type) {
+ case runtime.Unstructured:
+ return sc.client.unstructuredClient.PatchSubResource(ctx, obj, sc.subResource, patch, opts...)
+ case *metav1.PartialObjectMetadata:
+ return sc.client.metadataClient.PatchSubResource(ctx, obj, sc.subResource, patch, opts...)
+ default:
+ return sc.client.typedClient.PatchSubResource(ctx, obj, sc.subResource, patch, opts...)
+ }
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/client_rest_resources.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/client_rest_resources.go
new file mode 100644
index 000000000..2d0787952
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/client_rest_resources.go
@@ -0,0 +1,151 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "net/http"
+ "strings"
+ "sync"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/client-go/rest"
+ "sigs.k8s.io/controller-runtime/pkg/client/apiutil"
+)
+
+// clientRestResources creates and stores rest clients and metadata for Kubernetes types.
+type clientRestResources struct {
+ // httpClient is the http client to use for requests
+ httpClient *http.Client
+
+ // config is the rest.Config to talk to an apiserver
+ config *rest.Config
+
+ // scheme maps go structs to GroupVersionKinds
+ scheme *runtime.Scheme
+
+ // mapper maps GroupVersionKinds to Resources
+ mapper meta.RESTMapper
+
+ // codecs are used to create a REST client for a gvk
+ codecs serializer.CodecFactory
+
+ // structuredResourceByType stores structured type metadata
+ structuredResourceByType map[schema.GroupVersionKind]*resourceMeta
+ // unstructuredResourceByType stores unstructured type metadata
+ unstructuredResourceByType map[schema.GroupVersionKind]*resourceMeta
+ mu sync.RWMutex
+}
+
+// newResource maps obj to a Kubernetes Resource and constructs a client for that Resource.
+// If the object is a list, the resource represents the item's type instead.
+func (c *clientRestResources) newResource(gvk schema.GroupVersionKind, isList, isUnstructured bool) (*resourceMeta, error) {
+ if strings.HasSuffix(gvk.Kind, "List") && isList {
+ // if this was a list, treat it as a request for the item's resource
+ gvk.Kind = gvk.Kind[:len(gvk.Kind)-4]
+ }
+
+ client, err := apiutil.RESTClientForGVK(gvk, isUnstructured, c.config, c.codecs, c.httpClient)
+ if err != nil {
+ return nil, err
+ }
+ mapping, err := c.mapper.RESTMapping(gvk.GroupKind(), gvk.Version)
+ if err != nil {
+ return nil, err
+ }
+ return &resourceMeta{Interface: client, mapping: mapping, gvk: gvk}, nil
+}
+
+// getResource returns the resource meta information for the given type of object.
+// If the object is a list, the resource represents the item's type instead.
+func (c *clientRestResources) getResource(obj runtime.Object) (*resourceMeta, error) {
+ gvk, err := apiutil.GVKForObject(obj, c.scheme)
+ if err != nil {
+ return nil, err
+ }
+
+ _, isUnstructured := obj.(runtime.Unstructured)
+
+ // It's better to do creation work twice than to not let multiple
+ // people make requests at once
+ c.mu.RLock()
+ resourceByType := c.structuredResourceByType
+ if isUnstructured {
+ resourceByType = c.unstructuredResourceByType
+ }
+ r, known := resourceByType[gvk]
+ c.mu.RUnlock()
+
+ if known {
+ return r, nil
+ }
+
+ // Initialize a new Client
+ c.mu.Lock()
+ defer c.mu.Unlock()
+ r, err = c.newResource(gvk, meta.IsListType(obj), isUnstructured)
+ if err != nil {
+ return nil, err
+ }
+ resourceByType[gvk] = r
+ return r, err
+}
+
+// getObjMeta returns objMeta containing both type and object metadata and state.
+func (c *clientRestResources) getObjMeta(obj runtime.Object) (*objMeta, error) {
+ r, err := c.getResource(obj)
+ if err != nil {
+ return nil, err
+ }
+ m, err := meta.Accessor(obj)
+ if err != nil {
+ return nil, err
+ }
+ return &objMeta{resourceMeta: r, Object: m}, err
+}
+
+// resourceMeta stores state for a Kubernetes type.
+type resourceMeta struct {
+ // client is the rest client used to talk to the apiserver
+ rest.Interface
+ // gvk is the GroupVersionKind of the resourceMeta
+ gvk schema.GroupVersionKind
+ // mapping is the rest mapping
+ mapping *meta.RESTMapping
+}
+
+// isNamespaced returns true if the type is namespaced.
+func (r *resourceMeta) isNamespaced() bool {
+ return r.mapping.Scope.Name() != meta.RESTScopeNameRoot
+}
+
+// resource returns the resource name of the type.
+func (r *resourceMeta) resource() string {
+ return r.mapping.Resource.Resource
+}
+
+// objMeta stores type and object information about a Kubernetes type.
+type objMeta struct {
+ // resourceMeta contains type information for the object
+ *resourceMeta
+
+ // Object contains meta data for the object instance
+ metav1.Object
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/codec.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/codec.go
new file mode 100644
index 000000000..9c2923106
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/codec.go
@@ -0,0 +1,40 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "errors"
+ "net/url"
+
+ "k8s.io/apimachinery/pkg/conversion/queryparams"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+var _ runtime.ParameterCodec = noConversionParamCodec{}
+
+// noConversionParamCodec is a no-conversion codec for serializing parameters into URL query strings.
+// it's useful in scenarios with the unstructured client and arbitrary resources.
+type noConversionParamCodec struct{}
+
+func (noConversionParamCodec) EncodeParameters(obj runtime.Object, to schema.GroupVersion) (url.Values, error) {
+ return queryparams.Convert(obj)
+}
+
+func (noConversionParamCodec) DecodeParameters(parameters url.Values, from schema.GroupVersion, into runtime.Object) error {
+ return errors.New("DecodeParameters not implemented on noConversionParamCodec")
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/doc.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/doc.go
new file mode 100644
index 000000000..b2e202494
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/doc.go
@@ -0,0 +1,49 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package client contains functionality for interacting with Kubernetes API
+// servers.
+//
+// # Clients
+//
+// Clients are split into two interfaces -- Readers and Writers. Readers
+// get and list, while writers create, update, and delete.
+//
+// The New function can be used to create a new client that talks directly
+// to the API server.
+//
+// It is a common pattern in Kubernetes to read from a cache and write to the API
+// server. This pattern is covered by the creating the Client with a Cache.
+//
+// # Options
+//
+// Many client operations in Kubernetes support options. These options are
+// represented as variadic arguments at the end of a given method call.
+// For instance, to use a label selector on list, you can call
+//
+// err := someReader.List(context.Background(), &podList, client.MatchingLabels{"somelabel": "someval"})
+//
+// # Indexing
+//
+// Indexes may be added to caches using a FieldIndexer. This allows you to easily
+// and efficiently look up objects with certain properties. You can then make
+// use of the index by specifying a field selector on calls to List on the Reader
+// corresponding to the given Cache.
+//
+// For instance, a Secret controller might have an index on the
+// `.spec.volumes.secret.secretName` field in Pod objects, so that it could
+// easily look up all pods that reference a given secret.
+package client
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/dryrun.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/dryrun.go
new file mode 100644
index 000000000..bbcdd3832
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/dryrun.go
@@ -0,0 +1,130 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// NewDryRunClient wraps an existing client and enforces DryRun mode
+// on all mutating api calls.
+func NewDryRunClient(c Client) Client {
+ return &dryRunClient{client: c}
+}
+
+var _ Client = &dryRunClient{}
+
+// dryRunClient is a Client that wraps another Client in order to enforce DryRun mode.
+type dryRunClient struct {
+ client Client
+}
+
+// Scheme returns the scheme this client is using.
+func (c *dryRunClient) Scheme() *runtime.Scheme {
+ return c.client.Scheme()
+}
+
+// RESTMapper returns the rest mapper this client is using.
+func (c *dryRunClient) RESTMapper() meta.RESTMapper {
+ return c.client.RESTMapper()
+}
+
+// GroupVersionKindFor returns the GroupVersionKind for the given object.
+func (c *dryRunClient) GroupVersionKindFor(obj runtime.Object) (schema.GroupVersionKind, error) {
+ return c.client.GroupVersionKindFor(obj)
+}
+
+// IsObjectNamespaced returns true if the GroupVersionKind of the object is namespaced.
+func (c *dryRunClient) IsObjectNamespaced(obj runtime.Object) (bool, error) {
+ return c.client.IsObjectNamespaced(obj)
+}
+
+// Create implements client.Client.
+func (c *dryRunClient) Create(ctx context.Context, obj Object, opts ...CreateOption) error {
+ return c.client.Create(ctx, obj, append(opts, DryRunAll)...)
+}
+
+// Update implements client.Client.
+func (c *dryRunClient) Update(ctx context.Context, obj Object, opts ...UpdateOption) error {
+ return c.client.Update(ctx, obj, append(opts, DryRunAll)...)
+}
+
+// Delete implements client.Client.
+func (c *dryRunClient) Delete(ctx context.Context, obj Object, opts ...DeleteOption) error {
+ return c.client.Delete(ctx, obj, append(opts, DryRunAll)...)
+}
+
+// DeleteAllOf implements client.Client.
+func (c *dryRunClient) DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error {
+ return c.client.DeleteAllOf(ctx, obj, append(opts, DryRunAll)...)
+}
+
+// Patch implements client.Client.
+func (c *dryRunClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error {
+ return c.client.Patch(ctx, obj, patch, append(opts, DryRunAll)...)
+}
+
+// Get implements client.Client.
+func (c *dryRunClient) Get(ctx context.Context, key ObjectKey, obj Object, opts ...GetOption) error {
+ return c.client.Get(ctx, key, obj, opts...)
+}
+
+// List implements client.Client.
+func (c *dryRunClient) List(ctx context.Context, obj ObjectList, opts ...ListOption) error {
+ return c.client.List(ctx, obj, opts...)
+}
+
+// Status implements client.StatusClient.
+func (c *dryRunClient) Status() SubResourceWriter {
+ return c.SubResource("status")
+}
+
+// SubResource implements client.SubResourceClient.
+func (c *dryRunClient) SubResource(subResource string) SubResourceClient {
+ return &dryRunSubResourceClient{client: c.client.SubResource(subResource)}
+}
+
+// ensure dryRunSubResourceWriter implements client.SubResourceWriter.
+var _ SubResourceWriter = &dryRunSubResourceClient{}
+
+// dryRunSubResourceClient is client.SubResourceWriter that writes status subresource with dryRun mode
+// enforced.
+type dryRunSubResourceClient struct {
+ client SubResourceClient
+}
+
+func (sw *dryRunSubResourceClient) Get(ctx context.Context, obj, subResource Object, opts ...SubResourceGetOption) error {
+ return sw.client.Get(ctx, obj, subResource, opts...)
+}
+
+func (sw *dryRunSubResourceClient) Create(ctx context.Context, obj, subResource Object, opts ...SubResourceCreateOption) error {
+ return sw.client.Create(ctx, obj, subResource, append(opts, DryRunAll)...)
+}
+
+// Update implements client.SubResourceWriter.
+func (sw *dryRunSubResourceClient) Update(ctx context.Context, obj Object, opts ...SubResourceUpdateOption) error {
+ return sw.client.Update(ctx, obj, append(opts, DryRunAll)...)
+}
+
+// Patch implements client.SubResourceWriter.
+func (sw *dryRunSubResourceClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...SubResourcePatchOption) error {
+ return sw.client.Patch(ctx, obj, patch, append(opts, DryRunAll)...)
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/fieldowner.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/fieldowner.go
new file mode 100644
index 000000000..07183cd19
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/fieldowner.go
@@ -0,0 +1,106 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// WithFieldOwner wraps a Client and adds the fieldOwner as the field
+// manager to all write requests from this client. If additional [FieldOwner]
+// options are specified on methods of this client, the value specified here
+// will be overridden.
+func WithFieldOwner(c Client, fieldOwner string) Client {
+ return &clientWithFieldManager{
+ owner: fieldOwner,
+ c: c,
+ Reader: c,
+ }
+}
+
+type clientWithFieldManager struct {
+ owner string
+ c Client
+ Reader
+}
+
+func (f *clientWithFieldManager) Create(ctx context.Context, obj Object, opts ...CreateOption) error {
+ return f.c.Create(ctx, obj, append([]CreateOption{FieldOwner(f.owner)}, opts...)...)
+}
+
+func (f *clientWithFieldManager) Update(ctx context.Context, obj Object, opts ...UpdateOption) error {
+ return f.c.Update(ctx, obj, append([]UpdateOption{FieldOwner(f.owner)}, opts...)...)
+}
+
+func (f *clientWithFieldManager) Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error {
+ return f.c.Patch(ctx, obj, patch, append([]PatchOption{FieldOwner(f.owner)}, opts...)...)
+}
+
+func (f *clientWithFieldManager) Delete(ctx context.Context, obj Object, opts ...DeleteOption) error {
+ return f.c.Delete(ctx, obj, opts...)
+}
+
+func (f *clientWithFieldManager) DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error {
+ return f.c.DeleteAllOf(ctx, obj, opts...)
+}
+
+func (f *clientWithFieldManager) Scheme() *runtime.Scheme { return f.c.Scheme() }
+func (f *clientWithFieldManager) RESTMapper() meta.RESTMapper { return f.c.RESTMapper() }
+func (f *clientWithFieldManager) GroupVersionKindFor(obj runtime.Object) (schema.GroupVersionKind, error) {
+ return f.c.GroupVersionKindFor(obj)
+}
+func (f *clientWithFieldManager) IsObjectNamespaced(obj runtime.Object) (bool, error) {
+ return f.c.IsObjectNamespaced(obj)
+}
+
+func (f *clientWithFieldManager) Status() StatusWriter {
+ return &subresourceClientWithFieldOwner{
+ owner: f.owner,
+ subresourceWriter: f.c.Status(),
+ }
+}
+
+func (f *clientWithFieldManager) SubResource(subresource string) SubResourceClient {
+ c := f.c.SubResource(subresource)
+ return &subresourceClientWithFieldOwner{
+ owner: f.owner,
+ subresourceWriter: c,
+ SubResourceReader: c,
+ }
+}
+
+type subresourceClientWithFieldOwner struct {
+ owner string
+ subresourceWriter SubResourceWriter
+ SubResourceReader
+}
+
+func (f *subresourceClientWithFieldOwner) Create(ctx context.Context, obj Object, subresource Object, opts ...SubResourceCreateOption) error {
+ return f.subresourceWriter.Create(ctx, obj, subresource, append([]SubResourceCreateOption{FieldOwner(f.owner)}, opts...)...)
+}
+
+func (f *subresourceClientWithFieldOwner) Update(ctx context.Context, obj Object, opts ...SubResourceUpdateOption) error {
+ return f.subresourceWriter.Update(ctx, obj, append([]SubResourceUpdateOption{FieldOwner(f.owner)}, opts...)...)
+}
+
+func (f *subresourceClientWithFieldOwner) Patch(ctx context.Context, obj Object, patch Patch, opts ...SubResourcePatchOption) error {
+ return f.subresourceWriter.Patch(ctx, obj, patch, append([]SubResourcePatchOption{FieldOwner(f.owner)}, opts...)...)
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/interfaces.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/interfaces.go
new file mode 100644
index 000000000..3cd745e4c
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/interfaces.go
@@ -0,0 +1,223 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+
+ apierrors "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/watch"
+)
+
+// ObjectKey identifies a Kubernetes Object.
+type ObjectKey = types.NamespacedName
+
+// ObjectKeyFromObject returns the ObjectKey given a runtime.Object.
+func ObjectKeyFromObject(obj Object) ObjectKey {
+ return ObjectKey{Namespace: obj.GetNamespace(), Name: obj.GetName()}
+}
+
+// Patch is a patch that can be applied to a Kubernetes object.
+type Patch interface {
+ // Type is the PatchType of the patch.
+ Type() types.PatchType
+ // Data is the raw data representing the patch.
+ Data(obj Object) ([]byte, error)
+}
+
+// TODO(directxman12): is there a sane way to deal with get/delete options?
+
+// Reader knows how to read and list Kubernetes objects.
+type Reader interface {
+ // Get retrieves an obj for the given object key from the Kubernetes Cluster.
+ // obj must be a struct pointer so that obj can be updated with the response
+ // returned by the Server.
+ Get(ctx context.Context, key ObjectKey, obj Object, opts ...GetOption) error
+
+ // List retrieves list of objects for a given namespace and list options. On a
+ // successful call, Items field in the list will be populated with the
+ // result returned from the server.
+ List(ctx context.Context, list ObjectList, opts ...ListOption) error
+}
+
+// Writer knows how to create, delete, and update Kubernetes objects.
+type Writer interface {
+ // Create saves the object obj in the Kubernetes cluster. obj must be a
+ // struct pointer so that obj can be updated with the content returned by the Server.
+ Create(ctx context.Context, obj Object, opts ...CreateOption) error
+
+ // Delete deletes the given obj from Kubernetes cluster.
+ Delete(ctx context.Context, obj Object, opts ...DeleteOption) error
+
+ // Update updates the given obj in the Kubernetes cluster. obj must be a
+ // struct pointer so that obj can be updated with the content returned by the Server.
+ Update(ctx context.Context, obj Object, opts ...UpdateOption) error
+
+ // Patch patches the given obj in the Kubernetes cluster. obj must be a
+ // struct pointer so that obj can be updated with the content returned by the Server.
+ Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error
+
+ // DeleteAllOf deletes all objects of the given type matching the given options.
+ DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error
+}
+
+// StatusClient knows how to create a client which can update status subresource
+// for kubernetes objects.
+type StatusClient interface {
+ Status() SubResourceWriter
+}
+
+// SubResourceClientConstructor knows how to create a client which can update subresource
+// for kubernetes objects.
+type SubResourceClientConstructor interface {
+ // SubResourceClientConstructor returns a subresource client for the named subResource. Known
+ // upstream subResources usages are:
+ // - ServiceAccount token creation:
+ // sa := &corev1.ServiceAccount{ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar"}}
+ // token := &authenticationv1.TokenRequest{}
+ // c.SubResourceClient("token").Create(ctx, sa, token)
+ //
+ // - Pod eviction creation:
+ // pod := &corev1.Pod{ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar"}}
+ // c.SubResourceClient("eviction").Create(ctx, pod, &policyv1.Eviction{})
+ //
+ // - Pod binding creation:
+ // pod := &corev1.Pod{ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar"}}
+ // binding := &corev1.Binding{Target: corev1.ObjectReference{Name: "my-node"}}
+ // c.SubResourceClient("binding").Create(ctx, pod, binding)
+ //
+ // - CertificateSigningRequest approval:
+ // csr := &certificatesv1.CertificateSigningRequest{
+ // ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar"},
+ // Status: certificatesv1.CertificateSigningRequestStatus{
+ // Conditions: []certificatesv1.[]CertificateSigningRequestCondition{{
+ // Type: certificatesv1.CertificateApproved,
+ // Status: corev1.ConditionTrue,
+ // }},
+ // },
+ // }
+ // c.SubResourceClient("approval").Update(ctx, csr)
+ //
+ // - Scale retrieval:
+ // dep := &appsv1.Deployment{ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar"}}
+ // scale := &autoscalingv1.Scale{}
+ // c.SubResourceClient("scale").Get(ctx, dep, scale)
+ //
+ // - Scale update:
+ // dep := &appsv1.Deployment{ObjectMeta: metav1.ObjectMeta{Namespace: "foo", Name: "bar"}}
+ // scale := &autoscalingv1.Scale{Spec: autoscalingv1.ScaleSpec{Replicas: 2}}
+ // c.SubResourceClient("scale").Update(ctx, dep, client.WithSubResourceBody(scale))
+ SubResource(subResource string) SubResourceClient
+}
+
+// StatusWriter is kept for backward compatibility.
+type StatusWriter = SubResourceWriter
+
+// SubResourceReader knows how to read SubResources
+type SubResourceReader interface {
+ Get(ctx context.Context, obj Object, subResource Object, opts ...SubResourceGetOption) error
+}
+
+// SubResourceWriter knows how to update subresource of a Kubernetes object.
+type SubResourceWriter interface {
+ // Create saves the subResource object in the Kubernetes cluster. obj must be a
+ // struct pointer so that obj can be updated with the content returned by the Server.
+ Create(ctx context.Context, obj Object, subResource Object, opts ...SubResourceCreateOption) error
+
+ // Update updates the fields corresponding to the status subresource for the
+ // given obj. obj must be a struct pointer so that obj can be updated
+ // with the content returned by the Server.
+ Update(ctx context.Context, obj Object, opts ...SubResourceUpdateOption) error
+
+ // Patch patches the given object's subresource. obj must be a struct
+ // pointer so that obj can be updated with the content returned by the
+ // Server.
+ Patch(ctx context.Context, obj Object, patch Patch, opts ...SubResourcePatchOption) error
+}
+
+// SubResourceClient knows how to perform CRU operations on Kubernetes objects.
+type SubResourceClient interface {
+ SubResourceReader
+ SubResourceWriter
+}
+
+// Client knows how to perform CRUD operations on Kubernetes objects.
+type Client interface {
+ Reader
+ Writer
+ StatusClient
+ SubResourceClientConstructor
+
+ // Scheme returns the scheme this client is using.
+ Scheme() *runtime.Scheme
+ // RESTMapper returns the rest this client is using.
+ RESTMapper() meta.RESTMapper
+ // GroupVersionKindFor returns the GroupVersionKind for the given object.
+ GroupVersionKindFor(obj runtime.Object) (schema.GroupVersionKind, error)
+ // IsObjectNamespaced returns true if the GroupVersionKind of the object is namespaced.
+ IsObjectNamespaced(obj runtime.Object) (bool, error)
+}
+
+// WithWatch supports Watch on top of the CRUD operations supported by
+// the normal Client. Its intended use-case are CLI apps that need to wait for
+// events.
+type WithWatch interface {
+ Client
+ Watch(ctx context.Context, obj ObjectList, opts ...ListOption) (watch.Interface, error)
+}
+
+// IndexerFunc knows how to take an object and turn it into a series
+// of non-namespaced keys. Namespaced objects are automatically given
+// namespaced and non-spaced variants, so keys do not need to include namespace.
+type IndexerFunc func(Object) []string
+
+// FieldIndexer knows how to index over a particular "field" such that it
+// can later be used by a field selector.
+type FieldIndexer interface {
+ // IndexFields adds an index with the given field name on the given object type
+ // by using the given function to extract the value for that field. If you want
+ // compatibility with the Kubernetes API server, only return one key, and only use
+ // fields that the API server supports. Otherwise, you can return multiple keys,
+ // and "equality" in the field selector means that at least one key matches the value.
+ // The FieldIndexer will automatically take care of indexing over namespace
+ // and supporting efficient all-namespace queries.
+ IndexField(ctx context.Context, obj Object, field string, extractValue IndexerFunc) error
+}
+
+// IgnoreNotFound returns nil on NotFound errors.
+// All other values that are not NotFound errors or nil are returned unmodified.
+func IgnoreNotFound(err error) error {
+ if apierrors.IsNotFound(err) {
+ return nil
+ }
+ return err
+}
+
+// IgnoreAlreadyExists returns nil on AlreadyExists errors.
+// All other values that are not AlreadyExists errors or nil are returned unmodified.
+func IgnoreAlreadyExists(err error) error {
+ if apierrors.IsAlreadyExists(err) {
+ return nil
+ }
+
+ return err
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/metadata_client.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/metadata_client.go
new file mode 100644
index 000000000..d0c6b8e13
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/metadata_client.go
@@ -0,0 +1,204 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+ "fmt"
+ "strings"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/client-go/metadata"
+)
+
+// TODO(directxman12): we could rewrite this on top of the low-level REST
+// client to avoid the extra shallow copy at the end, but I'm not sure it's
+// worth it -- the metadata client deals with falling back to loading the whole
+// object on older API servers, etc, and we'd have to reproduce that.
+
+// metadataClient is a client that reads & writes metadata-only requests to/from the API server.
+type metadataClient struct {
+ client metadata.Interface
+ restMapper meta.RESTMapper
+}
+
+func (mc *metadataClient) getResourceInterface(gvk schema.GroupVersionKind, ns string) (metadata.ResourceInterface, error) {
+ mapping, err := mc.restMapper.RESTMapping(gvk.GroupKind(), gvk.Version)
+ if err != nil {
+ return nil, err
+ }
+ if mapping.Scope.Name() == meta.RESTScopeNameRoot {
+ return mc.client.Resource(mapping.Resource), nil
+ }
+ return mc.client.Resource(mapping.Resource).Namespace(ns), nil
+}
+
+// Delete implements client.Client.
+func (mc *metadataClient) Delete(ctx context.Context, obj Object, opts ...DeleteOption) error {
+ metadata, ok := obj.(*metav1.PartialObjectMetadata)
+ if !ok {
+ return fmt.Errorf("metadata client did not understand object: %T", obj)
+ }
+
+ resInt, err := mc.getResourceInterface(metadata.GroupVersionKind(), metadata.Namespace)
+ if err != nil {
+ return err
+ }
+
+ deleteOpts := DeleteOptions{}
+ deleteOpts.ApplyOptions(opts)
+
+ return resInt.Delete(ctx, metadata.Name, *deleteOpts.AsDeleteOptions())
+}
+
+// DeleteAllOf implements client.Client.
+func (mc *metadataClient) DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error {
+ metadata, ok := obj.(*metav1.PartialObjectMetadata)
+ if !ok {
+ return fmt.Errorf("metadata client did not understand object: %T", obj)
+ }
+
+ deleteAllOfOpts := DeleteAllOfOptions{}
+ deleteAllOfOpts.ApplyOptions(opts)
+
+ resInt, err := mc.getResourceInterface(metadata.GroupVersionKind(), deleteAllOfOpts.ListOptions.Namespace)
+ if err != nil {
+ return err
+ }
+
+ return resInt.DeleteCollection(ctx, *deleteAllOfOpts.AsDeleteOptions(), *deleteAllOfOpts.AsListOptions())
+}
+
+// Patch implements client.Client.
+func (mc *metadataClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error {
+ metadata, ok := obj.(*metav1.PartialObjectMetadata)
+ if !ok {
+ return fmt.Errorf("metadata client did not understand object: %T", obj)
+ }
+
+ gvk := metadata.GroupVersionKind()
+ resInt, err := mc.getResourceInterface(gvk, metadata.Namespace)
+ if err != nil {
+ return err
+ }
+
+ data, err := patch.Data(obj)
+ if err != nil {
+ return err
+ }
+
+ patchOpts := &PatchOptions{}
+ patchOpts.ApplyOptions(opts)
+
+ res, err := resInt.Patch(ctx, metadata.Name, patch.Type(), data, *patchOpts.AsPatchOptions())
+ if err != nil {
+ return err
+ }
+ *metadata = *res
+ metadata.SetGroupVersionKind(gvk) // restore the GVK, which isn't set on metadata
+ return nil
+}
+
+// Get implements client.Client.
+func (mc *metadataClient) Get(ctx context.Context, key ObjectKey, obj Object, opts ...GetOption) error {
+ metadata, ok := obj.(*metav1.PartialObjectMetadata)
+ if !ok {
+ return fmt.Errorf("metadata client did not understand object: %T", obj)
+ }
+
+ gvk := metadata.GroupVersionKind()
+
+ getOpts := GetOptions{}
+ getOpts.ApplyOptions(opts)
+
+ resInt, err := mc.getResourceInterface(gvk, key.Namespace)
+ if err != nil {
+ return err
+ }
+
+ res, err := resInt.Get(ctx, key.Name, *getOpts.AsGetOptions())
+ if err != nil {
+ return err
+ }
+ *metadata = *res
+ metadata.SetGroupVersionKind(gvk) // restore the GVK, which isn't set on metadata
+ return nil
+}
+
+// List implements client.Client.
+func (mc *metadataClient) List(ctx context.Context, obj ObjectList, opts ...ListOption) error {
+ metadata, ok := obj.(*metav1.PartialObjectMetadataList)
+ if !ok {
+ return fmt.Errorf("metadata client did not understand object: %T", obj)
+ }
+
+ gvk := metadata.GroupVersionKind()
+ gvk.Kind = strings.TrimSuffix(gvk.Kind, "List")
+
+ listOpts := ListOptions{}
+ listOpts.ApplyOptions(opts)
+
+ resInt, err := mc.getResourceInterface(gvk, listOpts.Namespace)
+ if err != nil {
+ return err
+ }
+
+ res, err := resInt.List(ctx, *listOpts.AsListOptions())
+ if err != nil {
+ return err
+ }
+ *metadata = *res
+ metadata.SetGroupVersionKind(gvk) // restore the GVK, which isn't set on metadata
+ return nil
+}
+
+func (mc *metadataClient) PatchSubResource(ctx context.Context, obj Object, subResource string, patch Patch, opts ...SubResourcePatchOption) error {
+ metadata, ok := obj.(*metav1.PartialObjectMetadata)
+ if !ok {
+ return fmt.Errorf("metadata client did not understand object: %T", obj)
+ }
+
+ gvk := metadata.GroupVersionKind()
+ resInt, err := mc.getResourceInterface(gvk, metadata.Namespace)
+ if err != nil {
+ return err
+ }
+
+ patchOpts := &SubResourcePatchOptions{}
+ patchOpts.ApplyOptions(opts)
+
+ body := obj
+ if patchOpts.SubResourceBody != nil {
+ body = patchOpts.SubResourceBody
+ }
+
+ data, err := patch.Data(body)
+ if err != nil {
+ return err
+ }
+
+ res, err := resInt.Patch(ctx, metadata.Name, patch.Type(), data, *patchOpts.AsPatchOptions(), subResource)
+ if err != nil {
+ return err
+ }
+
+ *metadata = *res
+ metadata.SetGroupVersionKind(gvk) // restore the GVK, which isn't set on metadata
+ return nil
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/namespaced_client.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/namespaced_client.go
new file mode 100644
index 000000000..222dc7957
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/namespaced_client.go
@@ -0,0 +1,262 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+ "fmt"
+
+ "k8s.io/apimachinery/pkg/api/meta"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+)
+
+// NewNamespacedClient wraps an existing client enforcing the namespace value.
+// All functions using this client will have the same namespace declared here.
+func NewNamespacedClient(c Client, ns string) Client {
+ return &namespacedClient{
+ client: c,
+ namespace: ns,
+ }
+}
+
+var _ Client = &namespacedClient{}
+
+// namespacedClient is a Client that wraps another Client in order to enforce the specified namespace value.
+type namespacedClient struct {
+ namespace string
+ client Client
+}
+
+// Scheme returns the scheme this client is using.
+func (n *namespacedClient) Scheme() *runtime.Scheme {
+ return n.client.Scheme()
+}
+
+// RESTMapper returns the scheme this client is using.
+func (n *namespacedClient) RESTMapper() meta.RESTMapper {
+ return n.client.RESTMapper()
+}
+
+// GroupVersionKindFor returns the GroupVersionKind for the given object.
+func (n *namespacedClient) GroupVersionKindFor(obj runtime.Object) (schema.GroupVersionKind, error) {
+ return n.client.GroupVersionKindFor(obj)
+}
+
+// IsObjectNamespaced returns true if the GroupVersionKind of the object is namespaced.
+func (n *namespacedClient) IsObjectNamespaced(obj runtime.Object) (bool, error) {
+ return n.client.IsObjectNamespaced(obj)
+}
+
+// Create implements client.Client.
+func (n *namespacedClient) Create(ctx context.Context, obj Object, opts ...CreateOption) error {
+ isNamespaceScoped, err := n.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != n.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), n.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(n.namespace)
+ }
+ return n.client.Create(ctx, obj, opts...)
+}
+
+// Update implements client.Client.
+func (n *namespacedClient) Update(ctx context.Context, obj Object, opts ...UpdateOption) error {
+ isNamespaceScoped, err := n.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != n.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), n.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(n.namespace)
+ }
+ return n.client.Update(ctx, obj, opts...)
+}
+
+// Delete implements client.Client.
+func (n *namespacedClient) Delete(ctx context.Context, obj Object, opts ...DeleteOption) error {
+ isNamespaceScoped, err := n.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != n.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), n.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(n.namespace)
+ }
+ return n.client.Delete(ctx, obj, opts...)
+}
+
+// DeleteAllOf implements client.Client.
+func (n *namespacedClient) DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error {
+ isNamespaceScoped, err := n.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ if isNamespaceScoped {
+ opts = append(opts, InNamespace(n.namespace))
+ }
+ return n.client.DeleteAllOf(ctx, obj, opts...)
+}
+
+// Patch implements client.Client.
+func (n *namespacedClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error {
+ isNamespaceScoped, err := n.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != n.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), n.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(n.namespace)
+ }
+ return n.client.Patch(ctx, obj, patch, opts...)
+}
+
+// Get implements client.Client.
+func (n *namespacedClient) Get(ctx context.Context, key ObjectKey, obj Object, opts ...GetOption) error {
+ isNamespaceScoped, err := n.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+ if isNamespaceScoped {
+ if key.Namespace != "" && key.Namespace != n.namespace {
+ return fmt.Errorf("namespace %s provided for the object %s does not match the namespace %s on the client", key.Namespace, obj.GetName(), n.namespace)
+ }
+ key.Namespace = n.namespace
+ }
+ return n.client.Get(ctx, key, obj, opts...)
+}
+
+// List implements client.Client.
+func (n *namespacedClient) List(ctx context.Context, obj ObjectList, opts ...ListOption) error {
+ if n.namespace != "" {
+ opts = append(opts, InNamespace(n.namespace))
+ }
+ return n.client.List(ctx, obj, opts...)
+}
+
+// Status implements client.StatusClient.
+func (n *namespacedClient) Status() SubResourceWriter {
+ return n.SubResource("status")
+}
+
+// SubResource implements client.SubResourceClient.
+func (n *namespacedClient) SubResource(subResource string) SubResourceClient {
+ return &namespacedClientSubResourceClient{client: n.client.SubResource(subResource), namespace: n.namespace, namespacedclient: n}
+}
+
+// ensure namespacedClientSubResourceClient implements client.SubResourceClient.
+var _ SubResourceClient = &namespacedClientSubResourceClient{}
+
+type namespacedClientSubResourceClient struct {
+ client SubResourceClient
+ namespace string
+ namespacedclient Client
+}
+
+func (nsw *namespacedClientSubResourceClient) Get(ctx context.Context, obj, subResource Object, opts ...SubResourceGetOption) error {
+ isNamespaceScoped, err := nsw.namespacedclient.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != nsw.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), nsw.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(nsw.namespace)
+ }
+
+ return nsw.client.Get(ctx, obj, subResource, opts...)
+}
+
+func (nsw *namespacedClientSubResourceClient) Create(ctx context.Context, obj, subResource Object, opts ...SubResourceCreateOption) error {
+ isNamespaceScoped, err := nsw.namespacedclient.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != nsw.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), nsw.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(nsw.namespace)
+ }
+
+ return nsw.client.Create(ctx, obj, subResource, opts...)
+}
+
+// Update implements client.SubResourceWriter.
+func (nsw *namespacedClientSubResourceClient) Update(ctx context.Context, obj Object, opts ...SubResourceUpdateOption) error {
+ isNamespaceScoped, err := nsw.namespacedclient.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != nsw.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), nsw.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(nsw.namespace)
+ }
+ return nsw.client.Update(ctx, obj, opts...)
+}
+
+// Patch implements client.SubResourceWriter.
+func (nsw *namespacedClientSubResourceClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...SubResourcePatchOption) error {
+ isNamespaceScoped, err := nsw.namespacedclient.IsObjectNamespaced(obj)
+ if err != nil {
+ return fmt.Errorf("error finding the scope of the object: %w", err)
+ }
+
+ objectNamespace := obj.GetNamespace()
+ if objectNamespace != nsw.namespace && objectNamespace != "" {
+ return fmt.Errorf("namespace %s of the object %s does not match the namespace %s on the client", objectNamespace, obj.GetName(), nsw.namespace)
+ }
+
+ if isNamespaceScoped && objectNamespace == "" {
+ obj.SetNamespace(nsw.namespace)
+ }
+ return nsw.client.Patch(ctx, obj, patch, opts...)
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/object.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/object.go
new file mode 100644
index 000000000..31e334d6c
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/object.go
@@ -0,0 +1,77 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+)
+
+// Object is a Kubernetes object, allows functions to work indistinctly with
+// any resource that implements both Object interfaces.
+//
+// Semantically, these are objects which are both serializable (runtime.Object)
+// and identifiable (metav1.Object) -- think any object which you could write
+// as YAML or JSON, and then `kubectl create`.
+//
+// Code-wise, this means that any object which embeds both ObjectMeta (which
+// provides metav1.Object) and TypeMeta (which provides half of runtime.Object)
+// and has a `DeepCopyObject` implementation (the other half of runtime.Object)
+// will implement this by default.
+//
+// For example, nearly all the built-in types are Objects, as well as all
+// KubeBuilder-generated CRDs (unless you do something real funky to them).
+//
+// By and large, most things that implement runtime.Object also implement
+// Object -- it's very rare to have *just* a runtime.Object implementation (the
+// cases tend to be funky built-in types like Webhook payloads that don't have
+// a `metadata` field).
+//
+// Notice that XYZList types are distinct: they implement ObjectList instead.
+type Object interface {
+ metav1.Object
+ runtime.Object
+}
+
+// ObjectList is a Kubernetes object list, allows functions to work
+// indistinctly with any resource that implements both runtime.Object and
+// metav1.ListInterface interfaces.
+//
+// Semantically, this is any object which may be serialized (ObjectMeta), and
+// is a kubernetes list wrapper (has items, pagination fields, etc) -- think
+// the wrapper used in a response from a `kubectl list --output yaml` call.
+//
+// Code-wise, this means that any object which embedds both ListMeta (which
+// provides metav1.ListInterface) and TypeMeta (which provides half of
+// runtime.Object) and has a `DeepCopyObject` implementation (the other half of
+// runtime.Object) will implement this by default.
+//
+// For example, nearly all the built-in XYZList types are ObjectLists, as well
+// as the XYZList types for all KubeBuilder-generated CRDs (unless you do
+// something real funky to them).
+//
+// By and large, most things that are XYZList and implement runtime.Object also
+// implement ObjectList -- it's very rare to have *just* a runtime.Object
+// implementation (the cases tend to be funky built-in types like Webhook
+// payloads that don't have a `metadata` field).
+//
+// This is similar to Object, which is almost always implemented by the items
+// in the list themselves.
+type ObjectList interface {
+ metav1.ListInterface
+ runtime.Object
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/options.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/options.go
new file mode 100644
index 000000000..798506f48
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/options.go
@@ -0,0 +1,842 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/fields"
+ "k8s.io/apimachinery/pkg/labels"
+ "k8s.io/apimachinery/pkg/selection"
+)
+
+// {{{ "Functional" Option Interfaces
+
+// CreateOption is some configuration that modifies options for a create request.
+type CreateOption interface {
+ // ApplyToCreate applies this configuration to the given create options.
+ ApplyToCreate(*CreateOptions)
+}
+
+// DeleteOption is some configuration that modifies options for a delete request.
+type DeleteOption interface {
+ // ApplyToDelete applies this configuration to the given delete options.
+ ApplyToDelete(*DeleteOptions)
+}
+
+// GetOption is some configuration that modifies options for a get request.
+type GetOption interface {
+ // ApplyToGet applies this configuration to the given get options.
+ ApplyToGet(*GetOptions)
+}
+
+// ListOption is some configuration that modifies options for a list request.
+type ListOption interface {
+ // ApplyToList applies this configuration to the given list options.
+ ApplyToList(*ListOptions)
+}
+
+// UpdateOption is some configuration that modifies options for a update request.
+type UpdateOption interface {
+ // ApplyToUpdate applies this configuration to the given update options.
+ ApplyToUpdate(*UpdateOptions)
+}
+
+// PatchOption is some configuration that modifies options for a patch request.
+type PatchOption interface {
+ // ApplyToPatch applies this configuration to the given patch options.
+ ApplyToPatch(*PatchOptions)
+}
+
+// DeleteAllOfOption is some configuration that modifies options for a delete request.
+type DeleteAllOfOption interface {
+ // ApplyToDeleteAllOf applies this configuration to the given deletecollection options.
+ ApplyToDeleteAllOf(*DeleteAllOfOptions)
+}
+
+// SubResourceGetOption modifies options for a SubResource Get request.
+type SubResourceGetOption interface {
+ ApplyToSubResourceGet(*SubResourceGetOptions)
+}
+
+// SubResourceUpdateOption is some configuration that modifies options for a update request.
+type SubResourceUpdateOption interface {
+ // ApplyToSubResourceUpdate applies this configuration to the given update options.
+ ApplyToSubResourceUpdate(*SubResourceUpdateOptions)
+}
+
+// SubResourceCreateOption is some configuration that modifies options for a create request.
+type SubResourceCreateOption interface {
+ // ApplyToSubResourceCreate applies this configuration to the given create options.
+ ApplyToSubResourceCreate(*SubResourceCreateOptions)
+}
+
+// SubResourcePatchOption configures a subresource patch request.
+type SubResourcePatchOption interface {
+ // ApplyToSubResourcePatch applies the configuration on the given patch options.
+ ApplyToSubResourcePatch(*SubResourcePatchOptions)
+}
+
+// }}}
+
+// {{{ Multi-Type Options
+
+// DryRunAll sets the "dry run" option to "all", executing all
+// validation, etc without persisting the change to storage.
+var DryRunAll = dryRunAll{}
+
+type dryRunAll struct{}
+
+// ApplyToCreate applies this configuration to the given create options.
+func (dryRunAll) ApplyToCreate(opts *CreateOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+// ApplyToUpdate applies this configuration to the given update options.
+func (dryRunAll) ApplyToUpdate(opts *UpdateOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+// ApplyToPatch applies this configuration to the given patch options.
+func (dryRunAll) ApplyToPatch(opts *PatchOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+// ApplyToPatch applies this configuration to the given delete options.
+func (dryRunAll) ApplyToDelete(opts *DeleteOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+func (dryRunAll) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+func (dryRunAll) ApplyToSubResourceCreate(opts *SubResourceCreateOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+func (dryRunAll) ApplyToSubResourceUpdate(opts *SubResourceUpdateOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+func (dryRunAll) ApplyToSubResourcePatch(opts *SubResourcePatchOptions) {
+ opts.DryRun = []string{metav1.DryRunAll}
+}
+
+// FieldOwner set the field manager name for the given server-side apply patch.
+type FieldOwner string
+
+// ApplyToPatch applies this configuration to the given patch options.
+func (f FieldOwner) ApplyToPatch(opts *PatchOptions) {
+ opts.FieldManager = string(f)
+}
+
+// ApplyToCreate applies this configuration to the given create options.
+func (f FieldOwner) ApplyToCreate(opts *CreateOptions) {
+ opts.FieldManager = string(f)
+}
+
+// ApplyToUpdate applies this configuration to the given update options.
+func (f FieldOwner) ApplyToUpdate(opts *UpdateOptions) {
+ opts.FieldManager = string(f)
+}
+
+// ApplyToSubResourcePatch applies this configuration to the given patch options.
+func (f FieldOwner) ApplyToSubResourcePatch(opts *SubResourcePatchOptions) {
+ opts.FieldManager = string(f)
+}
+
+// ApplyToSubResourceCreate applies this configuration to the given create options.
+func (f FieldOwner) ApplyToSubResourceCreate(opts *SubResourceCreateOptions) {
+ opts.FieldManager = string(f)
+}
+
+// ApplyToSubResourceUpdate applies this configuration to the given update options.
+func (f FieldOwner) ApplyToSubResourceUpdate(opts *SubResourceUpdateOptions) {
+ opts.FieldManager = string(f)
+}
+
+// }}}
+
+// {{{ Create Options
+
+// CreateOptions contains options for create requests. It's generally a subset
+// of metav1.CreateOptions.
+type CreateOptions struct {
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ DryRun []string
+
+ // FieldManager is the name of the user or component submitting
+ // this request. It must be set with server-side apply.
+ FieldManager string
+
+ // Raw represents raw CreateOptions, as passed to the API server.
+ Raw *metav1.CreateOptions
+}
+
+// AsCreateOptions returns these options as a metav1.CreateOptions.
+// This may mutate the Raw field.
+func (o *CreateOptions) AsCreateOptions() *metav1.CreateOptions {
+ if o == nil {
+ return &metav1.CreateOptions{}
+ }
+ if o.Raw == nil {
+ o.Raw = &metav1.CreateOptions{}
+ }
+
+ o.Raw.DryRun = o.DryRun
+ o.Raw.FieldManager = o.FieldManager
+ return o.Raw
+}
+
+// ApplyOptions applies the given create options on these options,
+// and then returns itself (for convenient chaining).
+func (o *CreateOptions) ApplyOptions(opts []CreateOption) *CreateOptions {
+ for _, opt := range opts {
+ opt.ApplyToCreate(o)
+ }
+ return o
+}
+
+// ApplyToCreate implements CreateOption.
+func (o *CreateOptions) ApplyToCreate(co *CreateOptions) {
+ if o.DryRun != nil {
+ co.DryRun = o.DryRun
+ }
+ if o.FieldManager != "" {
+ co.FieldManager = o.FieldManager
+ }
+ if o.Raw != nil {
+ co.Raw = o.Raw
+ }
+}
+
+var _ CreateOption = &CreateOptions{}
+
+// }}}
+
+// {{{ Delete Options
+
+// DeleteOptions contains options for delete requests. It's generally a subset
+// of metav1.DeleteOptions.
+type DeleteOptions struct {
+ // GracePeriodSeconds is the duration in seconds before the object should be
+ // deleted. Value must be non-negative integer. The value zero indicates
+ // delete immediately. If this value is nil, the default grace period for the
+ // specified type will be used.
+ GracePeriodSeconds *int64
+
+ // Preconditions must be fulfilled before a deletion is carried out. If not
+ // possible, a 409 Conflict status will be returned.
+ Preconditions *metav1.Preconditions
+
+ // PropagationPolicy determined whether and how garbage collection will be
+ // performed. Either this field or OrphanDependents may be set, but not both.
+ // The default policy is decided by the existing finalizer set in the
+ // metadata.finalizers and the resource-specific default policy.
+ // Acceptable values are: 'Orphan' - orphan the dependents; 'Background' -
+ // allow the garbage collector to delete the dependents in the background;
+ // 'Foreground' - a cascading policy that deletes all dependents in the
+ // foreground.
+ PropagationPolicy *metav1.DeletionPropagation
+
+ // Raw represents raw DeleteOptions, as passed to the API server.
+ Raw *metav1.DeleteOptions
+
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ DryRun []string
+}
+
+// AsDeleteOptions returns these options as a metav1.DeleteOptions.
+// This may mutate the Raw field.
+func (o *DeleteOptions) AsDeleteOptions() *metav1.DeleteOptions {
+ if o == nil {
+ return &metav1.DeleteOptions{}
+ }
+ if o.Raw == nil {
+ o.Raw = &metav1.DeleteOptions{}
+ }
+
+ o.Raw.GracePeriodSeconds = o.GracePeriodSeconds
+ o.Raw.Preconditions = o.Preconditions
+ o.Raw.PropagationPolicy = o.PropagationPolicy
+ o.Raw.DryRun = o.DryRun
+ return o.Raw
+}
+
+// ApplyOptions applies the given delete options on these options,
+// and then returns itself (for convenient chaining).
+func (o *DeleteOptions) ApplyOptions(opts []DeleteOption) *DeleteOptions {
+ for _, opt := range opts {
+ opt.ApplyToDelete(o)
+ }
+ return o
+}
+
+var _ DeleteOption = &DeleteOptions{}
+
+// ApplyToDelete implements DeleteOption.
+func (o *DeleteOptions) ApplyToDelete(do *DeleteOptions) {
+ if o.GracePeriodSeconds != nil {
+ do.GracePeriodSeconds = o.GracePeriodSeconds
+ }
+ if o.Preconditions != nil {
+ do.Preconditions = o.Preconditions
+ }
+ if o.PropagationPolicy != nil {
+ do.PropagationPolicy = o.PropagationPolicy
+ }
+ if o.Raw != nil {
+ do.Raw = o.Raw
+ }
+ if o.DryRun != nil {
+ do.DryRun = o.DryRun
+ }
+}
+
+// GracePeriodSeconds sets the grace period for the deletion
+// to the given number of seconds.
+type GracePeriodSeconds int64
+
+// ApplyToDelete applies this configuration to the given delete options.
+func (s GracePeriodSeconds) ApplyToDelete(opts *DeleteOptions) {
+ secs := int64(s)
+ opts.GracePeriodSeconds = &secs
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (s GracePeriodSeconds) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ s.ApplyToDelete(&opts.DeleteOptions)
+}
+
+// Preconditions must be fulfilled before an operation (update, delete, etc.) is carried out.
+type Preconditions metav1.Preconditions
+
+// ApplyToDelete applies this configuration to the given delete options.
+func (p Preconditions) ApplyToDelete(opts *DeleteOptions) {
+ preconds := metav1.Preconditions(p)
+ opts.Preconditions = &preconds
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (p Preconditions) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ p.ApplyToDelete(&opts.DeleteOptions)
+}
+
+// PropagationPolicy determined whether and how garbage collection will be
+// performed. Either this field or OrphanDependents may be set, but not both.
+// The default policy is decided by the existing finalizer set in the
+// metadata.finalizers and the resource-specific default policy.
+// Acceptable values are: 'Orphan' - orphan the dependents; 'Background' -
+// allow the garbage collector to delete the dependents in the background;
+// 'Foreground' - a cascading policy that deletes all dependents in the
+// foreground.
+type PropagationPolicy metav1.DeletionPropagation
+
+// ApplyToDelete applies the given delete options on these options.
+// It will propagate to the dependents of the object to let the garbage collector handle it.
+func (p PropagationPolicy) ApplyToDelete(opts *DeleteOptions) {
+ policy := metav1.DeletionPropagation(p)
+ opts.PropagationPolicy = &policy
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (p PropagationPolicy) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ p.ApplyToDelete(&opts.DeleteOptions)
+}
+
+// }}}
+
+// {{{ Get Options
+
+// GetOptions contains options for get operation.
+// Now it only has a Raw field, with support for specific resourceVersion.
+type GetOptions struct {
+ // Raw represents raw GetOptions, as passed to the API server. Note
+ // that these may not be respected by all implementations of interface.
+ Raw *metav1.GetOptions
+}
+
+var _ GetOption = &GetOptions{}
+
+// ApplyToGet implements GetOption for GetOptions.
+func (o *GetOptions) ApplyToGet(lo *GetOptions) {
+ if o.Raw != nil {
+ lo.Raw = o.Raw
+ }
+}
+
+// AsGetOptions returns these options as a flattened metav1.GetOptions.
+// This may mutate the Raw field.
+func (o *GetOptions) AsGetOptions() *metav1.GetOptions {
+ if o == nil || o.Raw == nil {
+ return &metav1.GetOptions{}
+ }
+ return o.Raw
+}
+
+// ApplyOptions applies the given get options on these options,
+// and then returns itself (for convenient chaining).
+func (o *GetOptions) ApplyOptions(opts []GetOption) *GetOptions {
+ for _, opt := range opts {
+ opt.ApplyToGet(o)
+ }
+ return o
+}
+
+// }}}
+
+// {{{ List Options
+
+// ListOptions contains options for limiting or filtering results.
+// It's generally a subset of metav1.ListOptions, with support for
+// pre-parsed selectors (since generally, selectors will be executed
+// against the cache).
+type ListOptions struct {
+ // LabelSelector filters results by label. Use labels.Parse() to
+ // set from raw string form.
+ LabelSelector labels.Selector
+ // FieldSelector filters results by a particular field. In order
+ // to use this with cache-based implementations, restrict usage to
+ // exact match field-value pair that's been added to the indexers.
+ FieldSelector fields.Selector
+
+ // Namespace represents the namespace to list for, or empty for
+ // non-namespaced objects, or to list across all namespaces.
+ Namespace string
+
+ // Limit specifies the maximum number of results to return from the server. The server may
+ // not support this field on all resource types, but if it does and more results remain it
+ // will set the continue field on the returned list object. This field is not supported if watch
+ // is true in the Raw ListOptions.
+ Limit int64
+ // Continue is a token returned by the server that lets a client retrieve chunks of results
+ // from the server by specifying limit. The server may reject requests for continuation tokens
+ // it does not recognize and will return a 410 error if the token can no longer be used because
+ // it has expired. This field is not supported if watch is true in the Raw ListOptions.
+ Continue string
+
+ // UnsafeDisableDeepCopy indicates not to deep copy objects during list objects.
+ // Be very careful with this, when enabled you must DeepCopy any object before mutating it,
+ // otherwise you will mutate the object in the cache.
+ // +optional
+ UnsafeDisableDeepCopy *bool
+
+ // Raw represents raw ListOptions, as passed to the API server. Note
+ // that these may not be respected by all implementations of interface,
+ // and the LabelSelector, FieldSelector, Limit and Continue fields are ignored.
+ Raw *metav1.ListOptions
+}
+
+var _ ListOption = &ListOptions{}
+
+// ApplyToList implements ListOption for ListOptions.
+func (o *ListOptions) ApplyToList(lo *ListOptions) {
+ if o.LabelSelector != nil {
+ lo.LabelSelector = o.LabelSelector
+ }
+ if o.FieldSelector != nil {
+ lo.FieldSelector = o.FieldSelector
+ }
+ if o.Namespace != "" {
+ lo.Namespace = o.Namespace
+ }
+ if o.Raw != nil {
+ lo.Raw = o.Raw
+ }
+ if o.Limit > 0 {
+ lo.Limit = o.Limit
+ }
+ if o.Continue != "" {
+ lo.Continue = o.Continue
+ }
+ if o.UnsafeDisableDeepCopy != nil {
+ lo.UnsafeDisableDeepCopy = o.UnsafeDisableDeepCopy
+ }
+}
+
+// AsListOptions returns these options as a flattened metav1.ListOptions.
+// This may mutate the Raw field.
+func (o *ListOptions) AsListOptions() *metav1.ListOptions {
+ if o == nil {
+ return &metav1.ListOptions{}
+ }
+ if o.Raw == nil {
+ o.Raw = &metav1.ListOptions{}
+ }
+ if o.LabelSelector != nil {
+ o.Raw.LabelSelector = o.LabelSelector.String()
+ }
+ if o.FieldSelector != nil {
+ o.Raw.FieldSelector = o.FieldSelector.String()
+ }
+ if !o.Raw.Watch {
+ o.Raw.Limit = o.Limit
+ o.Raw.Continue = o.Continue
+ }
+ return o.Raw
+}
+
+// ApplyOptions applies the given list options on these options,
+// and then returns itself (for convenient chaining).
+func (o *ListOptions) ApplyOptions(opts []ListOption) *ListOptions {
+ for _, opt := range opts {
+ opt.ApplyToList(o)
+ }
+ return o
+}
+
+// MatchingLabels filters the list/delete operation on the given set of labels.
+type MatchingLabels map[string]string
+
+// ApplyToList applies this configuration to the given list options.
+func (m MatchingLabels) ApplyToList(opts *ListOptions) {
+ // TODO(directxman12): can we avoid reserializing this over and over?
+ if opts.LabelSelector == nil {
+ opts.LabelSelector = labels.SelectorFromValidatedSet(map[string]string(m))
+ return
+ }
+ // If there's already a selector, we need to AND the two together.
+ noValidSel := labels.SelectorFromValidatedSet(map[string]string(m))
+ reqs, _ := noValidSel.Requirements()
+ for _, req := range reqs {
+ opts.LabelSelector = opts.LabelSelector.Add(req)
+ }
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (m MatchingLabels) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ m.ApplyToList(&opts.ListOptions)
+}
+
+// HasLabels filters the list/delete operation checking if the set of labels exists
+// without checking their values.
+type HasLabels []string
+
+// ApplyToList applies this configuration to the given list options.
+func (m HasLabels) ApplyToList(opts *ListOptions) {
+ if opts.LabelSelector == nil {
+ opts.LabelSelector = labels.NewSelector()
+ }
+ // TODO: ignore invalid labels will result in an empty selector.
+ // This is inconsistent to the that of MatchingLabels.
+ for _, label := range m {
+ r, err := labels.NewRequirement(label, selection.Exists, nil)
+ if err == nil {
+ opts.LabelSelector = opts.LabelSelector.Add(*r)
+ }
+ }
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (m HasLabels) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ m.ApplyToList(&opts.ListOptions)
+}
+
+// MatchingLabelsSelector filters the list/delete operation on the given label
+// selector (or index in the case of cached lists). A struct is used because
+// labels.Selector is an interface, which cannot be aliased.
+type MatchingLabelsSelector struct {
+ labels.Selector
+}
+
+// ApplyToList applies this configuration to the given list options.
+func (m MatchingLabelsSelector) ApplyToList(opts *ListOptions) {
+ opts.LabelSelector = m
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (m MatchingLabelsSelector) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ m.ApplyToList(&opts.ListOptions)
+}
+
+// MatchingFields filters the list/delete operation on the given field Set
+// (or index in the case of cached lists).
+type MatchingFields fields.Set
+
+// ApplyToList applies this configuration to the given list options.
+func (m MatchingFields) ApplyToList(opts *ListOptions) {
+ // TODO(directxman12): can we avoid re-serializing this?
+ sel := fields.Set(m).AsSelector()
+ opts.FieldSelector = sel
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (m MatchingFields) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ m.ApplyToList(&opts.ListOptions)
+}
+
+// MatchingFieldsSelector filters the list/delete operation on the given field
+// selector (or index in the case of cached lists). A struct is used because
+// fields.Selector is an interface, which cannot be aliased.
+type MatchingFieldsSelector struct {
+ fields.Selector
+}
+
+// ApplyToList applies this configuration to the given list options.
+func (m MatchingFieldsSelector) ApplyToList(opts *ListOptions) {
+ opts.FieldSelector = m
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (m MatchingFieldsSelector) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ m.ApplyToList(&opts.ListOptions)
+}
+
+// InNamespace restricts the list/delete operation to the given namespace.
+type InNamespace string
+
+// ApplyToList applies this configuration to the given list options.
+func (n InNamespace) ApplyToList(opts *ListOptions) {
+ opts.Namespace = string(n)
+}
+
+// ApplyToDeleteAllOf applies this configuration to the given an List options.
+func (n InNamespace) ApplyToDeleteAllOf(opts *DeleteAllOfOptions) {
+ n.ApplyToList(&opts.ListOptions)
+}
+
+// AsSelector returns a selector that matches objects in the given namespace.
+func (n InNamespace) AsSelector() fields.Selector {
+ return fields.SelectorFromSet(fields.Set{"metadata.namespace": string(n)})
+}
+
+// Limit specifies the maximum number of results to return from the server.
+// Limit does not implement DeleteAllOfOption interface because the server
+// does not support setting it for deletecollection operations.
+type Limit int64
+
+// ApplyToList applies this configuration to the given an list options.
+func (l Limit) ApplyToList(opts *ListOptions) {
+ opts.Limit = int64(l)
+}
+
+// UnsafeDisableDeepCopyOption indicates not to deep copy objects during list objects.
+// Be very careful with this, when enabled you must DeepCopy any object before mutating it,
+// otherwise you will mutate the object in the cache.
+type UnsafeDisableDeepCopyOption bool
+
+// ApplyToList applies this configuration to the given an List options.
+func (d UnsafeDisableDeepCopyOption) ApplyToList(opts *ListOptions) {
+ definitelyTrue := true
+ definitelyFalse := false
+ if d {
+ opts.UnsafeDisableDeepCopy = &definitelyTrue
+ } else {
+ opts.UnsafeDisableDeepCopy = &definitelyFalse
+ }
+}
+
+// UnsafeDisableDeepCopy indicates not to deep copy objects during list objects.
+const UnsafeDisableDeepCopy = UnsafeDisableDeepCopyOption(true)
+
+// Continue sets a continuation token to retrieve chunks of results when using limit.
+// Continue does not implement DeleteAllOfOption interface because the server
+// does not support setting it for deletecollection operations.
+type Continue string
+
+// ApplyToList applies this configuration to the given an List options.
+func (c Continue) ApplyToList(opts *ListOptions) {
+ opts.Continue = string(c)
+}
+
+// }}}
+
+// {{{ Update Options
+
+// UpdateOptions contains options for create requests. It's generally a subset
+// of metav1.UpdateOptions.
+type UpdateOptions struct {
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ DryRun []string
+
+ // FieldManager is the name of the user or component submitting
+ // this request. It must be set with server-side apply.
+ FieldManager string
+
+ // Raw represents raw UpdateOptions, as passed to the API server.
+ Raw *metav1.UpdateOptions
+}
+
+// AsUpdateOptions returns these options as a metav1.UpdateOptions.
+// This may mutate the Raw field.
+func (o *UpdateOptions) AsUpdateOptions() *metav1.UpdateOptions {
+ if o == nil {
+ return &metav1.UpdateOptions{}
+ }
+ if o.Raw == nil {
+ o.Raw = &metav1.UpdateOptions{}
+ }
+
+ o.Raw.DryRun = o.DryRun
+ o.Raw.FieldManager = o.FieldManager
+ return o.Raw
+}
+
+// ApplyOptions applies the given update options on these options,
+// and then returns itself (for convenient chaining).
+func (o *UpdateOptions) ApplyOptions(opts []UpdateOption) *UpdateOptions {
+ for _, opt := range opts {
+ opt.ApplyToUpdate(o)
+ }
+ return o
+}
+
+var _ UpdateOption = &UpdateOptions{}
+
+// ApplyToUpdate implements UpdateOption.
+func (o *UpdateOptions) ApplyToUpdate(uo *UpdateOptions) {
+ if o.DryRun != nil {
+ uo.DryRun = o.DryRun
+ }
+ if o.FieldManager != "" {
+ uo.FieldManager = o.FieldManager
+ }
+ if o.Raw != nil {
+ uo.Raw = o.Raw
+ }
+}
+
+// }}}
+
+// {{{ Patch Options
+
+// PatchOptions contains options for patch requests.
+type PatchOptions struct {
+ // When present, indicates that modifications should not be
+ // persisted. An invalid or unrecognized dryRun directive will
+ // result in an error response and no further processing of the
+ // request. Valid values are:
+ // - All: all dry run stages will be processed
+ DryRun []string
+
+ // Force is going to "force" Apply requests. It means user will
+ // re-acquire conflicting fields owned by other people. Force
+ // flag must be unset for non-apply patch requests.
+ // +optional
+ Force *bool
+
+ // FieldManager is the name of the user or component submitting
+ // this request. It must be set with server-side apply.
+ FieldManager string
+
+ // Raw represents raw PatchOptions, as passed to the API server.
+ Raw *metav1.PatchOptions
+}
+
+// ApplyOptions applies the given patch options on these options,
+// and then returns itself (for convenient chaining).
+func (o *PatchOptions) ApplyOptions(opts []PatchOption) *PatchOptions {
+ for _, opt := range opts {
+ opt.ApplyToPatch(o)
+ }
+ return o
+}
+
+// AsPatchOptions returns these options as a metav1.PatchOptions.
+// This may mutate the Raw field.
+func (o *PatchOptions) AsPatchOptions() *metav1.PatchOptions {
+ if o == nil {
+ return &metav1.PatchOptions{}
+ }
+ if o.Raw == nil {
+ o.Raw = &metav1.PatchOptions{}
+ }
+
+ o.Raw.DryRun = o.DryRun
+ o.Raw.Force = o.Force
+ o.Raw.FieldManager = o.FieldManager
+ return o.Raw
+}
+
+var _ PatchOption = &PatchOptions{}
+
+// ApplyToPatch implements PatchOptions.
+func (o *PatchOptions) ApplyToPatch(po *PatchOptions) {
+ if o.DryRun != nil {
+ po.DryRun = o.DryRun
+ }
+ if o.Force != nil {
+ po.Force = o.Force
+ }
+ if o.FieldManager != "" {
+ po.FieldManager = o.FieldManager
+ }
+ if o.Raw != nil {
+ po.Raw = o.Raw
+ }
+}
+
+// ForceOwnership indicates that in case of conflicts with server-side apply,
+// the client should acquire ownership of the conflicting field. Most
+// controllers should use this.
+var ForceOwnership = forceOwnership{}
+
+type forceOwnership struct{}
+
+func (forceOwnership) ApplyToPatch(opts *PatchOptions) {
+ definitelyTrue := true
+ opts.Force = &definitelyTrue
+}
+
+func (forceOwnership) ApplyToSubResourcePatch(opts *SubResourcePatchOptions) {
+ definitelyTrue := true
+ opts.Force = &definitelyTrue
+}
+
+// }}}
+
+// {{{ DeleteAllOf Options
+
+// these are all just delete options and list options
+
+// DeleteAllOfOptions contains options for deletecollection (deleteallof) requests.
+// It's just list and delete options smooshed together.
+type DeleteAllOfOptions struct {
+ ListOptions
+ DeleteOptions
+}
+
+// ApplyOptions applies the given deleteallof options on these options,
+// and then returns itself (for convenient chaining).
+func (o *DeleteAllOfOptions) ApplyOptions(opts []DeleteAllOfOption) *DeleteAllOfOptions {
+ for _, opt := range opts {
+ opt.ApplyToDeleteAllOf(o)
+ }
+ return o
+}
+
+var _ DeleteAllOfOption = &DeleteAllOfOptions{}
+
+// ApplyToDeleteAllOf implements DeleteAllOfOption.
+func (o *DeleteAllOfOptions) ApplyToDeleteAllOf(do *DeleteAllOfOptions) {
+ o.ApplyToList(&do.ListOptions)
+ o.ApplyToDelete(&do.DeleteOptions)
+}
+
+// }}}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/patch.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/patch.go
new file mode 100644
index 000000000..11d608388
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/patch.go
@@ -0,0 +1,213 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "fmt"
+
+ jsonpatch "github.com/evanphx/json-patch/v5"
+ "k8s.io/apimachinery/pkg/types"
+ "k8s.io/apimachinery/pkg/util/json"
+ "k8s.io/apimachinery/pkg/util/strategicpatch"
+)
+
+var (
+ // Apply uses server-side apply to patch the given object.
+ Apply Patch = applyPatch{}
+
+ // Merge uses the raw object as a merge patch, without modifications.
+ // Use MergeFrom if you wish to compute a diff instead.
+ Merge Patch = mergePatch{}
+)
+
+type patch struct {
+ patchType types.PatchType
+ data []byte
+}
+
+// Type implements Patch.
+func (s *patch) Type() types.PatchType {
+ return s.patchType
+}
+
+// Data implements Patch.
+func (s *patch) Data(obj Object) ([]byte, error) {
+ return s.data, nil
+}
+
+// RawPatch constructs a new Patch with the given PatchType and data.
+func RawPatch(patchType types.PatchType, data []byte) Patch {
+ return &patch{patchType, data}
+}
+
+// MergeFromWithOptimisticLock can be used if clients want to make sure a patch
+// is being applied to the latest resource version of an object.
+//
+// The behavior is similar to what an Update would do, without the need to send the
+// whole object. Usually this method is useful if you might have multiple clients
+// acting on the same object and the same API version, but with different versions of the Go structs.
+//
+// For example, an "older" copy of a Widget that has fields A and B, and a "newer" copy with A, B, and C.
+// Sending an update using the older struct definition results in C being dropped, whereas using a patch does not.
+type MergeFromWithOptimisticLock struct{}
+
+// ApplyToMergeFrom applies this configuration to the given patch options.
+func (m MergeFromWithOptimisticLock) ApplyToMergeFrom(in *MergeFromOptions) {
+ in.OptimisticLock = true
+}
+
+// MergeFromOption is some configuration that modifies options for a merge-from patch data.
+type MergeFromOption interface {
+ // ApplyToMergeFrom applies this configuration to the given patch options.
+ ApplyToMergeFrom(*MergeFromOptions)
+}
+
+// MergeFromOptions contains options to generate a merge-from patch data.
+type MergeFromOptions struct {
+ // OptimisticLock, when true, includes `metadata.resourceVersion` into the final
+ // patch data. If the `resourceVersion` field doesn't match what's stored,
+ // the operation results in a conflict and clients will need to try again.
+ OptimisticLock bool
+}
+
+type mergeFromPatch struct {
+ patchType types.PatchType
+ createPatch func(originalJSON, modifiedJSON []byte, dataStruct interface{}) ([]byte, error)
+ from Object
+ opts MergeFromOptions
+}
+
+// Type implements Patch.
+func (s *mergeFromPatch) Type() types.PatchType {
+ return s.patchType
+}
+
+// Data implements Patch.
+func (s *mergeFromPatch) Data(obj Object) ([]byte, error) {
+ original := s.from
+ modified := obj
+
+ if s.opts.OptimisticLock {
+ version := original.GetResourceVersion()
+ if len(version) == 0 {
+ return nil, fmt.Errorf("cannot use OptimisticLock, object %q does not have any resource version we can use", original)
+ }
+
+ original = original.DeepCopyObject().(Object)
+ original.SetResourceVersion("")
+
+ modified = modified.DeepCopyObject().(Object)
+ modified.SetResourceVersion(version)
+ }
+
+ originalJSON, err := json.Marshal(original)
+ if err != nil {
+ return nil, err
+ }
+
+ modifiedJSON, err := json.Marshal(modified)
+ if err != nil {
+ return nil, err
+ }
+
+ data, err := s.createPatch(originalJSON, modifiedJSON, obj)
+ if err != nil {
+ return nil, err
+ }
+
+ return data, nil
+}
+
+func createMergePatch(originalJSON, modifiedJSON []byte, _ interface{}) ([]byte, error) {
+ return jsonpatch.CreateMergePatch(originalJSON, modifiedJSON)
+}
+
+func createStrategicMergePatch(originalJSON, modifiedJSON []byte, dataStruct interface{}) ([]byte, error) {
+ return strategicpatch.CreateTwoWayMergePatch(originalJSON, modifiedJSON, dataStruct)
+}
+
+// MergeFrom creates a Patch that patches using the merge-patch strategy with the given object as base.
+// The difference between MergeFrom and StrategicMergeFrom lays in the handling of modified list fields.
+// When using MergeFrom, existing lists will be completely replaced by new lists.
+// When using StrategicMergeFrom, the list field's `patchStrategy` is respected if specified in the API type,
+// e.g. the existing list is not replaced completely but rather merged with the new one using the list's `patchMergeKey`.
+// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ for more details on
+// the difference between merge-patch and strategic-merge-patch.
+func MergeFrom(obj Object) Patch {
+ return &mergeFromPatch{patchType: types.MergePatchType, createPatch: createMergePatch, from: obj}
+}
+
+// MergeFromWithOptions creates a Patch that patches using the merge-patch strategy with the given object as base.
+// See MergeFrom for more details.
+func MergeFromWithOptions(obj Object, opts ...MergeFromOption) Patch {
+ options := &MergeFromOptions{}
+ for _, opt := range opts {
+ opt.ApplyToMergeFrom(options)
+ }
+ return &mergeFromPatch{patchType: types.MergePatchType, createPatch: createMergePatch, from: obj, opts: *options}
+}
+
+// StrategicMergeFrom creates a Patch that patches using the strategic-merge-patch strategy with the given object as base.
+// The difference between MergeFrom and StrategicMergeFrom lays in the handling of modified list fields.
+// When using MergeFrom, existing lists will be completely replaced by new lists.
+// When using StrategicMergeFrom, the list field's `patchStrategy` is respected if specified in the API type,
+// e.g. the existing list is not replaced completely but rather merged with the new one using the list's `patchMergeKey`.
+// See https://kubernetes.io/docs/tasks/manage-kubernetes-objects/update-api-object-kubectl-patch/ for more details on
+// the difference between merge-patch and strategic-merge-patch.
+// Please note, that CRDs don't support strategic-merge-patch, see
+// https://kubernetes.io/docs/concepts/extend-kubernetes/api-extension/custom-resources/#advanced-features-and-flexibility
+func StrategicMergeFrom(obj Object, opts ...MergeFromOption) Patch {
+ options := &MergeFromOptions{}
+ for _, opt := range opts {
+ opt.ApplyToMergeFrom(options)
+ }
+ return &mergeFromPatch{patchType: types.StrategicMergePatchType, createPatch: createStrategicMergePatch, from: obj, opts: *options}
+}
+
+// mergePatch uses a raw merge strategy to patch the object.
+type mergePatch struct{}
+
+// Type implements Patch.
+func (p mergePatch) Type() types.PatchType {
+ return types.MergePatchType
+}
+
+// Data implements Patch.
+func (p mergePatch) Data(obj Object) ([]byte, error) {
+ // NB(directxman12): we might technically want to be using an actual encoder
+ // here (in case some more performant encoder is introduced) but this is
+ // correct and sufficient for our uses (it's what the JSON serializer in
+ // client-go does, more-or-less).
+ return json.Marshal(obj)
+}
+
+// applyPatch uses server-side apply to patch the object.
+type applyPatch struct{}
+
+// Type implements Patch.
+func (p applyPatch) Type() types.PatchType {
+ return types.ApplyPatchType
+}
+
+// Data implements Patch.
+func (p applyPatch) Data(obj Object) ([]byte, error) {
+ // NB(directxman12): we might technically want to be using an actual encoder
+ // here (in case some more performant encoder is introduced) but this is
+ // correct and sufficient for our uses (it's what the JSON serializer in
+ // client-go does, more-or-less).
+ return json.Marshal(obj)
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/typed_client.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/typed_client.go
new file mode 100644
index 000000000..92afd9a9c
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/typed_client.go
@@ -0,0 +1,279 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+
+ "k8s.io/apimachinery/pkg/runtime"
+)
+
+var _ Reader = &typedClient{}
+var _ Writer = &typedClient{}
+
+type typedClient struct {
+ resources *clientRestResources
+ paramCodec runtime.ParameterCodec
+}
+
+// Create implements client.Client.
+func (c *typedClient) Create(ctx context.Context, obj Object, opts ...CreateOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ createOpts := &CreateOptions{}
+ createOpts.ApplyOptions(opts)
+
+ return o.Post().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Body(obj).
+ VersionedParams(createOpts.AsCreateOptions(), c.paramCodec).
+ Do(ctx).
+ Into(obj)
+}
+
+// Update implements client.Client.
+func (c *typedClient) Update(ctx context.Context, obj Object, opts ...UpdateOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ updateOpts := &UpdateOptions{}
+ updateOpts.ApplyOptions(opts)
+
+ return o.Put().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ Body(obj).
+ VersionedParams(updateOpts.AsUpdateOptions(), c.paramCodec).
+ Do(ctx).
+ Into(obj)
+}
+
+// Delete implements client.Client.
+func (c *typedClient) Delete(ctx context.Context, obj Object, opts ...DeleteOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ deleteOpts := DeleteOptions{}
+ deleteOpts.ApplyOptions(opts)
+
+ return o.Delete().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ Body(deleteOpts.AsDeleteOptions()).
+ Do(ctx).
+ Error()
+}
+
+// DeleteAllOf implements client.Client.
+func (c *typedClient) DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ deleteAllOfOpts := DeleteAllOfOptions{}
+ deleteAllOfOpts.ApplyOptions(opts)
+
+ return o.Delete().
+ NamespaceIfScoped(deleteAllOfOpts.ListOptions.Namespace, o.isNamespaced()).
+ Resource(o.resource()).
+ VersionedParams(deleteAllOfOpts.AsListOptions(), c.paramCodec).
+ Body(deleteAllOfOpts.AsDeleteOptions()).
+ Do(ctx).
+ Error()
+}
+
+// Patch implements client.Client.
+func (c *typedClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ data, err := patch.Data(obj)
+ if err != nil {
+ return err
+ }
+
+ patchOpts := &PatchOptions{}
+ patchOpts.ApplyOptions(opts)
+
+ return o.Patch(patch.Type()).
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ VersionedParams(patchOpts.AsPatchOptions(), c.paramCodec).
+ Body(data).
+ Do(ctx).
+ Into(obj)
+}
+
+// Get implements client.Client.
+func (c *typedClient) Get(ctx context.Context, key ObjectKey, obj Object, opts ...GetOption) error {
+ r, err := c.resources.getResource(obj)
+ if err != nil {
+ return err
+ }
+ getOpts := GetOptions{}
+ getOpts.ApplyOptions(opts)
+ return r.Get().
+ NamespaceIfScoped(key.Namespace, r.isNamespaced()).
+ Resource(r.resource()).
+ VersionedParams(getOpts.AsGetOptions(), c.paramCodec).
+ Name(key.Name).Do(ctx).Into(obj)
+}
+
+// List implements client.Client.
+func (c *typedClient) List(ctx context.Context, obj ObjectList, opts ...ListOption) error {
+ r, err := c.resources.getResource(obj)
+ if err != nil {
+ return err
+ }
+
+ listOpts := ListOptions{}
+ listOpts.ApplyOptions(opts)
+
+ return r.Get().
+ NamespaceIfScoped(listOpts.Namespace, r.isNamespaced()).
+ Resource(r.resource()).
+ VersionedParams(listOpts.AsListOptions(), c.paramCodec).
+ Do(ctx).
+ Into(obj)
+}
+
+func (c *typedClient) GetSubResource(ctx context.Context, obj, subResourceObj Object, subResource string, opts ...SubResourceGetOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ if subResourceObj.GetName() == "" {
+ subResourceObj.SetName(obj.GetName())
+ }
+
+ getOpts := &SubResourceGetOptions{}
+ getOpts.ApplyOptions(opts)
+
+ return o.Get().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ VersionedParams(getOpts.AsGetOptions(), c.paramCodec).
+ Do(ctx).
+ Into(subResourceObj)
+}
+
+func (c *typedClient) CreateSubResource(ctx context.Context, obj Object, subResourceObj Object, subResource string, opts ...SubResourceCreateOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ if subResourceObj.GetName() == "" {
+ subResourceObj.SetName(obj.GetName())
+ }
+
+ createOpts := &SubResourceCreateOptions{}
+ createOpts.ApplyOptions(opts)
+
+ return o.Post().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ Body(subResourceObj).
+ VersionedParams(createOpts.AsCreateOptions(), c.paramCodec).
+ Do(ctx).
+ Into(subResourceObj)
+}
+
+// UpdateSubResource used by SubResourceWriter to write status.
+func (c *typedClient) UpdateSubResource(ctx context.Context, obj Object, subResource string, opts ...SubResourceUpdateOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+ // TODO(droot): examine the returned error and check if it error needs to be
+ // wrapped to improve the UX ?
+ // It will be nice to receive an error saying the object doesn't implement
+ // status subresource and check CRD definition
+ updateOpts := &SubResourceUpdateOptions{}
+ updateOpts.ApplyOptions(opts)
+
+ body := obj
+ if updateOpts.SubResourceBody != nil {
+ body = updateOpts.SubResourceBody
+ }
+ if body.GetName() == "" {
+ body.SetName(obj.GetName())
+ }
+ if body.GetNamespace() == "" {
+ body.SetNamespace(obj.GetNamespace())
+ }
+
+ return o.Put().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ Body(body).
+ VersionedParams(updateOpts.AsUpdateOptions(), c.paramCodec).
+ Do(ctx).
+ Into(body)
+}
+
+// PatchSubResource used by SubResourceWriter to write subresource.
+func (c *typedClient) PatchSubResource(ctx context.Context, obj Object, subResource string, patch Patch, opts ...SubResourcePatchOption) error {
+ o, err := c.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ patchOpts := &SubResourcePatchOptions{}
+ patchOpts.ApplyOptions(opts)
+
+ body := obj
+ if patchOpts.SubResourceBody != nil {
+ body = patchOpts.SubResourceBody
+ }
+
+ data, err := patch.Data(body)
+ if err != nil {
+ return err
+ }
+
+ return o.Patch(patch.Type()).
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ Body(data).
+ VersionedParams(patchOpts.AsPatchOptions(), c.paramCodec).
+ Do(ctx).
+ Into(body)
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/unstructured_client.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/unstructured_client.go
new file mode 100644
index 000000000..0d9695178
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/unstructured_client.go
@@ -0,0 +1,361 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+ "fmt"
+ "strings"
+
+ "k8s.io/apimachinery/pkg/runtime"
+)
+
+var _ Reader = &unstructuredClient{}
+var _ Writer = &unstructuredClient{}
+
+type unstructuredClient struct {
+ resources *clientRestResources
+ paramCodec runtime.ParameterCodec
+}
+
+// Create implements client.Client.
+func (uc *unstructuredClient) Create(ctx context.Context, obj Object, opts ...CreateOption) error {
+ u, ok := obj.(runtime.Unstructured)
+ if !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ gvk := u.GetObjectKind().GroupVersionKind()
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ createOpts := &CreateOptions{}
+ createOpts.ApplyOptions(opts)
+
+ result := o.Post().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Body(obj).
+ VersionedParams(createOpts.AsCreateOptions(), uc.paramCodec).
+ Do(ctx).
+ Into(obj)
+
+ u.GetObjectKind().SetGroupVersionKind(gvk)
+ return result
+}
+
+// Update implements client.Client.
+func (uc *unstructuredClient) Update(ctx context.Context, obj Object, opts ...UpdateOption) error {
+ u, ok := obj.(runtime.Unstructured)
+ if !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ gvk := u.GetObjectKind().GroupVersionKind()
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ updateOpts := UpdateOptions{}
+ updateOpts.ApplyOptions(opts)
+
+ result := o.Put().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ Body(obj).
+ VersionedParams(updateOpts.AsUpdateOptions(), uc.paramCodec).
+ Do(ctx).
+ Into(obj)
+
+ u.GetObjectKind().SetGroupVersionKind(gvk)
+ return result
+}
+
+// Delete implements client.Client.
+func (uc *unstructuredClient) Delete(ctx context.Context, obj Object, opts ...DeleteOption) error {
+ if _, ok := obj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ deleteOpts := DeleteOptions{}
+ deleteOpts.ApplyOptions(opts)
+
+ return o.Delete().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ Body(deleteOpts.AsDeleteOptions()).
+ Do(ctx).
+ Error()
+}
+
+// DeleteAllOf implements client.Client.
+func (uc *unstructuredClient) DeleteAllOf(ctx context.Context, obj Object, opts ...DeleteAllOfOption) error {
+ if _, ok := obj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ deleteAllOfOpts := DeleteAllOfOptions{}
+ deleteAllOfOpts.ApplyOptions(opts)
+
+ return o.Delete().
+ NamespaceIfScoped(deleteAllOfOpts.ListOptions.Namespace, o.isNamespaced()).
+ Resource(o.resource()).
+ VersionedParams(deleteAllOfOpts.AsListOptions(), uc.paramCodec).
+ Body(deleteAllOfOpts.AsDeleteOptions()).
+ Do(ctx).
+ Error()
+}
+
+// Patch implements client.Client.
+func (uc *unstructuredClient) Patch(ctx context.Context, obj Object, patch Patch, opts ...PatchOption) error {
+ if _, ok := obj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ data, err := patch.Data(obj)
+ if err != nil {
+ return err
+ }
+
+ patchOpts := &PatchOptions{}
+ patchOpts.ApplyOptions(opts)
+
+ return o.Patch(patch.Type()).
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ VersionedParams(patchOpts.AsPatchOptions(), uc.paramCodec).
+ Body(data).
+ Do(ctx).
+ Into(obj)
+}
+
+// Get implements client.Client.
+func (uc *unstructuredClient) Get(ctx context.Context, key ObjectKey, obj Object, opts ...GetOption) error {
+ u, ok := obj.(runtime.Unstructured)
+ if !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ gvk := u.GetObjectKind().GroupVersionKind()
+
+ getOpts := GetOptions{}
+ getOpts.ApplyOptions(opts)
+
+ r, err := uc.resources.getResource(obj)
+ if err != nil {
+ return err
+ }
+
+ result := r.Get().
+ NamespaceIfScoped(key.Namespace, r.isNamespaced()).
+ Resource(r.resource()).
+ VersionedParams(getOpts.AsGetOptions(), uc.paramCodec).
+ Name(key.Name).
+ Do(ctx).
+ Into(obj)
+
+ u.GetObjectKind().SetGroupVersionKind(gvk)
+
+ return result
+}
+
+// List implements client.Client.
+func (uc *unstructuredClient) List(ctx context.Context, obj ObjectList, opts ...ListOption) error {
+ u, ok := obj.(runtime.Unstructured)
+ if !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ gvk := u.GetObjectKind().GroupVersionKind()
+ gvk.Kind = strings.TrimSuffix(gvk.Kind, "List")
+
+ r, err := uc.resources.getResource(obj)
+ if err != nil {
+ return err
+ }
+
+ listOpts := ListOptions{}
+ listOpts.ApplyOptions(opts)
+
+ return r.Get().
+ NamespaceIfScoped(listOpts.Namespace, r.isNamespaced()).
+ Resource(r.resource()).
+ VersionedParams(listOpts.AsListOptions(), uc.paramCodec).
+ Do(ctx).
+ Into(obj)
+}
+
+func (uc *unstructuredClient) GetSubResource(ctx context.Context, obj, subResourceObj Object, subResource string, opts ...SubResourceGetOption) error {
+ if _, ok := obj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ if _, ok := subResourceObj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", subResourceObj)
+ }
+
+ if subResourceObj.GetName() == "" {
+ subResourceObj.SetName(obj.GetName())
+ }
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ getOpts := &SubResourceGetOptions{}
+ getOpts.ApplyOptions(opts)
+
+ return o.Get().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ VersionedParams(getOpts.AsGetOptions(), uc.paramCodec).
+ Do(ctx).
+ Into(subResourceObj)
+}
+
+func (uc *unstructuredClient) CreateSubResource(ctx context.Context, obj, subResourceObj Object, subResource string, opts ...SubResourceCreateOption) error {
+ if _, ok := obj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ if _, ok := subResourceObj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", subResourceObj)
+ }
+
+ if subResourceObj.GetName() == "" {
+ subResourceObj.SetName(obj.GetName())
+ }
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ createOpts := &SubResourceCreateOptions{}
+ createOpts.ApplyOptions(opts)
+
+ return o.Post().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ Body(subResourceObj).
+ VersionedParams(createOpts.AsCreateOptions(), uc.paramCodec).
+ Do(ctx).
+ Into(subResourceObj)
+}
+
+func (uc *unstructuredClient) UpdateSubResource(ctx context.Context, obj Object, subResource string, opts ...SubResourceUpdateOption) error {
+ if _, ok := obj.(runtime.Unstructured); !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ updateOpts := SubResourceUpdateOptions{}
+ updateOpts.ApplyOptions(opts)
+
+ body := obj
+ if updateOpts.SubResourceBody != nil {
+ body = updateOpts.SubResourceBody
+ }
+ if body.GetName() == "" {
+ body.SetName(obj.GetName())
+ }
+ if body.GetNamespace() == "" {
+ body.SetNamespace(obj.GetNamespace())
+ }
+
+ return o.Put().
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ Body(body).
+ VersionedParams(updateOpts.AsUpdateOptions(), uc.paramCodec).
+ Do(ctx).
+ Into(body)
+}
+
+func (uc *unstructuredClient) PatchSubResource(ctx context.Context, obj Object, subResource string, patch Patch, opts ...SubResourcePatchOption) error {
+ u, ok := obj.(runtime.Unstructured)
+ if !ok {
+ return fmt.Errorf("unstructured client did not understand object: %T", obj)
+ }
+
+ gvk := u.GetObjectKind().GroupVersionKind()
+
+ o, err := uc.resources.getObjMeta(obj)
+ if err != nil {
+ return err
+ }
+
+ patchOpts := &SubResourcePatchOptions{}
+ patchOpts.ApplyOptions(opts)
+
+ body := obj
+ if patchOpts.SubResourceBody != nil {
+ body = patchOpts.SubResourceBody
+ }
+
+ data, err := patch.Data(body)
+ if err != nil {
+ return err
+ }
+
+ result := o.Patch(patch.Type()).
+ NamespaceIfScoped(o.GetNamespace(), o.isNamespaced()).
+ Resource(o.resource()).
+ Name(o.GetName()).
+ SubResource(subResource).
+ Body(data).
+ VersionedParams(patchOpts.AsPatchOptions(), uc.paramCodec).
+ Do(ctx).
+ Into(body)
+
+ u.GetObjectKind().SetGroupVersionKind(gvk)
+ return result
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/client/watch.go b/vendor/sigs.k8s.io/controller-runtime/pkg/client/watch.go
new file mode 100644
index 000000000..181b22a67
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/client/watch.go
@@ -0,0 +1,106 @@
+/*
+Copyright 2020 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package client
+
+import (
+ "context"
+ "strings"
+
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/watch"
+ "k8s.io/client-go/rest"
+)
+
+// NewWithWatch returns a new WithWatch.
+func NewWithWatch(config *rest.Config, options Options) (WithWatch, error) {
+ client, err := newClient(config, options)
+ if err != nil {
+ return nil, err
+ }
+ return &watchingClient{client: client}, nil
+}
+
+type watchingClient struct {
+ *client
+}
+
+func (w *watchingClient) Watch(ctx context.Context, list ObjectList, opts ...ListOption) (watch.Interface, error) {
+ switch l := list.(type) {
+ case runtime.Unstructured:
+ return w.unstructuredWatch(ctx, l, opts...)
+ case *metav1.PartialObjectMetadataList:
+ return w.metadataWatch(ctx, l, opts...)
+ default:
+ return w.typedWatch(ctx, l, opts...)
+ }
+}
+
+func (w *watchingClient) listOpts(opts ...ListOption) ListOptions {
+ listOpts := ListOptions{}
+ listOpts.ApplyOptions(opts)
+ if listOpts.Raw == nil {
+ listOpts.Raw = &metav1.ListOptions{}
+ }
+ listOpts.Raw.Watch = true
+
+ return listOpts
+}
+
+func (w *watchingClient) metadataWatch(ctx context.Context, obj *metav1.PartialObjectMetadataList, opts ...ListOption) (watch.Interface, error) {
+ gvk := obj.GroupVersionKind()
+ gvk.Kind = strings.TrimSuffix(gvk.Kind, "List")
+
+ listOpts := w.listOpts(opts...)
+
+ resInt, err := w.client.metadataClient.getResourceInterface(gvk, listOpts.Namespace)
+ if err != nil {
+ return nil, err
+ }
+
+ return resInt.Watch(ctx, *listOpts.AsListOptions())
+}
+
+func (w *watchingClient) unstructuredWatch(ctx context.Context, obj runtime.Unstructured, opts ...ListOption) (watch.Interface, error) {
+ r, err := w.client.unstructuredClient.resources.getResource(obj)
+ if err != nil {
+ return nil, err
+ }
+
+ listOpts := w.listOpts(opts...)
+
+ return r.Get().
+ NamespaceIfScoped(listOpts.Namespace, r.isNamespaced()).
+ Resource(r.resource()).
+ VersionedParams(listOpts.AsListOptions(), w.client.unstructuredClient.paramCodec).
+ Watch(ctx)
+}
+
+func (w *watchingClient) typedWatch(ctx context.Context, obj ObjectList, opts ...ListOption) (watch.Interface, error) {
+ r, err := w.client.typedClient.resources.getResource(obj)
+ if err != nil {
+ return nil, err
+ }
+
+ listOpts := w.listOpts(opts...)
+
+ return r.Get().
+ NamespaceIfScoped(listOpts.Namespace, r.isNamespaced()).
+ Resource(r.resource()).
+ VersionedParams(listOpts.AsListOptions(), w.client.typedClient.paramCodec).
+ Watch(ctx)
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/controller/controllerutil/controllerutil.go b/vendor/sigs.k8s.io/controller-runtime/pkg/controller/controllerutil/controllerutil.go
new file mode 100644
index 000000000..05153f74c
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/controller/controllerutil/controllerutil.go
@@ -0,0 +1,478 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package controllerutil
+
+import (
+ "context"
+ "fmt"
+ "reflect"
+
+ "k8s.io/apimachinery/pkg/api/equality"
+ apierrors "k8s.io/apimachinery/pkg/api/errors"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/utils/ptr"
+
+ "sigs.k8s.io/controller-runtime/pkg/client"
+ "sigs.k8s.io/controller-runtime/pkg/client/apiutil"
+)
+
+// AlreadyOwnedError is an error returned if the object you are trying to assign
+// a controller reference is already owned by another controller Object is the
+// subject and Owner is the reference for the current owner.
+type AlreadyOwnedError struct {
+ Object metav1.Object
+ Owner metav1.OwnerReference
+}
+
+func (e *AlreadyOwnedError) Error() string {
+ return fmt.Sprintf("Object %s/%s is already owned by another %s controller %s", e.Object.GetNamespace(), e.Object.GetName(), e.Owner.Kind, e.Owner.Name)
+}
+
+func newAlreadyOwnedError(obj metav1.Object, owner metav1.OwnerReference) *AlreadyOwnedError {
+ return &AlreadyOwnedError{
+ Object: obj,
+ Owner: owner,
+ }
+}
+
+// SetControllerReference sets owner as a Controller OwnerReference on controlled.
+// This is used for garbage collection of the controlled object and for
+// reconciling the owner object on changes to controlled (with a Watch + EnqueueRequestForOwner).
+// Since only one OwnerReference can be a controller, it returns an error if
+// there is another OwnerReference with Controller flag set.
+func SetControllerReference(owner, controlled metav1.Object, scheme *runtime.Scheme) error {
+ // Validate the owner.
+ ro, ok := owner.(runtime.Object)
+ if !ok {
+ return fmt.Errorf("%T is not a runtime.Object, cannot call SetControllerReference", owner)
+ }
+ if err := validateOwner(owner, controlled); err != nil {
+ return err
+ }
+
+ // Create a new controller ref.
+ gvk, err := apiutil.GVKForObject(ro, scheme)
+ if err != nil {
+ return err
+ }
+ ref := metav1.OwnerReference{
+ APIVersion: gvk.GroupVersion().String(),
+ Kind: gvk.Kind,
+ Name: owner.GetName(),
+ UID: owner.GetUID(),
+ BlockOwnerDeletion: ptr.To(true),
+ Controller: ptr.To(true),
+ }
+
+ // Return early with an error if the object is already controlled.
+ if existing := metav1.GetControllerOf(controlled); existing != nil && !referSameObject(*existing, ref) {
+ return newAlreadyOwnedError(controlled, *existing)
+ }
+
+ // Update owner references and return.
+ upsertOwnerRef(ref, controlled)
+ return nil
+}
+
+// SetOwnerReference is a helper method to make sure the given object contains an object reference to the object provided.
+// This allows you to declare that owner has a dependency on the object without specifying it as a controller.
+// If a reference to the same object already exists, it'll be overwritten with the newly provided version.
+func SetOwnerReference(owner, object metav1.Object, scheme *runtime.Scheme) error {
+ // Validate the owner.
+ ro, ok := owner.(runtime.Object)
+ if !ok {
+ return fmt.Errorf("%T is not a runtime.Object, cannot call SetOwnerReference", owner)
+ }
+ if err := validateOwner(owner, object); err != nil {
+ return err
+ }
+
+ // Create a new owner ref.
+ gvk, err := apiutil.GVKForObject(ro, scheme)
+ if err != nil {
+ return err
+ }
+ ref := metav1.OwnerReference{
+ APIVersion: gvk.GroupVersion().String(),
+ Kind: gvk.Kind,
+ UID: owner.GetUID(),
+ Name: owner.GetName(),
+ }
+
+ // Update owner references and return.
+ upsertOwnerRef(ref, object)
+ return nil
+}
+
+// RemoveOwnerReference is a helper method to make sure the given object removes an owner reference to the object provided.
+// This allows you to remove the owner to establish a new owner of the object in a subsequent call.
+func RemoveOwnerReference(owner, object metav1.Object, scheme *runtime.Scheme) error {
+ owners := object.GetOwnerReferences()
+ length := len(owners)
+ if length < 1 {
+ return fmt.Errorf("%T does not have any owner references", object)
+ }
+ ro, ok := owner.(runtime.Object)
+ if !ok {
+ return fmt.Errorf("%T is not a runtime.Object, cannot call RemoveOwnerReference", owner)
+ }
+ gvk, err := apiutil.GVKForObject(ro, scheme)
+ if err != nil {
+ return err
+ }
+
+ index := indexOwnerRef(owners, metav1.OwnerReference{
+ APIVersion: gvk.GroupVersion().String(),
+ Name: owner.GetName(),
+ Kind: gvk.Kind,
+ })
+ if index == -1 {
+ return fmt.Errorf("%T does not have an owner reference for %T", object, owner)
+ }
+
+ owners = append(owners[:index], owners[index+1:]...)
+ object.SetOwnerReferences(owners)
+ return nil
+}
+
+// HasControllerReference returns true if the object
+// has an owner ref with controller equal to true
+func HasControllerReference(object metav1.Object) bool {
+ owners := object.GetOwnerReferences()
+ for _, owner := range owners {
+ isTrue := owner.Controller
+ if owner.Controller != nil && *isTrue {
+ return true
+ }
+ }
+ return false
+}
+
+// RemoveControllerReference removes an owner reference where the controller
+// equals true
+func RemoveControllerReference(owner, object metav1.Object, scheme *runtime.Scheme) error {
+ if ok := HasControllerReference(object); !ok {
+ return fmt.Errorf("%T does not have a owner reference with controller equals true", object)
+ }
+ ro, ok := owner.(runtime.Object)
+ if !ok {
+ return fmt.Errorf("%T is not a runtime.Object, cannot call RemoveControllerReference", owner)
+ }
+ gvk, err := apiutil.GVKForObject(ro, scheme)
+ if err != nil {
+ return err
+ }
+ ownerRefs := object.GetOwnerReferences()
+ index := indexOwnerRef(ownerRefs, metav1.OwnerReference{
+ APIVersion: gvk.GroupVersion().String(),
+ Name: owner.GetName(),
+ Kind: gvk.Kind,
+ })
+
+ if index == -1 {
+ return fmt.Errorf("%T does not have an controller reference for %T", object, owner)
+ }
+
+ if ownerRefs[index].Controller == nil || !*ownerRefs[index].Controller {
+ return fmt.Errorf("%T owner is not the controller reference for %T", owner, object)
+ }
+
+ ownerRefs = append(ownerRefs[:index], ownerRefs[index+1:]...)
+ object.SetOwnerReferences(ownerRefs)
+ return nil
+}
+
+func upsertOwnerRef(ref metav1.OwnerReference, object metav1.Object) {
+ owners := object.GetOwnerReferences()
+ if idx := indexOwnerRef(owners, ref); idx == -1 {
+ owners = append(owners, ref)
+ } else {
+ owners[idx] = ref
+ }
+ object.SetOwnerReferences(owners)
+}
+
+// indexOwnerRef returns the index of the owner reference in the slice if found, or -1.
+func indexOwnerRef(ownerReferences []metav1.OwnerReference, ref metav1.OwnerReference) int {
+ for index, r := range ownerReferences {
+ if referSameObject(r, ref) {
+ return index
+ }
+ }
+ return -1
+}
+
+func validateOwner(owner, object metav1.Object) error {
+ ownerNs := owner.GetNamespace()
+ if ownerNs != "" {
+ objNs := object.GetNamespace()
+ if objNs == "" {
+ return fmt.Errorf("cluster-scoped resource must not have a namespace-scoped owner, owner's namespace %s", ownerNs)
+ }
+ if ownerNs != objNs {
+ return fmt.Errorf("cross-namespace owner references are disallowed, owner's namespace %s, obj's namespace %s", owner.GetNamespace(), object.GetNamespace())
+ }
+ }
+ return nil
+}
+
+// Returns true if a and b point to the same object.
+func referSameObject(a, b metav1.OwnerReference) bool {
+ aGV, err := schema.ParseGroupVersion(a.APIVersion)
+ if err != nil {
+ return false
+ }
+
+ bGV, err := schema.ParseGroupVersion(b.APIVersion)
+ if err != nil {
+ return false
+ }
+ return aGV.Group == bGV.Group && a.Kind == b.Kind && a.Name == b.Name
+}
+
+// OperationResult is the action result of a CreateOrUpdate call.
+type OperationResult string
+
+const ( // They should complete the sentence "Deployment default/foo has been ..."
+ // OperationResultNone means that the resource has not been changed.
+ OperationResultNone OperationResult = "unchanged"
+ // OperationResultCreated means that a new resource is created.
+ OperationResultCreated OperationResult = "created"
+ // OperationResultUpdated means that an existing resource is updated.
+ OperationResultUpdated OperationResult = "updated"
+ // OperationResultUpdatedStatus means that an existing resource and its status is updated.
+ OperationResultUpdatedStatus OperationResult = "updatedStatus"
+ // OperationResultUpdatedStatusOnly means that only an existing status is updated.
+ OperationResultUpdatedStatusOnly OperationResult = "updatedStatusOnly"
+)
+
+// CreateOrUpdate creates or updates the given object in the Kubernetes
+// cluster. The object's desired state must be reconciled with the existing
+// state inside the passed in callback MutateFn.
+//
+// The MutateFn is called regardless of creating or updating an object.
+//
+// It returns the executed operation and an error.
+//
+// Note: changes made by MutateFn to any sub-resource (status...), will be
+// discarded.
+func CreateOrUpdate(ctx context.Context, c client.Client, obj client.Object, f MutateFn) (OperationResult, error) {
+ key := client.ObjectKeyFromObject(obj)
+ if err := c.Get(ctx, key, obj); err != nil {
+ if !apierrors.IsNotFound(err) {
+ return OperationResultNone, err
+ }
+ if err := mutate(f, key, obj); err != nil {
+ return OperationResultNone, err
+ }
+ if err := c.Create(ctx, obj); err != nil {
+ return OperationResultNone, err
+ }
+ return OperationResultCreated, nil
+ }
+
+ existing := obj.DeepCopyObject()
+ if err := mutate(f, key, obj); err != nil {
+ return OperationResultNone, err
+ }
+
+ if equality.Semantic.DeepEqual(existing, obj) {
+ return OperationResultNone, nil
+ }
+
+ if err := c.Update(ctx, obj); err != nil {
+ return OperationResultNone, err
+ }
+ return OperationResultUpdated, nil
+}
+
+// CreateOrPatch creates or patches the given object in the Kubernetes
+// cluster. The object's desired state must be reconciled with the before
+// state inside the passed in callback MutateFn.
+//
+// The MutateFn is called regardless of creating or updating an object.
+//
+// It returns the executed operation and an error.
+//
+// Note: changes to any sub-resource other than status will be ignored.
+// Changes to the status sub-resource will only be applied if the object
+// already exist. To change the status on object creation, the easiest
+// way is to requeue the object in the controller if OperationResult is
+// OperationResultCreated
+func CreateOrPatch(ctx context.Context, c client.Client, obj client.Object, f MutateFn) (OperationResult, error) {
+ key := client.ObjectKeyFromObject(obj)
+ if err := c.Get(ctx, key, obj); err != nil {
+ if !apierrors.IsNotFound(err) {
+ return OperationResultNone, err
+ }
+ if f != nil {
+ if err := mutate(f, key, obj); err != nil {
+ return OperationResultNone, err
+ }
+ }
+ if err := c.Create(ctx, obj); err != nil {
+ return OperationResultNone, err
+ }
+ return OperationResultCreated, nil
+ }
+
+ // Create patches for the object and its possible status.
+ objPatch := client.MergeFrom(obj.DeepCopyObject().(client.Object))
+ statusPatch := client.MergeFrom(obj.DeepCopyObject().(client.Object))
+
+ // Create a copy of the original object as well as converting that copy to
+ // unstructured data.
+ before, err := runtime.DefaultUnstructuredConverter.ToUnstructured(obj.DeepCopyObject())
+ if err != nil {
+ return OperationResultNone, err
+ }
+
+ // Attempt to extract the status from the resource for easier comparison later
+ beforeStatus, hasBeforeStatus, err := unstructured.NestedFieldCopy(before, "status")
+ if err != nil {
+ return OperationResultNone, err
+ }
+
+ // If the resource contains a status then remove it from the unstructured
+ // copy to avoid unnecessary patching later.
+ if hasBeforeStatus {
+ unstructured.RemoveNestedField(before, "status")
+ }
+
+ // Mutate the original object.
+ if f != nil {
+ if err := mutate(f, key, obj); err != nil {
+ return OperationResultNone, err
+ }
+ }
+
+ // Convert the resource to unstructured to compare against our before copy.
+ after, err := runtime.DefaultUnstructuredConverter.ToUnstructured(obj)
+ if err != nil {
+ return OperationResultNone, err
+ }
+
+ // Attempt to extract the status from the resource for easier comparison later
+ afterStatus, hasAfterStatus, err := unstructured.NestedFieldCopy(after, "status")
+ if err != nil {
+ return OperationResultNone, err
+ }
+
+ // If the resource contains a status then remove it from the unstructured
+ // copy to avoid unnecessary patching later.
+ if hasAfterStatus {
+ unstructured.RemoveNestedField(after, "status")
+ }
+
+ result := OperationResultNone
+
+ if !reflect.DeepEqual(before, after) {
+ // Only issue a Patch if the before and after resources (minus status) differ
+ if err := c.Patch(ctx, obj, objPatch); err != nil {
+ return result, err
+ }
+ result = OperationResultUpdated
+ }
+
+ if (hasBeforeStatus || hasAfterStatus) && !reflect.DeepEqual(beforeStatus, afterStatus) {
+ // Only issue a Status Patch if the resource has a status and the beforeStatus
+ // and afterStatus copies differ
+ if result == OperationResultUpdated {
+ // If Status was replaced by Patch before, set it to afterStatus
+ objectAfterPatch, err := runtime.DefaultUnstructuredConverter.ToUnstructured(obj)
+ if err != nil {
+ return result, err
+ }
+ if err = unstructured.SetNestedField(objectAfterPatch, afterStatus, "status"); err != nil {
+ return result, err
+ }
+ // If Status was replaced by Patch before, restore patched structure to the obj
+ if err = runtime.DefaultUnstructuredConverter.FromUnstructured(objectAfterPatch, obj); err != nil {
+ return result, err
+ }
+ }
+ if err := c.Status().Patch(ctx, obj, statusPatch); err != nil {
+ return result, err
+ }
+ if result == OperationResultUpdated {
+ result = OperationResultUpdatedStatus
+ } else {
+ result = OperationResultUpdatedStatusOnly
+ }
+ }
+
+ return result, nil
+}
+
+// mutate wraps a MutateFn and applies validation to its result.
+func mutate(f MutateFn, key client.ObjectKey, obj client.Object) error {
+ if err := f(); err != nil {
+ return err
+ }
+ if newKey := client.ObjectKeyFromObject(obj); key != newKey {
+ return fmt.Errorf("MutateFn cannot mutate object name and/or object namespace")
+ }
+ return nil
+}
+
+// MutateFn is a function which mutates the existing object into its desired state.
+type MutateFn func() error
+
+// AddFinalizer accepts an Object and adds the provided finalizer if not present.
+// It returns an indication of whether it updated the object's list of finalizers.
+func AddFinalizer(o client.Object, finalizer string) (finalizersUpdated bool) {
+ f := o.GetFinalizers()
+ for _, e := range f {
+ if e == finalizer {
+ return false
+ }
+ }
+ o.SetFinalizers(append(f, finalizer))
+ return true
+}
+
+// RemoveFinalizer accepts an Object and removes the provided finalizer if present.
+// It returns an indication of whether it updated the object's list of finalizers.
+func RemoveFinalizer(o client.Object, finalizer string) (finalizersUpdated bool) {
+ f := o.GetFinalizers()
+ length := len(f)
+
+ index := 0
+ for i := 0; i < length; i++ {
+ if f[i] == finalizer {
+ continue
+ }
+ f[index] = f[i]
+ index++
+ }
+ o.SetFinalizers(f[:index])
+ return length != index
+}
+
+// ContainsFinalizer checks an Object that the provided finalizer is present.
+func ContainsFinalizer(o client.Object, finalizer string) bool {
+ f := o.GetFinalizers()
+ for _, e := range f {
+ if e == finalizer {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/controller/controllerutil/doc.go b/vendor/sigs.k8s.io/controller-runtime/pkg/controller/controllerutil/doc.go
new file mode 100644
index 000000000..ab386b29c
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/controller/controllerutil/doc.go
@@ -0,0 +1,20 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+/*
+Package controllerutil contains utility functions for working with and implementing Controllers.
+*/
+package controllerutil
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/log/deleg.go b/vendor/sigs.k8s.io/controller-runtime/pkg/log/deleg.go
new file mode 100644
index 000000000..6eb551d3b
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/log/deleg.go
@@ -0,0 +1,208 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package log
+
+import (
+ "sync"
+
+ "github.com/go-logr/logr"
+)
+
+// loggerPromise knows how to populate a concrete logr.Logger
+// with options, given an actual base logger later on down the line.
+type loggerPromise struct {
+ logger *delegatingLogSink
+ childPromises []*loggerPromise
+ promisesLock sync.Mutex
+
+ name *string
+ tags []interface{}
+}
+
+func (p *loggerPromise) WithName(l *delegatingLogSink, name string) *loggerPromise {
+ res := &loggerPromise{
+ logger: l,
+ name: &name,
+ promisesLock: sync.Mutex{},
+ }
+
+ p.promisesLock.Lock()
+ defer p.promisesLock.Unlock()
+ p.childPromises = append(p.childPromises, res)
+ return res
+}
+
+// WithValues provides a new Logger with the tags appended.
+func (p *loggerPromise) WithValues(l *delegatingLogSink, tags ...interface{}) *loggerPromise {
+ res := &loggerPromise{
+ logger: l,
+ tags: tags,
+ promisesLock: sync.Mutex{},
+ }
+
+ p.promisesLock.Lock()
+ defer p.promisesLock.Unlock()
+ p.childPromises = append(p.childPromises, res)
+ return res
+}
+
+// Fulfill instantiates the Logger with the provided logger.
+func (p *loggerPromise) Fulfill(parentLogSink logr.LogSink) {
+ sink := parentLogSink
+ if p.name != nil {
+ sink = sink.WithName(*p.name)
+ }
+
+ if p.tags != nil {
+ sink = sink.WithValues(p.tags...)
+ }
+
+ p.logger.lock.Lock()
+ p.logger.logger = sink
+ if withCallDepth, ok := sink.(logr.CallDepthLogSink); ok {
+ p.logger.logger = withCallDepth.WithCallDepth(1)
+ }
+ p.logger.promise = nil
+ p.logger.lock.Unlock()
+
+ for _, childPromise := range p.childPromises {
+ childPromise.Fulfill(sink)
+ }
+}
+
+// delegatingLogSink is a logsink that delegates to another logr.LogSink.
+// If the underlying promise is not nil, it registers calls to sub-loggers with
+// the logging factory to be populated later, and returns a new delegating
+// logger. It expects to have *some* logr.Logger set at all times (generally
+// a no-op logger before the promises are fulfilled).
+type delegatingLogSink struct {
+ lock sync.RWMutex
+ logger logr.LogSink
+ promise *loggerPromise
+ info logr.RuntimeInfo
+}
+
+// Init implements logr.LogSink.
+func (l *delegatingLogSink) Init(info logr.RuntimeInfo) {
+ eventuallyFulfillRoot()
+ l.lock.Lock()
+ defer l.lock.Unlock()
+ l.info = info
+}
+
+// Enabled tests whether this Logger is enabled. For example, commandline
+// flags might be used to set the logging verbosity and disable some info
+// logs.
+func (l *delegatingLogSink) Enabled(level int) bool {
+ eventuallyFulfillRoot()
+ l.lock.RLock()
+ defer l.lock.RUnlock()
+ return l.logger.Enabled(level)
+}
+
+// Info logs a non-error message with the given key/value pairs as context.
+//
+// The msg argument should be used to add some constant description to
+// the log line. The key/value pairs can then be used to add additional
+// variable information. The key/value pairs should alternate string
+// keys and arbitrary values.
+func (l *delegatingLogSink) Info(level int, msg string, keysAndValues ...interface{}) {
+ eventuallyFulfillRoot()
+ l.lock.RLock()
+ defer l.lock.RUnlock()
+ l.logger.Info(level, msg, keysAndValues...)
+}
+
+// Error logs an error, with the given message and key/value pairs as context.
+// It functions similarly to calling Info with the "error" named value, but may
+// have unique behavior, and should be preferred for logging errors (see the
+// package documentations for more information).
+//
+// The msg field should be used to add context to any underlying error,
+// while the err field should be used to attach the actual error that
+// triggered this log line, if present.
+func (l *delegatingLogSink) Error(err error, msg string, keysAndValues ...interface{}) {
+ eventuallyFulfillRoot()
+ l.lock.RLock()
+ defer l.lock.RUnlock()
+ l.logger.Error(err, msg, keysAndValues...)
+}
+
+// WithName provides a new Logger with the name appended.
+func (l *delegatingLogSink) WithName(name string) logr.LogSink {
+ eventuallyFulfillRoot()
+ l.lock.RLock()
+ defer l.lock.RUnlock()
+
+ if l.promise == nil {
+ sink := l.logger.WithName(name)
+ if withCallDepth, ok := sink.(logr.CallDepthLogSink); ok {
+ sink = withCallDepth.WithCallDepth(-1)
+ }
+ return sink
+ }
+
+ res := &delegatingLogSink{logger: l.logger}
+ promise := l.promise.WithName(res, name)
+ res.promise = promise
+
+ return res
+}
+
+// WithValues provides a new Logger with the tags appended.
+func (l *delegatingLogSink) WithValues(tags ...interface{}) logr.LogSink {
+ eventuallyFulfillRoot()
+ l.lock.RLock()
+ defer l.lock.RUnlock()
+
+ if l.promise == nil {
+ sink := l.logger.WithValues(tags...)
+ if withCallDepth, ok := sink.(logr.CallDepthLogSink); ok {
+ sink = withCallDepth.WithCallDepth(-1)
+ }
+ return sink
+ }
+
+ res := &delegatingLogSink{logger: l.logger}
+ promise := l.promise.WithValues(res, tags...)
+ res.promise = promise
+
+ return res
+}
+
+// Fulfill switches the logger over to use the actual logger
+// provided, instead of the temporary initial one, if this method
+// has not been previously called.
+func (l *delegatingLogSink) Fulfill(actual logr.LogSink) {
+ if actual == nil {
+ actual = NullLogSink{}
+ }
+ if l.promise != nil {
+ l.promise.Fulfill(actual)
+ }
+}
+
+// newDelegatingLogSink constructs a new DelegatingLogSink which uses
+// the given logger before its promise is fulfilled.
+func newDelegatingLogSink(initial logr.LogSink) *delegatingLogSink {
+ l := &delegatingLogSink{
+ logger: initial,
+ promise: &loggerPromise{promisesLock: sync.Mutex{}},
+ }
+ l.promise.logger = l
+ return l
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/log/log.go b/vendor/sigs.k8s.io/controller-runtime/pkg/log/log.go
new file mode 100644
index 000000000..ade21d6fb
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/log/log.go
@@ -0,0 +1,105 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package log contains utilities for fetching a new logger
+// when one is not already available.
+//
+// # The Log Handle
+//
+// This package contains a root logr.Logger Log. It may be used to
+// get a handle to whatever the root logging implementation is. By
+// default, no implementation exists, and the handle returns "promises"
+// to loggers. When the implementation is set using SetLogger, these
+// "promises" will be converted over to real loggers.
+//
+// # Logr
+//
+// All logging in controller-runtime is structured, using a set of interfaces
+// defined by a package called logr
+// (https://pkg.go.dev/github.com/go-logr/logr). The sub-package zap provides
+// helpers for setting up logr backed by Zap (go.uber.org/zap).
+package log
+
+import (
+ "bytes"
+ "context"
+ "fmt"
+ "os"
+ "runtime/debug"
+ "sync/atomic"
+ "time"
+
+ "github.com/go-logr/logr"
+)
+
+// SetLogger sets a concrete logging implementation for all deferred Loggers.
+func SetLogger(l logr.Logger) {
+ logFullfilled.Store(true)
+ rootLog.Fulfill(l.GetSink())
+}
+
+func eventuallyFulfillRoot() {
+ if logFullfilled.Load() {
+ return
+ }
+ if time.Since(rootLogCreated).Seconds() >= 30 {
+ if logFullfilled.CompareAndSwap(false, true) {
+ stack := debug.Stack()
+ stackLines := bytes.Count(stack, []byte{'\n'})
+ sep := []byte{'\n', '\t', '>', ' ', ' '}
+
+ fmt.Fprintf(os.Stderr,
+ "[controller-runtime] log.SetLogger(...) was never called; logs will not be displayed.\nDetected at:%s%s", sep,
+ // prefix every line, so it's clear this is a stack trace related to the above message
+ bytes.Replace(stack, []byte{'\n'}, sep, stackLines-1),
+ )
+ SetLogger(logr.New(NullLogSink{}))
+ }
+ }
+}
+
+var (
+ logFullfilled atomic.Bool
+)
+
+// Log is the base logger used by kubebuilder. It delegates
+// to another logr.Logger. You *must* call SetLogger to
+// get any actual logging. If SetLogger is not called within
+// the first 30 seconds of a binaries lifetime, it will get
+// set to a NullLogSink.
+var (
+ rootLog, rootLogCreated = func() (*delegatingLogSink, time.Time) {
+ return newDelegatingLogSink(NullLogSink{}), time.Now()
+ }()
+ Log = logr.New(rootLog)
+)
+
+// FromContext returns a logger with predefined values from a context.Context.
+func FromContext(ctx context.Context, keysAndValues ...interface{}) logr.Logger {
+ log := Log
+ if ctx != nil {
+ if logger, err := logr.FromContext(ctx); err == nil {
+ log = logger
+ }
+ }
+ return log.WithValues(keysAndValues...)
+}
+
+// IntoContext takes a context and sets the logger as one of its values.
+// Use FromContext function to retrieve the logger.
+func IntoContext(ctx context.Context, log logr.Logger) context.Context {
+ return logr.NewContext(ctx, log)
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/log/null.go b/vendor/sigs.k8s.io/controller-runtime/pkg/log/null.go
new file mode 100644
index 000000000..f3e81074f
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/log/null.go
@@ -0,0 +1,59 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package log
+
+import (
+ "github.com/go-logr/logr"
+)
+
+// NB: this is the same as the null logger logr/testing,
+// but avoids accidentally adding the testing flags to
+// all binaries.
+
+// NullLogSink is a logr.Logger that does nothing.
+type NullLogSink struct{}
+
+var _ logr.LogSink = NullLogSink{}
+
+// Init implements logr.LogSink.
+func (log NullLogSink) Init(logr.RuntimeInfo) {
+}
+
+// Info implements logr.InfoLogger.
+func (NullLogSink) Info(_ int, _ string, _ ...interface{}) {
+ // Do nothing.
+}
+
+// Enabled implements logr.InfoLogger.
+func (NullLogSink) Enabled(level int) bool {
+ return false
+}
+
+// Error implements logr.Logger.
+func (NullLogSink) Error(_ error, _ string, _ ...interface{}) {
+ // Do nothing.
+}
+
+// WithName implements logr.Logger.
+func (log NullLogSink) WithName(_ string) logr.LogSink {
+ return log
+}
+
+// WithValues implements logr.Logger.
+func (log NullLogSink) WithValues(_ ...interface{}) logr.LogSink {
+ return log
+}
diff --git a/vendor/sigs.k8s.io/controller-runtime/pkg/log/warning_handler.go b/vendor/sigs.k8s.io/controller-runtime/pkg/log/warning_handler.go
new file mode 100644
index 000000000..e9522632d
--- /dev/null
+++ b/vendor/sigs.k8s.io/controller-runtime/pkg/log/warning_handler.go
@@ -0,0 +1,76 @@
+/*
+Copyright 2018 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package log
+
+import (
+ "sync"
+
+ "github.com/go-logr/logr"
+)
+
+// KubeAPIWarningLoggerOptions controls the behavior
+// of a rest.WarningHandler constructed using NewKubeAPIWarningLogger().
+type KubeAPIWarningLoggerOptions struct {
+ // Deduplicate indicates a given warning message should only be written once.
+ // Setting this to true in a long-running process handling many warnings can
+ // result in increased memory use.
+ Deduplicate bool
+}
+
+// KubeAPIWarningLogger is a wrapper around
+// a provided logr.Logger that implements the
+// rest.WarningHandler interface.
+type KubeAPIWarningLogger struct {
+ // logger is used to log responses with the warning header
+ logger logr.Logger
+ // opts contain options controlling warning output
+ opts KubeAPIWarningLoggerOptions
+ // writtenLock gurads written
+ writtenLock sync.Mutex
+ // used to keep track of already logged messages
+ // and help in de-duplication.
+ written map[string]struct{}
+}
+
+// HandleWarningHeader handles logging for responses from API server that are
+// warnings with code being 299 and uses a logr.Logger for its logging purposes.
+func (l *KubeAPIWarningLogger) HandleWarningHeader(code int, agent string, message string) {
+ if code != 299 || len(message) == 0 {
+ return
+ }
+
+ if l.opts.Deduplicate {
+ l.writtenLock.Lock()
+ defer l.writtenLock.Unlock()
+
+ if _, alreadyLogged := l.written[message]; alreadyLogged {
+ return
+ }
+ l.written[message] = struct{}{}
+ }
+ l.logger.Info(message)
+}
+
+// NewKubeAPIWarningLogger returns an implementation of rest.WarningHandler that logs warnings
+// with code = 299 to the provided logr.Logger.
+func NewKubeAPIWarningLogger(l logr.Logger, opts KubeAPIWarningLoggerOptions) *KubeAPIWarningLogger {
+ h := &KubeAPIWarningLogger{logger: l, opts: opts}
+ if opts.Deduplicate {
+ h.written = map[string]struct{}{}
+ }
+ return h
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/LICENSE b/vendor/sigs.k8s.io/e2e-framework/LICENSE
new file mode 100644
index 000000000..8dada3eda
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/LICENSE
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "{}"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright {yyyy} {name of copyright owner}
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/client.go b/vendor/sigs.k8s.io/e2e-framework/klient/client.go
new file mode 100644
index 000000000..dd0504770
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/client.go
@@ -0,0 +1,90 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package klient
+
+import (
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/client-go/rest"
+ klog "k8s.io/klog/v2"
+ cr "sigs.k8s.io/controller-runtime/pkg/client"
+ "sigs.k8s.io/controller-runtime/pkg/log"
+ "sigs.k8s.io/e2e-framework/klient/conf"
+ "sigs.k8s.io/e2e-framework/klient/k8s/resources"
+)
+
+// Client stores values to interact with the
+// API-server.
+type Client interface {
+ // RESTConfig returns the *rest.Config associated with this client.
+ RESTConfig() *rest.Config
+ // Resources returns a *Resources type to access resource CRUD operations.
+ // This method takes zero or at most 1 namespace (more will panic) that
+ // can be used in List operations.
+ Resources(...string) *resources.Resources
+}
+
+type client struct {
+ cfg *rest.Config
+ resources *resources.Resources
+}
+
+// NewControllerRuntimeClient provides an instance of the Controller runtime client with
+// the provided rest config and custom runtime scheme.
+func NewControllerRuntimeClient(cfg *rest.Config, scheme *runtime.Scheme) (cr.Client, error) {
+ return cr.New(cfg, cr.Options{Scheme: scheme})
+}
+
+// New returns a new Client value
+func New(cfg *rest.Config) (Client, error) {
+ res, err := resources.New(cfg)
+ if err != nil {
+ return nil, err
+ }
+ return &client{cfg: cfg, resources: res}, nil
+}
+
+// NewWithKubeConfigFile creates a client using the kubeconfig filePath
+func NewWithKubeConfigFile(filePath string) (Client, error) {
+ cfg, err := conf.New(filePath)
+ if err != nil {
+ return nil, err
+ }
+ return New(cfg)
+}
+
+// RESTConfig returns the *rest.Config value associated
+// with this client.
+func (c *client) RESTConfig() *rest.Config {
+ return c.cfg
+}
+
+// Resources returns *Resources value to access CRUD object
+// operations. It takes 0 or, at most, 1 namespace, or panics.
+func (c *client) Resources(namespace ...string) *resources.Resources {
+ switch len(namespace) {
+ case 0:
+ return c.resources.WithNamespace("")
+ case 1:
+ return c.resources.WithNamespace(namespace[0])
+ default:
+ panic("too many namespaces provided")
+ }
+}
+
+func init() {
+ log.SetLogger(klog.NewKlogr())
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/conf/config.go b/vendor/sigs.k8s.io/e2e-framework/klient/conf/config.go
new file mode 100644
index 000000000..5e57f80fb
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/conf/config.go
@@ -0,0 +1,152 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package conf is used to create an instance of *rest.Config
+package conf
+
+import (
+ "errors"
+ "flag"
+ "os"
+ "os/user"
+ "path"
+
+ "k8s.io/client-go/rest"
+ "k8s.io/client-go/tools/clientcmd"
+)
+
+// DefaultClusterContext default cluster context
+var DefaultClusterContext = ""
+
+// New returns Kubernetes configuration value of type *rest.Config.
+// filename is kubeconfig file
+func New(fileName string) (*rest.Config, error) {
+ var resolvedKubeConfigFile string
+ kubeContext := ResolveClusterContext()
+
+ // resolve the kubeconfig file
+ resolvedKubeConfigFile = fileName
+ if fileName == "" {
+ resolvedKubeConfigFile = ResolveKubeConfigFile()
+ }
+
+ // if resolvedKubeConfigFile is still empty, assume in-cluster config
+ if resolvedKubeConfigFile == "" {
+ if kubeContext == "" {
+ return rest.InClusterConfig()
+ }
+ // if in-cluster can't use the --kubeContext flag
+ return nil, errors.New("cannot use a cluster context without a valid kubeconfig file")
+ }
+
+ // set the desired context if provided
+ if kubeContext != "" {
+ return NewWithContextName(resolvedKubeConfigFile, kubeContext)
+ }
+
+ // create the config object from resolvedKubeConfigFile without a context
+ return clientcmd.NewNonInteractiveDeferredLoadingClientConfig(
+ &clientcmd.ClientConfigLoadingRules{ExplicitPath: resolvedKubeConfigFile}, &clientcmd.ConfigOverrides{}).ClientConfig()
+}
+
+// NewWithContextName returns k8s config value of type *rest.Config
+func NewWithContextName(fileName, context string) (*rest.Config, error) {
+ // create the config object from k8s config path and context
+ return clientcmd.NewNonInteractiveDeferredLoadingClientConfig(
+ &clientcmd.ClientConfigLoadingRules{ExplicitPath: fileName},
+ &clientcmd.ConfigOverrides{
+ CurrentContext: context,
+ }).ClientConfig()
+}
+
+// NewInCluster for clients that expect to be
+// running inside a pod on kubernetes
+func NewInCluster() (*rest.Config, error) {
+ return rest.InClusterConfig()
+}
+
+// ResolveKubeConfigFile returns the kubeconfig file from
+// either flag --kubeconfig or env KUBECONFIG.
+// If flag.Parsed() is true then lookup for --kubeconfig flag.
+// If --kubeconfig, or KUBECONFIG, or $HOME/.kube/config not provided then
+// assume in cluster.
+func ResolveKubeConfigFile() string {
+ var kubeConfigPath string
+
+ // If a flag --kubeconfig is specified with the config location, use that
+ if flag.Parsed() {
+ f := flag.Lookup("kubeconfig")
+ if f != nil && f.Value.String() != "" {
+ return f.Value.String()
+ }
+ }
+
+ // if KUBECONFIG env is defined then use that
+ kubeConfigPath = os.Getenv(clientcmd.RecommendedConfigPathEnvVar)
+ if kubeConfigPath != "" {
+ return kubeConfigPath
+ }
+
+ var (
+ homeDir string
+ ok bool
+ )
+
+ // check if $HOME/.kube/config is present
+ // if $HOME is unset, get it from current user
+ if homeDir, ok = os.LookupEnv("HOME"); !ok {
+ u, err := user.Current()
+ if err != nil {
+ // consider it as in-cluster-config
+ return ""
+ }
+
+ kubeConfigPath = path.Join(u.HomeDir, clientcmd.RecommendedHomeDir, clientcmd.RecommendedFileName)
+ } else {
+ kubeConfigPath = path.Join(homeDir, clientcmd.RecommendedHomeDir, clientcmd.RecommendedFileName)
+ }
+
+ // check if the config path exists
+ if fileExists(kubeConfigPath) {
+ return kubeConfigPath
+ }
+
+ return ""
+}
+
+// ResolveClusterContext returns cluster context name based on --context flag.
+func ResolveClusterContext() string {
+ // If a flag --context is specified use that
+ if flag.Parsed() {
+ f := flag.Lookup("context")
+ if f != nil {
+ return f.Value.String()
+ }
+ }
+
+ return ""
+}
+
+// fileExists reports whether the named file or directory exists.
+func fileExists(filePath string) bool {
+ if _, err := os.Stat(filePath); err != nil {
+ if os.IsNotExist(err) {
+ return false
+ }
+ }
+
+ return true
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/decoder/decoder.go b/vendor/sigs.k8s.io/e2e-framework/klient/decoder/decoder.go
new file mode 100644
index 000000000..95e18af76
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/decoder/decoder.go
@@ -0,0 +1,361 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package decoder
+
+import (
+ "bufio"
+ "bytes"
+ "context"
+ "errors"
+ "fmt"
+ "io"
+ "io/fs"
+ "os"
+ "strings"
+
+ apierrors "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/runtime/schema"
+ "k8s.io/apimachinery/pkg/runtime/serializer"
+ "k8s.io/apimachinery/pkg/util/yaml"
+ "k8s.io/client-go/kubernetes/scheme"
+ klog "k8s.io/klog/v2"
+ "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
+ "sigs.k8s.io/controller-runtime/pkg/log"
+ "sigs.k8s.io/e2e-framework/klient/k8s"
+ "sigs.k8s.io/e2e-framework/klient/k8s/resources"
+)
+
+// Options are a set of configurations used to instruct the decoding process and otherwise
+// alter the output of decoding operations.
+type Options struct {
+ DefaultGVK *schema.GroupVersionKind
+ MutateFuncs []MutateFunc
+}
+
+// DecodeOption is a function that alters the configuration Options used to decode and optionally mutate objects via MutateFuncs
+type DecodeOption func(*Options)
+
+// MutateFunc is a function executed after an object is decoded to alter its state in a pre-defined way, and can be used to apply defaults.
+// Returning an error halts decoding of any further objects.
+type MutateFunc func(obj k8s.Object) error
+
+// HandlerFunc is a function executed after an object has been decoded and patched. If an error is returned, further decoding is halted.
+type HandlerFunc func(ctx context.Context, obj k8s.Object) error
+
+// DecodeEachFile resolves files at the filesystem matching the pattern, decoding JSON or YAML files. Supports multi-document files.
+//
+// If handlerFn returns an error, decoding is halted.
+// Options may be provided to configure the behavior of the decoder.
+func DecodeEachFile(ctx context.Context, fsys fs.FS, pattern string, handlerFn HandlerFunc, options ...DecodeOption) error {
+ files, err := fs.Glob(fsys, pattern)
+ if err != nil {
+ return err
+ }
+ for _, file := range files {
+ f, err := fsys.Open(file)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+ if err := DecodeEach(ctx, f, handlerFn, options...); err != nil {
+ return err
+ }
+ if err := f.Close(); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+// DecodeAllFiles resolves files at the filesystem matching the pattern, decoding JSON or YAML files. Supports multi-document files.
+// Falls back to the unstructured.Unstructured type if a matching type cannot be found for the Kind.
+// Options may be provided to configure the behavior of the decoder.
+func DecodeAllFiles(ctx context.Context, fsys fs.FS, pattern string, options ...DecodeOption) ([]k8s.Object, error) {
+ objects := []k8s.Object{}
+ err := DecodeEachFile(ctx, fsys, pattern, func(ctx context.Context, obj k8s.Object) error {
+ objects = append(objects, obj)
+ return nil
+ }, options...)
+ return objects, err
+}
+
+// ApplyWithManifestDir resolves all the files in the Directory dirPath against the globbing pattern and creates a kubernetes
+// resource for each of the resources found under the manifest directory.
+func ApplyWithManifestDir(ctx context.Context, r *resources.Resources, dirPath, pattern string, createOptions []resources.CreateOption, options ...DecodeOption) error {
+ err := DecodeEachFile(ctx, os.DirFS(dirPath), pattern, CreateHandler(r, createOptions...), options...)
+ return err
+}
+
+// DeleteWithManifestDir does the reverse of ApplyUsingManifestDir does. This will resolve all files in the dirPath against the pattern and then
+// delete those kubernetes resources found under the manifest directory.
+func DeleteWithManifestDir(ctx context.Context, r *resources.Resources, dirPath, pattern string, deleteOptions []resources.DeleteOption, options ...DecodeOption) error {
+ err := DecodeEachFile(ctx, os.DirFS(dirPath), pattern, DeleteHandler(r, deleteOptions...), options...)
+ return err
+}
+
+// Decode a stream of documents of any Kind using either the innate typing of the scheme.
+// Falls back to the unstructured.Unstructured type if a matching type cannot be found for the Kind.
+//
+// If handlerFn returns an error, decoding is halted.
+// Options may be provided to configure the behavior of the decoder.
+func DecodeEach(ctx context.Context, manifest io.Reader, handlerFn HandlerFunc, options ...DecodeOption) error {
+ decoder := yaml.NewYAMLReader(bufio.NewReader(manifest))
+ for {
+ b, err := decoder.Read()
+ if errors.Is(err, io.EOF) {
+ break
+ } else if err != nil {
+ return err
+ }
+ obj, err := DecodeAny(bytes.NewReader(b), options...)
+ if err != nil {
+ // Skip the Missing Kind entries. This will avoid unwanted failures of the yaml apply workflow in cases
+ // if the file has an empty item with just comments in it.
+ if runtime.IsMissingKind(err) {
+ klog.V(2).InfoS("Skipping document with missing Kind", "document", strings.TrimSpace(string(b)))
+ continue
+ }
+ return err
+ }
+ if err := handlerFn(ctx, obj); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+// DecodeAll is a stream of documents of any Kind using either the innate typing of the scheme.
+// Falls back to the unstructured.Unstructured type if a matching type cannot be found for the Kind.
+// Options may be provided to configure the behavior of the decoder.
+func DecodeAll(ctx context.Context, manifest io.Reader, options ...DecodeOption) ([]k8s.Object, error) {
+ objects := []k8s.Object{}
+ err := DecodeEach(ctx, manifest, func(ctx context.Context, obj k8s.Object) error {
+ objects = append(objects, obj)
+ return nil
+ }, options...)
+ return objects, err
+}
+
+// DecodeAny decodes any single-document YAML or JSON input using either the innate typing of the scheme.
+// Falls back to the unstructured.Unstructured type if a matching type cannot be found for the Kind.
+// Options may be provided to configure the behavior of the decoder.
+func DecodeAny(manifest io.Reader, options ...DecodeOption) (k8s.Object, error) {
+ decodeOpt := &Options{}
+ for _, opt := range options {
+ opt(decodeOpt)
+ }
+
+ k8sDecoder := serializer.NewCodecFactory(scheme.Scheme).UniversalDeserializer().Decode
+ b, err := io.ReadAll(manifest)
+ if err != nil {
+ return nil, err
+ }
+ runtimeObj, _, err := k8sDecoder(b, decodeOpt.DefaultGVK, nil)
+ if runtime.IsNotRegisteredError(err) {
+ // fallback to the unstructured.Unstructured type if a type is not registered for the Object to be decoded
+ runtimeObj = &unstructured.Unstructured{}
+ if err := yaml.Unmarshal(b, runtimeObj); err != nil {
+ return nil, err
+ }
+ } else if err != nil {
+ return nil, err
+ }
+ obj, ok := runtimeObj.(k8s.Object)
+ if !ok {
+ return nil, err
+ }
+ for _, patch := range decodeOpt.MutateFuncs {
+ if err := patch(obj); err != nil {
+ return nil, err
+ }
+ }
+ return obj, nil
+}
+
+// Decode a single-document YAML or JSON file into the provided object. Patches are applied
+// after decoding to the object to update the loaded resource.
+func Decode(manifest io.Reader, obj k8s.Object, options ...DecodeOption) error {
+ decodeOpt := &Options{}
+ for _, opt := range options {
+ opt(decodeOpt)
+ }
+ if err := yaml.NewYAMLOrJSONDecoder(manifest, 1024).Decode(obj); err != nil {
+ return err
+ }
+ for _, patch := range decodeOpt.MutateFuncs {
+ if err := patch(obj); err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+// DecodeFile decodes a single-document YAML or JSON file into the provided object. Patches are applied
+// after decoding to the object to update the loaded resource.
+func DecodeFile(fsys fs.FS, manifestPath string, obj k8s.Object, options ...DecodeOption) error {
+ f, err := fsys.Open(manifestPath)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+ return Decode(f, obj, options...)
+}
+
+// DecodeString decodes a single-document YAML or JSON string into the provided object. Patches are applied
+// after decoding to the object to update the loaded resource.
+func DecodeString(rawManifest string, obj k8s.Object, options ...DecodeOption) error {
+ return Decode(strings.NewReader(rawManifest), obj, options...)
+}
+
+// DefaultGVK instructs the decoder to use the given type to look up the appropriate Go type to decode into
+// instead of its default behavior of deciding this by decoding the Group, Version, and Kind fields.
+func DefaultGVK(defaults *schema.GroupVersionKind) DecodeOption {
+ return func(do *Options) {
+ do.DefaultGVK = defaults
+ }
+}
+
+// MutateOption can be used to add a custom MutateFunc to the DecodeOption
+// used to configure the decoding of objects
+func MutateOption(m MutateFunc) DecodeOption {
+ return func(do *Options) {
+ do.MutateFuncs = append(do.MutateFuncs, m)
+ }
+}
+
+// MutateLabels is an optional parameter to decoding functions that will patch an objects metadata.labels
+func MutateLabels(overrides map[string]string) DecodeOption {
+ return MutateOption(func(obj k8s.Object) error {
+ labels := obj.GetLabels()
+ if labels == nil {
+ labels = make(map[string]string)
+ obj.SetLabels(labels)
+ }
+ for key, value := range overrides {
+ labels[key] = value
+ }
+ return nil
+ })
+}
+
+// MutateAnnotations is an optional parameter to decoding functions that will patch an objects metadata.annotations
+func MutateAnnotations(overrides map[string]string) DecodeOption {
+ return MutateOption(func(obj k8s.Object) error {
+ annotations := obj.GetAnnotations()
+ if annotations == nil {
+ annotations = make(map[string]string)
+ obj.SetAnnotations(annotations)
+ }
+ for key, value := range overrides {
+ annotations[key] = value
+ }
+ return nil
+ })
+}
+
+// MutateOwnerAnnotations is an optional parameter to decoding functions that will patch objects using the given owner object
+func MutateOwnerAnnotations(owner k8s.Object) DecodeOption {
+ return MutateOption(func(obj k8s.Object) error {
+ return controllerutil.SetOwnerReference(owner, obj, scheme.Scheme)
+ })
+}
+
+// MutateNamespace is an optional parameter to decoding functions that will patch objects with the given namespace name
+func MutateNamespace(namespace string) DecodeOption {
+ return MutateOption(func(obj k8s.Object) error {
+ obj.SetNamespace(namespace)
+ return nil
+ })
+}
+
+// CreateHandler returns a HandlerFunc that will create objects
+func CreateHandler(r *resources.Resources, opts ...resources.CreateOption) HandlerFunc {
+ return func(ctx context.Context, obj k8s.Object) error {
+ return r.Create(ctx, obj, opts...)
+ }
+}
+
+// ReadHandler returns a HandlerFunc that will use the provided object's Kind / Namespace / Name to retrieve
+// the current state of the object using the provided Resource client.
+// This helper makes it easy to use a stale reference to an object to retrieve its current version.
+func ReadHandler(r *resources.Resources, handler HandlerFunc) HandlerFunc {
+ return func(ctx context.Context, obj k8s.Object) error {
+ name := obj.GetName()
+ namespace := obj.GetNamespace()
+ // use scheme.Scheme to generate a new, empty object to use as a base for decoding into
+ gvk := obj.GetObjectKind().GroupVersionKind()
+ o, err := scheme.Scheme.New(gvk)
+ if err != nil {
+ return fmt.Errorf("resources: GroupVersionKind not found in scheme: %s", gvk.String())
+ }
+ obj, ok := o.(k8s.Object)
+ if !ok {
+ return fmt.Errorf("resources: unexpected type %T does not satisfy k8s.Object", obj)
+ }
+ if err := r.Get(ctx, name, namespace, obj); err != nil {
+ return err
+ }
+ return handler(ctx, obj)
+ }
+}
+
+// UpdateHandler returns a HandlerFunc that will update objects
+func UpdateHandler(r *resources.Resources, opts ...resources.UpdateOption) HandlerFunc {
+ return func(ctx context.Context, obj k8s.Object) error {
+ return r.Update(ctx, obj, opts...)
+ }
+}
+
+// DeleteHandler returns a HandlerFunc that will delete objects
+func DeleteHandler(r *resources.Resources, opts ...resources.DeleteOption) HandlerFunc {
+ return func(ctx context.Context, obj k8s.Object) error {
+ return r.Delete(ctx, obj, opts...)
+ }
+}
+
+// IgnoreErrorHandler returns a HandlerFunc that will ignore the provided error if the errorMatcher returns true
+func IgnoreErrorHandler(handler HandlerFunc, errorMatcher func(err error) bool) HandlerFunc {
+ return func(ctx context.Context, obj k8s.Object) error {
+ if err := handler(ctx, obj); err != nil && !errorMatcher(err) {
+ return err
+ }
+ return nil
+ }
+}
+
+// NoopHandler returns a Handler func that only returns nil
+func NoopHandler(_ *resources.Resources, _ ...resources.DeleteOption) HandlerFunc {
+ return func(ctx context.Context, obj k8s.Object) error {
+ return nil
+ }
+}
+
+// CreateIgnoreAlreadyExists returns a HandlerFunc that will create objects if they do not already exist
+func CreateIgnoreAlreadyExists(r *resources.Resources, opts ...resources.CreateOption) HandlerFunc {
+ return IgnoreErrorHandler(CreateHandler(r, opts...), apierrors.IsAlreadyExists)
+}
+
+// DeleteIgnoreNotFound returns a HandlerFunc that will delete objects if they do not already exist
+func DeleteIgnoreNotFound(r *resources.Resources, opts ...resources.DeleteOption) HandlerFunc {
+ return IgnoreErrorHandler(DeleteHandler(r, opts...), apierrors.IsNotFound)
+}
+
+func init() {
+ log.SetLogger(klog.NewKlogr())
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/k8s/object.go b/vendor/sigs.k8s.io/e2e-framework/klient/k8s/object.go
new file mode 100644
index 000000000..aa0df8066
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/k8s/object.go
@@ -0,0 +1,46 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package k8s
+
+import (
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/types"
+)
+
+// Object is a union type that can represent either typed objects
+// of type metav1.Object or dynamic objects of type runtime.object.
+type Object interface {
+ metav1.Object
+ runtime.Object
+}
+
+// ObjectList is a Kubernetes object list, allows functions to work
+// with any resource that implements both runtime.Object and
+// metav1.ListInterface interfaces.
+type ObjectList interface {
+ metav1.ListInterface
+ runtime.Object
+}
+
+// Patch is a patch that can be applied to a Kubernetes object.
+type Patch struct {
+ // PatchType is the type of the patch.
+ PatchType types.PatchType
+ // Data is the raw data representing the patch.
+ Data []byte
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/k8s/resources/resources.go b/vendor/sigs.k8s.io/e2e-framework/klient/k8s/resources/resources.go
new file mode 100644
index 000000000..5ddd0a22a
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/k8s/resources/resources.go
@@ -0,0 +1,334 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package resources
+
+import (
+ "bytes"
+ "context"
+ "errors"
+ "time"
+
+ v1 "k8s.io/api/core/v1"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "k8s.io/apimachinery/pkg/fields"
+ "k8s.io/apimachinery/pkg/labels"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/client-go/kubernetes"
+ "k8s.io/client-go/kubernetes/scheme"
+ "k8s.io/client-go/rest"
+ "k8s.io/client-go/tools/remotecommand"
+ klog "k8s.io/klog/v2"
+ cr "sigs.k8s.io/controller-runtime/pkg/client"
+ "sigs.k8s.io/controller-runtime/pkg/log"
+
+ "sigs.k8s.io/e2e-framework/klient/k8s"
+ "sigs.k8s.io/e2e-framework/klient/k8s/watcher"
+)
+
+type Resources struct {
+ // config is the rest.Config to talk to an apiserver
+ config *rest.Config
+
+ // scheme will be used to map go structs to GroupVersionKinds
+ scheme *runtime.Scheme
+
+ // client is a wrapper for controller runtime client
+ client cr.Client
+
+ // namespace for namespaced object requests
+ namespace string
+}
+
+// New instantiates the controller runtime client
+// object. User can get panic for belopw scenarios.
+// 1. if user does not provide k8s config
+// 2. if controller runtime client instantiation fails.
+func New(cfg *rest.Config) (*Resources, error) {
+ if cfg == nil {
+ return nil, errors.New("must provide rest.Config")
+ }
+
+ cl, err := cr.New(cfg, cr.Options{Scheme: scheme.Scheme})
+ if err != nil {
+ return nil, err
+ }
+
+ res := &Resources{
+ config: cfg,
+ scheme: scheme.Scheme,
+ client: cl,
+ }
+
+ return res, nil
+}
+
+// GetConfig hepls to get config type *rest.Config
+func (r *Resources) GetConfig() *rest.Config {
+ return r.config
+}
+
+func (r *Resources) WithNamespace(ns string) *Resources {
+ r.namespace = ns
+ return r
+}
+
+func (r *Resources) Get(ctx context.Context, name, namespace string, obj k8s.Object) error {
+ return r.client.Get(ctx, cr.ObjectKey{Namespace: namespace, Name: name}, obj)
+}
+
+type CreateOption func(*metav1.CreateOptions)
+
+func (r *Resources) Create(ctx context.Context, obj k8s.Object, opts ...CreateOption) error {
+ createOptions := &metav1.CreateOptions{}
+ for _, fn := range opts {
+ fn(createOptions)
+ }
+
+ o := &cr.CreateOptions{
+ Raw: createOptions,
+ DryRun: createOptions.DryRun,
+ FieldManager: createOptions.FieldManager,
+ }
+
+ return r.client.Create(ctx, obj, o)
+}
+
+type UpdateOption func(*metav1.UpdateOptions)
+
+func (r *Resources) Update(ctx context.Context, obj k8s.Object, opts ...UpdateOption) error {
+ updateOptions := &metav1.UpdateOptions{}
+ for _, fn := range opts {
+ fn(updateOptions)
+ }
+
+ o := &cr.UpdateOptions{
+ Raw: updateOptions,
+ DryRun: updateOptions.DryRun,
+ FieldManager: updateOptions.FieldManager,
+ }
+ return r.client.Update(ctx, obj, o)
+}
+
+// UpdateSubresource updates the subresource of the object
+func (r *Resources) UpdateSubresource(ctx context.Context, obj k8s.Object, subresource string, opts ...UpdateOption) error {
+ updateOptions := &metav1.UpdateOptions{}
+ for _, fn := range opts {
+ fn(updateOptions)
+ }
+
+ uo := cr.UpdateOptions{Raw: updateOptions}
+ o := &cr.SubResourceUpdateOptions{UpdateOptions: uo}
+ return r.client.SubResource(subresource).Update(ctx, obj, o)
+}
+
+// UpdateStatus updates the status of the object
+func (r *Resources) UpdateStatus(ctx context.Context, obj k8s.Object, opts ...UpdateOption) error {
+ return r.UpdateSubresource(ctx, obj, "status", opts...)
+}
+
+type DeleteOption func(*metav1.DeleteOptions)
+
+func (r *Resources) Delete(ctx context.Context, obj k8s.Object, opts ...DeleteOption) error {
+ deleteOptions := &metav1.DeleteOptions{}
+ for _, fn := range opts {
+ fn(deleteOptions)
+ }
+
+ o := &cr.DeleteOptions{
+ Raw: deleteOptions,
+ GracePeriodSeconds: deleteOptions.GracePeriodSeconds,
+ Preconditions: deleteOptions.Preconditions,
+ PropagationPolicy: deleteOptions.PropagationPolicy,
+ DryRun: deleteOptions.DryRun,
+ }
+ return r.client.Delete(ctx, obj, o)
+}
+
+func WithGracePeriod(gpt time.Duration) DeleteOption {
+ t := gpt.Milliseconds()
+ return func(do *metav1.DeleteOptions) { do.GracePeriodSeconds = &t }
+}
+
+func WithDeletePropagation(prop string) DeleteOption {
+ p := metav1.DeletionPropagation(prop)
+ return func(do *metav1.DeleteOptions) { do.PropagationPolicy = &p }
+}
+
+type ListOption func(*metav1.ListOptions)
+
+func (r *Resources) List(ctx context.Context, objs k8s.ObjectList, opts ...ListOption) error {
+ listOptions := &metav1.ListOptions{}
+
+ for _, fn := range opts {
+ fn(listOptions)
+ }
+
+ ls, err := labels.Parse(listOptions.LabelSelector)
+ if err != nil {
+ return err
+ }
+ fs, err := fields.ParseSelector(listOptions.FieldSelector)
+ if err != nil {
+ return err
+ }
+
+ o := &cr.ListOptions{
+ Raw: listOptions,
+ FieldSelector: fs,
+ LabelSelector: ls,
+ Continue: listOptions.Continue,
+ Limit: listOptions.Limit,
+ }
+ if r.namespace != "" {
+ o.Namespace = r.namespace
+ }
+
+ return r.client.List(ctx, objs, o)
+}
+
+func WithLabelSelector(sel string) ListOption {
+ return func(lo *metav1.ListOptions) { lo.LabelSelector = sel }
+}
+
+func WithFieldSelector(sel string) ListOption {
+ return func(lo *metav1.ListOptions) { lo.FieldSelector = sel }
+}
+
+func WithTimeout(to time.Duration) ListOption {
+ t := to.Milliseconds()
+ return func(lo *metav1.ListOptions) { lo.TimeoutSeconds = &t }
+}
+
+// PatchOption is used to provide additional arguments to the Patch call.
+type PatchOption func(*metav1.PatchOptions)
+
+// Patch patches portion of object `obj` with data from object `patch`
+func (r *Resources) Patch(ctx context.Context, obj k8s.Object, patch k8s.Patch, opts ...PatchOption) error {
+ patchOptions := &metav1.PatchOptions{}
+
+ for _, fn := range opts {
+ fn(patchOptions)
+ }
+
+ p := cr.RawPatch(patch.PatchType, patch.Data)
+
+ o := &cr.PatchOptions{
+ Raw: patchOptions,
+ DryRun: patchOptions.DryRun,
+ Force: patchOptions.Force,
+ FieldManager: patchOptions.FieldManager,
+ }
+ return r.client.Patch(ctx, obj, p, o)
+}
+
+// PatchSubresource patches portion of object `obj` with data from object `patch`
+func (r *Resources) PatchSubresource(ctx context.Context, obj k8s.Object, subresource string, patch k8s.Patch, opts ...PatchOption) error {
+ patchOptions := &metav1.PatchOptions{}
+
+ for _, fn := range opts {
+ fn(patchOptions)
+ }
+
+ p := cr.RawPatch(patch.PatchType, patch.Data)
+
+ po := cr.PatchOptions{Raw: patchOptions}
+ o := &cr.SubResourcePatchOptions{PatchOptions: po}
+ return r.client.SubResource(subresource).Patch(ctx, obj, p, o)
+}
+
+// PatchStatus patches portion of object `obj` with data from object `patch`
+func (r *Resources) PatchStatus(ctx context.Context, objs k8s.Object, patch k8s.Patch, opts ...PatchOption) error {
+ return r.PatchSubresource(ctx, objs, "status", patch, opts...)
+}
+
+// Annotate attach annotations to an existing resource objec
+func (r *Resources) Annotate(obj k8s.Object, annotation map[string]string) {
+ obj.SetAnnotations(annotation)
+}
+
+// Label apply labels to an existing resources.
+func (r *Resources) Label(obj k8s.Object, label map[string]string) {
+ obj.SetLabels(label)
+}
+
+func (r *Resources) GetScheme() *runtime.Scheme {
+ return r.scheme
+}
+
+// GetClient return the controller-runtime client instance
+func (r *Resources) GetControllerRuntimeClient() cr.Client {
+ return r.client
+}
+
+func (r *Resources) Watch(object k8s.ObjectList, opts ...ListOption) *watcher.EventHandlerFuncs {
+ listOptions := &metav1.ListOptions{}
+
+ for _, fn := range opts {
+ fn(listOptions)
+ }
+
+ o := &cr.ListOptions{Raw: listOptions}
+
+ return &watcher.EventHandlerFuncs{
+ ListOptions: o,
+ K8sObject: object,
+ Cfg: r.GetConfig(),
+ }
+}
+
+func (r *Resources) ExecInPod(ctx context.Context, namespaceName, podName, containerName string, command []string, stdout, stderr *bytes.Buffer) error {
+ clientset, err := kubernetes.NewForConfig(r.config)
+ if err != nil {
+ return err
+ }
+
+ req := clientset.CoreV1().RESTClient().Post().
+ Resource("pods").
+ Name(podName).
+ Namespace(namespaceName).
+ SubResource("exec")
+ newScheme := runtime.NewScheme()
+ if err := v1.AddToScheme(newScheme); err != nil {
+ return err
+ }
+ parameterCodec := runtime.NewParameterCodec(newScheme)
+ req.VersionedParams(&v1.PodExecOptions{
+ Container: containerName,
+ Command: command,
+ Stdout: true,
+ Stderr: true,
+ }, parameterCodec)
+
+ exec, err := remotecommand.NewSPDYExecutor(r.config, "POST", req.URL())
+ if err != nil {
+ panic(err)
+ }
+
+ err = exec.StreamWithContext(ctx, remotecommand.StreamOptions{
+ Stdout: stdout,
+ Stderr: stderr,
+ })
+ if err != nil {
+ return err
+ }
+
+ return nil
+}
+
+func init() {
+ log.SetLogger(klog.NewKlogr())
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/k8s/watcher/watch.go b/vendor/sigs.k8s.io/e2e-framework/klient/k8s/watcher/watch.go
new file mode 100644
index 000000000..cf3afc92b
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/k8s/watcher/watch.go
@@ -0,0 +1,132 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package watcher
+
+import (
+ "context"
+
+ "k8s.io/apimachinery/pkg/watch"
+ "k8s.io/client-go/rest"
+ klog "k8s.io/klog/v2"
+ cr "sigs.k8s.io/controller-runtime/pkg/client"
+ "sigs.k8s.io/controller-runtime/pkg/log"
+ "sigs.k8s.io/e2e-framework/klient/k8s"
+)
+
+// EventHandlerFuncs is an adaptor to let you easily specify as many or
+// as few of functions to invoke while getting notification from watcher
+type EventHandlerFuncs struct {
+ addFunc func(obj interface{})
+ updateFunc func(newObj interface{})
+ deleteFunc func(obj interface{})
+ watcher watch.Interface
+ ListOptions *cr.ListOptions
+ K8sObject k8s.ObjectList
+ Cfg *rest.Config
+}
+
+// EventHandler can handle notifications for events that happen to a resource.
+// Start will be waiting for the events notification which is responsible
+// for invoking the registered user defined functions.
+// Stop used to stop the watcher.
+type EventHandler interface {
+ Start(ctx context.Context)
+ Stop()
+}
+
+// Start triggers the registered methods based on the event received for
+// particular k8s resources
+func (e *EventHandlerFuncs) Start(ctx context.Context) error {
+ // check if context is valid and that it has not been cancelled.
+ if ctx.Err() != nil {
+ return ctx.Err()
+ }
+
+ cl, err := cr.NewWithWatch(e.Cfg, cr.Options{})
+ if err != nil {
+ return err
+ }
+
+ w, err := cl.Watch(ctx, e.K8sObject, e.ListOptions)
+ if err != nil {
+ return err
+ }
+
+ // set watcher object
+ e.watcher = w
+
+ go func() {
+ for {
+ select {
+ case <-ctx.Done():
+ if ctx.Err() != nil {
+ return
+ }
+ case event := <-e.watcher.ResultChan():
+ // retrieve the event type
+ eventType := event.Type
+
+ switch eventType {
+ case watch.Added:
+ // calls AddFunc if it's not nil.
+ if e.addFunc != nil {
+ e.addFunc(event.Object)
+ }
+ case watch.Modified:
+ // calls UpdateFunc if it's not nil.
+ if e.updateFunc != nil {
+ e.updateFunc(event.Object)
+ }
+ case watch.Deleted:
+ // calls DeleteFunc if it's not nil.
+ if e.deleteFunc != nil {
+ e.deleteFunc(event.Object)
+ }
+ }
+ }
+ }
+ }()
+
+ return nil
+}
+
+// Stop triggers stopping a particular k8s watch resources
+func (e *EventHandlerFuncs) Stop() {
+ e.watcher.Stop()
+}
+
+// SetAddFunc used to set action on create event
+func (e *EventHandlerFuncs) WithAddFunc(addfn func(obj interface{})) *EventHandlerFuncs {
+ e.addFunc = addfn
+ return e
+}
+
+// SetUpdateFunc sets action for any update events
+func (e *EventHandlerFuncs) WithUpdateFunc(updatefn func(updated interface{})) *EventHandlerFuncs {
+ e.updateFunc = updatefn
+ return e
+}
+
+// SetDeleteFunc sets action for delete events
+func (e *EventHandlerFuncs) WithDeleteFunc(deletefn func(obj interface{})) *EventHandlerFuncs {
+ e.deleteFunc = deletefn
+ return e
+}
+
+func init() {
+ log.SetLogger(klog.NewKlogr())
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/wait/conditions/conditions.go b/vendor/sigs.k8s.io/e2e-framework/klient/wait/conditions/conditions.go
new file mode 100644
index 000000000..e7d049277
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/wait/conditions/conditions.go
@@ -0,0 +1,319 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package conditions
+
+import (
+ "context"
+ "fmt"
+
+ log "k8s.io/klog/v2"
+
+ appsv1 "k8s.io/api/apps/v1"
+ batchv1 "k8s.io/api/batch/v1"
+ v1 "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/api/errors"
+ "k8s.io/apimachinery/pkg/api/meta"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ apimachinerywait "k8s.io/apimachinery/pkg/util/wait"
+
+ "sigs.k8s.io/e2e-framework/klient/k8s"
+ "sigs.k8s.io/e2e-framework/klient/k8s/resources"
+)
+
+type Condition struct {
+ resources *resources.Resources
+}
+
+// New is used to create a new Condition that can be used to perform a series of pre-defined wait checks
+// against a resource in question
+func New(r *resources.Resources) *Condition {
+ return &Condition{resources: r}
+}
+
+func (c *Condition) namespacedName(obj k8s.Object) string {
+ return fmt.Sprintf("%s [%s/%s]", obj.GetObjectKind().GroupVersionKind().String(), obj.GetNamespace(), obj.GetName())
+}
+
+// ResourceScaled is a helper function used to check if the resource under question has a pre-defined number of
+// replicas. This can be leveraged for checking cases such as scaling up and down a deployment or STS and any
+// other scalable resources.
+func (c *Condition) ResourceScaled(obj k8s.Object, scaleFetcher func(object k8s.Object) int32, replica int32) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ log.V(4).InfoS("Checking for resource to be scaled", "resource", c.namespacedName(obj), "replica", replica)
+ if err := c.resources.Get(ctx, obj.GetName(), obj.GetNamespace(), obj); err != nil {
+ return false, nil
+ }
+ return scaleFetcher(obj) == replica, nil
+ }
+}
+
+// ResourceMatch is a helper function used to check if the resource under question has met a pre-defined state. This can
+// be leveraged for checking fields on a resource that may not be immediately present upon creation.
+func (c *Condition) ResourceMatch(obj k8s.Object, matchFetcher func(object k8s.Object) bool) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ if err := c.resources.Get(ctx, obj.GetName(), obj.GetNamespace(), obj); err != nil {
+ return false, nil
+ }
+ return matchFetcher(obj), nil
+ }
+}
+
+// ResourceListN is a helper function that can be used to check for a minimum number of returned objects in a list. This function
+// accepts list options that can be used to adjust the set of objects queried for in the List resource operation.
+func (c *Condition) ResourceListN(list k8s.ObjectList, n int, listOptions ...resources.ListOption) apimachinerywait.ConditionWithContextFunc {
+ return c.ResourceListMatchN(list, n, func(object k8s.Object) bool { return true }, listOptions...)
+}
+
+// ResourceListMatchN is a helper function that can be used to check for a minimum number of returned objects in a list. This function
+// accepts list options and a match function that can be used to adjust the set of objects queried for in the List resource operation.
+func (c *Condition) ResourceListMatchN(list k8s.ObjectList, n int, matchFetcher func(object k8s.Object) bool, listOptions ...resources.ListOption) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ if err = c.resources.List(ctx, list, listOptions...); err != nil {
+ return false, nil
+ }
+ var found int
+ metaList, err := meta.ExtractList(list)
+ if err != nil {
+ return false, err
+ }
+ for _, obj := range metaList {
+ if o, ok := obj.(k8s.Object); ok && matchFetcher(o) {
+ found++
+ } else if !ok {
+ return false, fmt.Errorf("condition: unexpected type %T in list, does not satisfy k8s.Object", obj)
+ }
+ }
+ return found >= n, nil
+ }
+}
+
+// ResourcesFound is a helper function that can be used to check for a set of objects. This function accepts a list
+// of named objects and will wait until it is able to retrieve each.
+func (c *Condition) ResourcesFound(list k8s.ObjectList) apimachinerywait.ConditionWithContextFunc {
+ return c.ResourcesMatch(list, func(object k8s.Object) bool { return true })
+}
+
+// ResourcesMatch is a helper function that can be used to check for a set of objects. This function accepts a list
+// of named objects and a match function, and will wait until it is able to retrieve each while passing the match validation.
+func (c *Condition) ResourcesMatch(list k8s.ObjectList, matchFetcher func(object k8s.Object) bool) apimachinerywait.ConditionWithContextFunc {
+ metaList, err := meta.ExtractList(list)
+ if err != nil {
+ return func(ctx context.Context) (done bool, err error) { return false, err }
+ }
+ objects := make(map[k8s.Object]bool)
+ for _, o := range metaList {
+ obj, ok := o.(k8s.Object)
+ if !ok {
+ return func(ctx context.Context) (done bool, err error) {
+ return false, fmt.Errorf("condition: unexpected type %T in list, does not satisfy k8s.Object", obj)
+ }
+ }
+ if obj.GetName() != "" {
+ objects[obj] = false
+ }
+ }
+ return func(ctx context.Context) (done bool, err error) {
+ found := 0
+ for obj, created := range objects {
+ if !created {
+ if err := c.resources.Get(ctx, obj.GetName(), obj.GetNamespace(), obj); errors.IsNotFound(err) {
+ continue
+ } else if err != nil {
+ return false, err
+ }
+ if !matchFetcher(obj) {
+ continue
+ }
+ }
+ objects[obj] = true
+ found++
+ }
+ return len(objects) == found, nil
+ }
+}
+
+// ResourcesDeleted is a helper function that can be used to check for if a set of objects has been deleted. This function
+// accepts a list of named objects and will wait until it is not able to find each.
+func (c *Condition) ResourcesDeleted(list k8s.ObjectList) apimachinerywait.ConditionWithContextFunc {
+ metaList, err := meta.ExtractList(list)
+ if err != nil {
+ return func(ctx context.Context) (done bool, err error) { return false, err }
+ }
+ objects := make(map[k8s.Object]bool)
+ for _, o := range metaList {
+ obj, ok := o.(k8s.Object)
+ if !ok {
+ return func(ctx context.Context) (done bool, err error) {
+ return false, fmt.Errorf("condition: unexpected type %T in list, does not satisfy k8s.Object", obj)
+ }
+ }
+ if obj.GetName() != "" {
+ objects[obj] = true
+ }
+ }
+ return func(ctx context.Context) (done bool, err error) {
+ for obj, created := range objects {
+ if created {
+ log.V(4).InfoS("Checking for resource to be garbage collected", "resource", c.namespacedName(obj))
+ if err := c.resources.Get(ctx, obj.GetName(), obj.GetNamespace(), obj); errors.IsNotFound(err) {
+ delete(objects, obj)
+ } else if err != nil {
+ return false, err
+ }
+ }
+ }
+ return len(objects) == 0, nil
+ }
+}
+
+// ResourceDeleted is a helper function used to check if a resource under question has been deleted. This will enable
+// testing cases where the resource have a finalizer and the DELETE operation of such resource have been triggered and
+// you want to wait until the resource has been deleted.
+//
+// This method can be leveraged against any Kubernetes resource to check the deletion workflow and it does so by
+// checking the resource and waiting until it obtains a v1.StatusReasonNotFound error from the API
+func (c *Condition) ResourceDeleted(obj k8s.Object) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ log.V(4).InfoS("Checking for resource to be garbage collected", "resource", c.namespacedName(obj))
+ if err := c.resources.Get(context.Background(), obj.GetName(), obj.GetNamespace(), obj); err != nil {
+ if errors.IsNotFound(err) {
+ return true, nil
+ }
+ return false, err
+ }
+ return false, nil
+ }
+}
+
+// JobConditionMatch is a helper function that can be used to check the Job Completion or runtime status against a
+// specific condition. This function accepts both conditionType and conditionState as argument and hence you can use this
+// to match both positive or negative cases with suitable values passed to the arguments.
+func (c *Condition) JobConditionMatch(job k8s.Object, conditionType batchv1.JobConditionType, conditionState v1.ConditionStatus) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ log.V(4).InfoS("Checking for condition match", "resource", c.namespacedName(job), "state", conditionState, "conditionType", conditionType)
+ if err := c.resources.Get(ctx, job.GetName(), job.GetNamespace(), job); err != nil {
+ return false, err
+ }
+ status := job.(*batchv1.Job).Status
+ log.V(4).InfoS("Current Status of the job resource", "status", status)
+ for _, cond := range status.Conditions {
+ if cond.Type == conditionType && cond.Status == conditionState {
+ done = true
+ }
+ }
+ return
+ }
+}
+
+// DeploymentConditionMatch is a helper function that can be used to check a specific condition match for the Deployment in question.
+func (c *Condition) DeploymentConditionMatch(deployment k8s.Object, conditionType appsv1.DeploymentConditionType, conditionState v1.ConditionStatus) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ if err := c.resources.Get(ctx, deployment.GetName(), deployment.GetNamespace(), deployment); err != nil {
+ return false, err
+ }
+ for _, cond := range deployment.(*appsv1.Deployment).Status.Conditions {
+ if cond.Type == conditionType && cond.Status == conditionState {
+ done = true
+ }
+ }
+ return
+ }
+}
+
+// PodConditionMatch is a helper function that can be used to check a specific condition match for the Pod in question.
+// This is extended into a few simplified match helpers such as PodReady and ContainersReady as well.
+func (c *Condition) PodConditionMatch(pod k8s.Object, conditionType v1.PodConditionType, conditionState v1.ConditionStatus) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ log.V(4).InfoS("Checking for condition match", "resource", c.namespacedName(pod), "state", conditionState, "conditionType", conditionType)
+ if err := c.resources.Get(ctx, pod.GetName(), pod.GetNamespace(), pod); err != nil {
+ return false, err
+ }
+ status := pod.(*v1.Pod).Status
+ log.V(4).InfoS("Current Status of the pod resource", "status", status)
+ for _, cond := range status.Conditions {
+ if cond.Type == conditionType && cond.Status == conditionState {
+ done = true
+ }
+ }
+ return
+ }
+}
+
+// PodPhaseMatch is a helper function that is used to check and see if the Pod Has reached a specific Phase of the
+// runtime. This can be combined with PodConditionMatch to check if a specific condition and phase has been met.
+// This will enable validation such as checking against CLB of a POD.
+func (c *Condition) PodPhaseMatch(pod k8s.Object, phase v1.PodPhase) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ log.V(4).InfoS("Checking for phase match", "resource", c.namespacedName(pod), "phase", phase)
+ if err := c.resources.Get(context.Background(), pod.GetName(), pod.GetNamespace(), pod); err != nil {
+ return false, err
+ }
+ log.V(4).InfoS("Current phase", "phase", pod.(*v1.Pod).Status.Phase)
+ return pod.(*v1.Pod).Status.Phase == phase, nil
+ }
+}
+
+// PodReady is a helper function used to check if the pod condition v1.PodReady has reached v1.ConditionTrue state
+func (c *Condition) PodReady(pod k8s.Object) apimachinerywait.ConditionWithContextFunc {
+ return c.PodConditionMatch(pod, v1.PodReady, v1.ConditionTrue)
+}
+
+// ContainersReady is a helper function used to check if the pod condition v1.ContainersReady has reached v1.ConditionTrue
+func (c *Condition) ContainersReady(pod k8s.Object) apimachinerywait.ConditionWithContextFunc {
+ return c.PodConditionMatch(pod, v1.ContainersReady, v1.ConditionTrue)
+}
+
+// PodRunning is a helper function used to check if the pod.Status.Phase attribute of the Pod has reached v1.PodRunning
+func (c *Condition) PodRunning(pod k8s.Object) apimachinerywait.ConditionWithContextFunc {
+ return c.PodPhaseMatch(pod, v1.PodRunning)
+}
+
+// JobCompleted is a helper function used to check if the Job has been completed successfully by checking if the
+// batchv1.JobCompleted has reached the v1.ConditionTrue state
+func (c *Condition) JobCompleted(job k8s.Object) apimachinerywait.ConditionWithContextFunc {
+ return c.JobConditionMatch(job, batchv1.JobComplete, v1.ConditionTrue)
+}
+
+// JobFailed is a helper function used to check if the Job has failed by checking if the batchv1.JobFailed has reached
+// v1.ConditionTrue state
+func (c *Condition) JobFailed(job k8s.Object) apimachinerywait.ConditionWithContextFunc {
+ return c.JobConditionMatch(job, batchv1.JobFailed, v1.ConditionTrue)
+}
+
+// DeploymentAvailable is a helper function used to check if the deployment condition appsv1.DeploymentAvailable
+// has reached v1.ConditionTrue state
+func (c *Condition) DeploymentAvailable(name, namespace string) apimachinerywait.ConditionWithContextFunc {
+ return c.DeploymentConditionMatch(
+ &appsv1.Deployment{ObjectMeta: metav1.ObjectMeta{Name: name, Namespace: namespace}},
+ appsv1.DeploymentAvailable,
+ v1.ConditionTrue,
+ )
+}
+
+// DaemonSetReady is a helper function used to check if a daemonset's pods are scheduled and ready
+func (c *Condition) DaemonSetReady(daemonset k8s.Object) apimachinerywait.ConditionWithContextFunc {
+ return func(ctx context.Context) (done bool, err error) {
+ if err := c.resources.Get(ctx, daemonset.GetName(), daemonset.GetNamespace(), daemonset); err != nil {
+ return false, err
+ }
+ status := daemonset.(*appsv1.DaemonSet).Status
+ if status.NumberReady == status.DesiredNumberScheduled && status.NumberUnavailable == 0 {
+ done = true
+ }
+ return
+ }
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/klient/wait/wait.go b/vendor/sigs.k8s.io/e2e-framework/klient/wait/wait.go
new file mode 100644
index 000000000..22b8e7501
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/klient/wait/wait.go
@@ -0,0 +1,109 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package wait
+
+import (
+ "context"
+ "time"
+
+ apimachinerywait "k8s.io/apimachinery/pkg/util/wait"
+)
+
+const (
+ defaultPollTimeout = 5 * time.Minute
+ defaultPollInterval = 5 * time.Second
+)
+
+type Options struct {
+ // Interval is used to specify the poll interval while waiting for a condition to be met
+ Interval time.Duration
+ // Timeout is used to indicate the total time to be spent in polling for the condition
+ // to be met.
+ Timeout time.Duration
+ // StopChan is used to setup a wait mechanism using the apimachinerywait.PollUntil method
+ Ctx context.Context
+ // Immediate is used to indicate if the apimachinerywait's immediate wait method are to be
+ // called instead of the regular one
+ Immediate bool
+}
+
+type Option func(*Options)
+
+// WithTimeout sets the max timeout that the Wait checks will run trying to see if the resource under
+// question has reached a final expected state. An error will be raised if the resource has not reached
+// the final expected state within the time defined by this configuration
+func WithTimeout(timeout time.Duration) Option {
+ return func(options *Options) {
+ options.Timeout = timeout
+ }
+}
+
+// WithInterval configures the interval between the retries to check if a condition has been met while performing
+// the polling wait on a resource under question
+func WithInterval(interval time.Duration) Option {
+ return func(options *Options) {
+ options.Interval = interval
+ }
+}
+
+// WithContext provides a way to configure a context that can be used to cancel the wait condition checks. This will enable
+// end users to write test in cases where the max timeout is not really predictable or is a factor of a different
+// configuration or event.
+func WithContext(ctx context.Context) Option {
+ return func(options *Options) {
+ options.Ctx = ctx
+ }
+}
+
+// WithImmediate configures the way the Wait Checks are invoked. Setting this will invoke the condition check
+// right away before the first wait for the interval kicks in. If not configured, the first check of the
+// condition match will be triggered after the value configured by the WithInterval or defaultPollInterval
+func WithImmediate() Option {
+ return func(options *Options) {
+ options.Immediate = true
+ }
+}
+
+// For provides a way to perform poll checks against the kubernetes resource to make sure the resource under
+// test has reached a suitable state before moving to the next action or fail with an error message.
+//
+// The conditions sub-packages provides a series of pre-defined wait functions that can be used by the developers
+// or a custom wait function can be passed as an argument to get a similar functionality if the check required
+// for your test is not already provided by the helper utility.
+func For(conditionFunc apimachinerywait.ConditionWithContextFunc, opts ...Option) error {
+ options := &Options{
+ Interval: defaultPollInterval,
+ Timeout: defaultPollTimeout,
+ Ctx: nil,
+ Immediate: false,
+ }
+ var cancel context.CancelFunc
+ for _, fn := range opts {
+ fn(options)
+ }
+
+ if options.Ctx == nil {
+ options.Ctx = context.Background()
+ }
+
+ if options.Timeout != 0 {
+ options.Ctx, cancel = context.WithTimeout(options.Ctx, options.Timeout)
+ defer cancel()
+ }
+
+ return apimachinerywait.PollUntilContextCancel(options.Ctx, options.Interval, options.Immediate, conditionFunc)
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/env/action.go b/vendor/sigs.k8s.io/e2e-framework/pkg/env/action.go
new file mode 100644
index 000000000..cb47cb956
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/env/action.go
@@ -0,0 +1,142 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package env
+
+import (
+ "context"
+ "fmt"
+ "testing"
+
+ klog "k8s.io/klog/v2"
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+ "sigs.k8s.io/e2e-framework/pkg/types"
+)
+
+type actionRole uint8
+
+const (
+ roleSetup actionRole = iota
+ roleBeforeTest
+ roleBeforeFeature
+ roleAfterFeature
+ roleAfterTest
+ roleFinish
+)
+
+func (r actionRole) String() string {
+ switch r {
+ case roleSetup:
+ return "Setup"
+ case roleBeforeTest:
+ return "BeforeEachTest"
+ case roleBeforeFeature:
+ return "BeforeEachFeature"
+ case roleAfterFeature:
+ return "AfterEachFeature"
+ case roleAfterTest:
+ return "AfterEachTest"
+ case roleFinish:
+ return "Finish"
+ default:
+ panic("unknown role") // this should never happen
+ }
+}
+
+// action a group env functions
+type action struct {
+ role actionRole
+
+ // funcs store the EnvFuncs used for setup/finish and before/after test.
+ funcs []types.EnvFunc
+
+ // featureFuncs store the FeatureEnvFunc for before/after feature.
+ featureFuncs []types.FeatureEnvFunc
+
+ // testFuncs store the TestEnvFunc for before/after feature.
+ testFuncs []types.TestEnvFunc
+}
+
+// runWithT will run the action and inject *testing.T into the callback function.
+func (a *action) runWithT(ctx context.Context, cfg *envconf.Config, t *testing.T) (context.Context, error) {
+ switch a.role {
+ case roleBeforeTest, roleAfterTest:
+ if cfg.DryRunMode() {
+ klog.V(2).Info("Skipping execution of roleBeforeTest and roleAfterTest due to framework being in dry-run mode")
+ return ctx, nil
+ }
+ for _, f := range a.testFuncs {
+ if f == nil {
+ continue
+ }
+
+ var err error
+ ctx, err = f(ctx, cfg, t)
+ if err != nil {
+ return ctx, err
+ }
+ }
+ default:
+ return ctx, fmt.Errorf("runWithT() is only valid for actions roleBeforeTest and roleAfterTest")
+ }
+
+ return ctx, nil
+}
+
+// runWithFeature will run the action and inject a FeatureInfo object into the callback function.
+func (a *action) runWithFeature(ctx context.Context, cfg *envconf.Config, t *testing.T, fi types.Feature) (context.Context, error) {
+ switch a.role {
+ case roleBeforeFeature, roleAfterFeature:
+ if cfg.DryRunMode() {
+ klog.V(2).Info("Skipping execution of roleBeforeFeature and roleAfterFeature due to framework being in dry-run mode")
+ return ctx, nil
+ }
+ for _, f := range a.featureFuncs {
+ if f == nil {
+ continue
+ }
+
+ var err error
+ ctx, err = f(ctx, cfg, t, fi)
+ if err != nil {
+ return ctx, err
+ }
+ }
+ default:
+ return ctx, fmt.Errorf("runWithFeature() is only valid for actions roleBeforeFeature and roleAfterFeature")
+ }
+ return ctx, nil
+}
+
+func (a *action) run(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ if cfg.DryRunMode() {
+ klog.V(2).InfoS("Skipping processing of action due to framework being in dry-run mode")
+ return ctx, nil
+ }
+ for _, f := range a.funcs {
+ if f == nil {
+ continue
+ }
+
+ var err error
+ ctx, err = f(ctx, cfg)
+ if err != nil {
+ return ctx, err
+ }
+ }
+
+ return ctx, nil
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/env/doc.go b/vendor/sigs.k8s.io/e2e-framework/pkg/env/doc.go
new file mode 100644
index 000000000..b9bf99fd5
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/env/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package env surfaces types to create and manage
+// test environments
+package env
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/env/env.go b/vendor/sigs.k8s.io/e2e-framework/pkg/env/env.go
new file mode 100644
index 000000000..d952d3135
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/env/env.go
@@ -0,0 +1,600 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package env exposes types to create type `Environment` used to run
+// feature tests.
+package env
+
+import (
+ "context"
+ "fmt"
+ "regexp"
+ "runtime/debug"
+ "sort"
+ "sync"
+ "testing"
+
+ klog "k8s.io/klog/v2"
+
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+ "sigs.k8s.io/e2e-framework/pkg/featuregate"
+ "sigs.k8s.io/e2e-framework/pkg/features"
+ "sigs.k8s.io/e2e-framework/pkg/types"
+)
+
+type (
+ Environment = types.Environment
+ Func = types.EnvFunc
+ FeatureFunc = types.FeatureEnvFunc
+ TestFunc = types.TestEnvFunc
+)
+
+type testEnv struct {
+ ctx context.Context
+ cfg *envconf.Config
+ actions []action
+}
+
+// New creates a test environment with no config attached.
+func New() types.Environment {
+ return newTestEnv()
+}
+
+func NewParallel() types.Environment {
+ return newTestEnvWithParallel()
+}
+
+// NewWithConfig creates an environment using an Environment Configuration value
+func NewWithConfig(cfg *envconf.Config) types.Environment {
+ env := newTestEnv()
+ env.cfg = cfg
+ return env
+}
+
+// NewFromFlags creates a test environment using configuration values from CLI flags
+func NewFromFlags() (types.Environment, error) {
+ cfg, err := envconf.NewFromFlags()
+ if err != nil {
+ return nil, err
+ }
+ return NewWithConfig(cfg), nil
+}
+
+// NewWithKubeConfig creates an environment using an Environment Configuration value
+// and the given kubeconfig.
+func NewWithKubeConfig(kubeconfigfile string) types.Environment {
+ env := newTestEnv()
+ cfg := envconf.NewWithKubeConfig(kubeconfigfile)
+ env.cfg = cfg
+ return env
+}
+
+// NewInClusterConfig creates an environment using an Environment Configuration value
+// and assumes an in-cluster kubeconfig.
+func NewInClusterConfig() types.Environment {
+ env := newTestEnv()
+ cfg := envconf.NewWithKubeConfig("")
+ env.cfg = cfg
+ return env
+}
+
+// NewWithContext creates a new environment with the provided context and config.
+func NewWithContext(ctx context.Context, cfg *envconf.Config) (types.Environment, error) {
+ if ctx == nil {
+ return nil, fmt.Errorf("context is nil")
+ }
+ if cfg == nil {
+ return nil, fmt.Errorf("environment config is nil")
+ }
+ return &testEnv{ctx: ctx, cfg: cfg}, nil
+}
+
+func newTestEnv() *testEnv {
+ return &testEnv{
+ ctx: context.Background(),
+ cfg: envconf.New(),
+ }
+}
+
+func newTestEnvWithParallel() *testEnv {
+ return &testEnv{
+ ctx: context.Background(),
+ cfg: envconf.New().WithParallelTestEnabled(),
+ }
+}
+
+// WithContext returns a new environment with the context set to ctx.
+// Argument ctx cannot be nil
+func (e *testEnv) WithContext(ctx context.Context) types.Environment {
+ if ctx == nil {
+ panic("nil context") // this should never happen
+ }
+ env := &testEnv{
+ ctx: ctx,
+ cfg: e.cfg,
+ }
+ env.actions = append(env.actions, e.actions...)
+ return env
+}
+
+// Setup registers environment operations that are executed once
+// prior to the environment being ready and prior to any test.
+func (e *testEnv) Setup(funcs ...Func) types.Environment {
+ if len(funcs) == 0 {
+ return e
+ }
+ e.actions = append(e.actions, action{role: roleSetup, funcs: funcs})
+ return e
+}
+
+// BeforeEachTest registers environment funcs that are executed
+// before each Env.Test(...)
+func (e *testEnv) BeforeEachTest(funcs ...types.TestEnvFunc) types.Environment {
+ if len(funcs) == 0 {
+ return e
+ }
+ e.actions = append(e.actions, action{role: roleBeforeTest, testFuncs: funcs})
+ return e
+}
+
+// BeforeEachFeature registers step functions that are executed
+// before each Feature is tested during env.Test call.
+func (e *testEnv) BeforeEachFeature(funcs ...FeatureFunc) types.Environment {
+ if len(funcs) == 0 {
+ return e
+ }
+ e.actions = append(e.actions, action{role: roleBeforeFeature, featureFuncs: funcs})
+ return e
+}
+
+// AfterEachFeature registers step functions that are executed
+// after each feature is tested during an env.Test call.
+func (e *testEnv) AfterEachFeature(funcs ...FeatureFunc) types.Environment {
+ if len(funcs) == 0 {
+ return e
+ }
+ e.actions = append(e.actions, action{role: roleAfterFeature, featureFuncs: funcs})
+ return e
+}
+
+// AfterEachTest registers environment funcs that are executed
+// after each Env.Test(...).
+func (e *testEnv) AfterEachTest(funcs ...types.TestEnvFunc) types.Environment {
+ if len(funcs) == 0 {
+ return e
+ }
+ e.actions = append(e.actions, action{role: roleAfterTest, testFuncs: funcs})
+ return e
+}
+
+// panicOnMissingContext is used to check if the test Env has a non-nil context setup
+// and fail fast if the context has not already been set
+func (e *testEnv) panicOnMissingContext() {
+ if e.ctx == nil {
+ panic("context not set") // something is terribly wrong.
+ }
+}
+
+// processTestActions is used to run a series of test action that were configured as
+// BeforeEachTest or AfterEachTest
+func (e *testEnv) processTestActions(ctx context.Context, t *testing.T, actions []action) context.Context {
+ var err error
+ out := ctx
+ for _, action := range actions {
+ out, err = action.runWithT(ctx, e.cfg, t)
+ if err != nil {
+ t.Fatalf("%s failure: %s", action.role, err)
+ }
+ }
+ return out
+}
+
+// processTestFeature is used to trigger the execution of the actual feature. This function wraps the entire
+// workflow of orchestrating the feature execution be running the action configured by BeforeEachFeature /
+// AfterEachFeature.
+func (e *testEnv) processTestFeature(ctx context.Context, t *testing.T, featureName string, feature types.Feature) context.Context {
+ skipped, message := e.requireFeatureProcessing(feature)
+ if skipped {
+ t.Skipf(message)
+ }
+ // execute beforeEachFeature actions
+ ctx = e.processFeatureActions(ctx, t, feature, e.getBeforeFeatureActions())
+
+ // execute feature test
+ ctx = e.execFeature(ctx, t, featureName, feature)
+
+ // execute afterEachFeature actions
+ return e.processFeatureActions(ctx, t, feature, e.getAfterFeatureActions())
+}
+
+// processFeatureActions is used to run a series of feature action that were configured as
+// BeforeEachFeature or AfterEachFeature
+func (e *testEnv) processFeatureActions(ctx context.Context, t *testing.T, feature types.Feature, actions []action) context.Context {
+ var err error
+ out := ctx
+ for _, action := range actions {
+ out, err = action.runWithFeature(out, e.cfg, t, deepCopyFeature(feature))
+ if err != nil {
+ t.Fatalf("%s failure: %s", action.role, err)
+ }
+ }
+ return out
+}
+
+// processTests is a wrapper function that can be invoked by either Test or TestInParallel methods.
+// Depending on the configuration of if the parallel tests are enabled or not, this will change the
+// nature of how the test gets executed.
+//
+// In case if the parallel run of test features are enabled, this function will invoke the processTestFeature
+// as a go-routine to get them to run in parallel
+func (e *testEnv) processTests(ctx context.Context, t *testing.T, enableParallelRun bool, testFeatures ...types.Feature) context.Context {
+ if e.cfg.DryRunMode() {
+ klog.V(2).Info("e2e-framework is being run in dry-run mode. This will skip all the before/after step functions configured around your test assessments and features")
+ }
+ if ctx == nil {
+ panic("nil context") // this should never happen
+ }
+ if len(testFeatures) == 0 {
+ t.Log("No test testFeatures provided, skipping test")
+ return ctx
+ }
+ beforeTestActions := e.getBeforeTestActions()
+ afterTestActions := e.getAfterTestActions()
+
+ runInParallel := e.cfg.ParallelTestEnabled() && enableParallelRun
+
+ if runInParallel {
+ klog.V(4).Info("Running test features in parallel")
+ }
+
+ ctx = e.processTestActions(ctx, t, beforeTestActions)
+
+ var wg sync.WaitGroup
+ for i, feature := range testFeatures {
+ featureCopy := feature
+ featName := feature.Name()
+ if featName == "" {
+ featName = fmt.Sprintf("Feature-%d", i+1)
+ }
+ if runInParallel {
+ wg.Add(1)
+ go func(ctx context.Context, w *sync.WaitGroup, featName string, f types.Feature) {
+ defer w.Done()
+ _ = e.processTestFeature(ctx, t, featName, f)
+ }(ctx, &wg, featName, featureCopy)
+ } else {
+ ctx = e.processTestFeature(ctx, t, featName, featureCopy)
+ // In case if the feature under test has failed, skip reset of the features
+ // that are part of the same test
+ if e.cfg.FailFast() && t.Failed() {
+ break
+ }
+ }
+ }
+ if runInParallel {
+ wg.Wait()
+ }
+ return e.processTestActions(ctx, t, afterTestActions)
+}
+
+// TestInParallel executes a series a feature tests from within a
+// TestXXX function in parallel
+//
+// Feature setups and teardowns are executed at the same *testing.T
+// contextual level as the "test" that invoked this method. Assessments
+// are executed as a subtests of the feature. This approach allows
+// features/assessments to be filtered using go test -run flag.
+//
+// Feature tests will have access to and able to update the context
+// passed to it.
+//
+// BeforeTest and AfterTest operations are executed before and after
+// the feature is tested respectively.
+//
+// BeforeTest and AfterTest operations are run in series of the entire
+// set of features being passed to this call while the feature themselves
+// are executed in parallel to avoid duplication of action that might happen
+// in BeforeTest and AfterTest actions
+func (e *testEnv) TestInParallel(t *testing.T, testFeatures ...types.Feature) context.Context {
+ return e.processTests(e.ctx, t, true, testFeatures...)
+}
+
+// Test executes a feature test from within a TestXXX function.
+//
+// Feature setups and teardowns are executed at the same *testing.T
+// contextual level as the "test" that invoked this method. Assessments
+// are executed as a subtests of the feature. This approach allows
+// features/assessments to be filtered using go test -run flag.
+//
+// Feature tests will have access to and able to update the context
+// passed to it.
+//
+// BeforeTest and AfterTest operations are executed before and after
+// the feature is tested respectively.
+func (e *testEnv) Test(t *testing.T, testFeatures ...types.Feature) context.Context {
+ return e.processTests(e.ctx, t, false, testFeatures...)
+}
+
+// Finish registers funcs that are executed at the end of the
+// test suite.
+func (e *testEnv) Finish(funcs ...Func) types.Environment {
+ if len(funcs) == 0 {
+ return e
+ }
+
+ e.actions = append(e.actions, action{role: roleFinish, funcs: funcs})
+ return e
+}
+
+// Run is to launch the test suite from a TestMain function.
+// It will run m.Run() and exercise all test functions in the
+// package. This method will all Env.Setup operations prior to
+// starting the tests and run all Env.Finish operations after
+// before completing the suite.
+func (e *testEnv) Run(m *testing.M) (exitCode int) {
+ e.panicOnMissingContext()
+ ctx := e.ctx
+
+ setups := e.getSetupActions()
+ // fail fast on setup, upon err exit
+ var err error
+
+ defer func() {
+ // Recover and see if the panic handler is disabled. If it is disabled, panic and stop the workflow.
+ // Otherwise, log and continue with running the Finish steps of the Test suite
+ rErr := recover()
+ if rErr != nil {
+ if e.cfg.DisableGracefulTeardown() {
+ panic(rErr)
+ }
+ klog.Errorf("Recovering from panic and running finish actions: %s, stack: %s", rErr, string(debug.Stack()))
+ // Set this exit code value to non 0 to indicate that the test suite has failed
+ // Not doing this will mark the test suite as passed even though there was a panic
+ exitCode = 1
+ }
+
+ finishes := e.getFinishActions()
+ // attempt to gracefully clean up.
+ // Upon error, log and continue.
+ for _, fin := range finishes {
+ // context passed down to each finish step
+ if ctx, err = fin.run(ctx, e.cfg); err != nil {
+ klog.V(2).ErrorS(err, "Cleanup failed", "action", fin.role)
+ }
+ }
+ e.ctx = ctx
+ }()
+
+ for _, setup := range setups {
+ // context passed down to each setup
+ if ctx, err = setup.run(ctx, e.cfg); err != nil {
+ klog.Errorf("%s failure: %s", setup.role, err)
+ break
+ }
+ }
+ e.ctx = ctx
+
+ // Execute the test suite
+ return m.Run()
+}
+
+func (e *testEnv) getActionsByRole(r actionRole) []action {
+ if e.actions == nil {
+ return nil
+ }
+
+ var result []action
+ for _, a := range e.actions {
+ if a.role == r {
+ result = append(result, a)
+ }
+ }
+
+ return result
+}
+
+func (e *testEnv) getSetupActions() []action {
+ return e.getActionsByRole(roleSetup)
+}
+
+func (e *testEnv) getBeforeTestActions() []action {
+ return e.getActionsByRole(roleBeforeTest)
+}
+
+func (e *testEnv) getBeforeFeatureActions() []action {
+ return e.getActionsByRole(roleBeforeFeature)
+}
+
+func (e *testEnv) getAfterFeatureActions() []action {
+ return e.getActionsByRole(roleAfterFeature)
+}
+
+func (e *testEnv) getAfterTestActions() []action {
+ return e.getActionsByRole(roleAfterTest)
+}
+
+func (e *testEnv) getFinishActions() []action {
+ finishAction := e.getActionsByRole(roleFinish)
+ if featuregate.DefaultFeatureGate.Enabled(featuregate.ReverseTestFinishExecutionOrder) {
+ sort.Slice(finishAction, func(i, j int) bool {
+ return i > j
+ })
+ }
+ return finishAction
+}
+
+func (e *testEnv) executeSteps(ctx context.Context, t *testing.T, steps []types.Step) context.Context {
+ if e.cfg.DryRunMode() {
+ return ctx
+ }
+ for _, setup := range steps {
+ ctx = setup.Func()(ctx, t, e.cfg)
+ }
+ return ctx
+}
+
+func (e *testEnv) execFeature(ctx context.Context, t *testing.T, featName string, f types.Feature) context.Context {
+ // feature-level subtest
+ t.Run(featName, func(newT *testing.T) {
+ if fDescription, ok := f.(types.DescribableFeature); ok && fDescription.Description() != "" {
+ t.Logf("Processing Feature: %s", fDescription.Description())
+ }
+
+ // setups run at feature-level
+ setups := features.GetStepsByLevel(f.Steps(), types.LevelSetup)
+ ctx = e.executeSteps(ctx, newT, setups)
+
+ // assessments run as feature/assessment sub level
+ assessments := features.GetStepsByLevel(f.Steps(), types.LevelAssess)
+
+ failed := false
+ for i, assess := range assessments {
+ assessName := assess.Name()
+ if dAssess, ok := assess.(types.DescribableStep); ok && dAssess.Description() != "" {
+ t.Logf("Processing Assessment: %s", dAssess.Description())
+ }
+ if assessName == "" {
+ assessName = fmt.Sprintf("Assessment-%d", i+1)
+ }
+ // shouldFailNow catches whether t.FailNow() is called in the assessment.
+ // If it is, we won't proceed with the next assessment.
+ var shouldFailNow bool
+ newT.Run(assessName, func(internalT *testing.T) {
+ skipped, message := e.requireAssessmentProcessing(assess, i+1)
+ if skipped {
+ internalT.Skipf(message)
+ }
+ // Set shouldFailNow to true before actually running the assessment, because if the assessment
+ // calls t.FailNow(), the function will be abruptly stopped in the middle of `e.executeSteps()`.
+ shouldFailNow = true
+ ctx = e.executeSteps(ctx, internalT, []types.Step{assess})
+ // If we reach this point, it means the assessment did not call t.FailNow().
+ shouldFailNow = false
+ })
+ // Check if the Test assessment under question performed either 2 things:
+ // - a t.FailNow() invocation
+ // - a `t.Fail()` or `t.Failed()` invocation
+ // In one of those cases, we need to track that and stop the next set of assessment in the feature
+ // under test from getting executed.
+ if shouldFailNow || (e.cfg.FailFast() && newT.Failed()) {
+ failed = true
+ break
+ }
+ }
+
+ // Let us fail the test fast and not run the teardown in case if the framework specific fail-fast mode is
+ // invoked to make sure we leave the traces of the failed test behind to enable better debugging for the
+ // test developers
+ if e.cfg.FailFast() && failed {
+ newT.FailNow()
+ }
+
+ // teardowns run at feature-level
+ teardowns := features.GetStepsByLevel(f.Steps(), types.LevelTeardown)
+ ctx = e.executeSteps(ctx, newT, teardowns)
+ })
+
+ return ctx
+}
+
+// requireFeatureProcessing is a wrapper around the requireProcessing function to process the feature level validation
+func (e *testEnv) requireFeatureProcessing(f types.Feature) (skip bool, message string) {
+ requiredRegexp := e.cfg.FeatureRegex()
+ skipRegexp := e.cfg.SkipFeatureRegex()
+ return e.requireProcessing("feature", f.Name(), requiredRegexp, skipRegexp, f.Labels())
+}
+
+// requireAssessmentProcessing is a wrapper around the requireProcessing function to process the Assessment level validation
+func (e *testEnv) requireAssessmentProcessing(a types.Step, assessmentIndex int) (skip bool, message string) {
+ requiredRegexp := e.cfg.AssessmentRegex()
+ skipRegexp := e.cfg.SkipAssessmentRegex()
+ assessmentName := a.Name()
+ if assessmentName == "" {
+ assessmentName = fmt.Sprintf("Assessment-%d", assessmentIndex)
+ }
+ return e.requireProcessing("assessment", assessmentName, requiredRegexp, skipRegexp, nil)
+}
+
+// requireProcessing is a utility function that can be used to make a decision on if a specific Test assessment or feature needs to be
+// processed or not.
+// testName argument indicate the Feature Name or test Name that can be mapped against the skip or include regex flags
+// to decide if the entity in question will need processing.
+// This function also perform a label check against include/skip labels to make sure only those features to make sure
+// we can filter out all the non-required features during the test execution
+func (e *testEnv) requireProcessing(kind, testName string, requiredRegexp, skipRegexp *regexp.Regexp, labels types.Labels) (skip bool, message string) {
+ if requiredRegexp != nil && !requiredRegexp.MatchString(testName) {
+ skip = true
+ message = fmt.Sprintf(`Skipping %s "%s": name not matched`, kind, testName)
+ return skip, message
+ }
+ if skipRegexp != nil && skipRegexp.MatchString(testName) {
+ skip = true
+ message = fmt.Sprintf(`Skipping %s: "%s": name matched`, kind, testName)
+ return skip, message
+ }
+
+ if labels != nil {
+ // only run a feature if all its label keys and values match those specified
+ // with --labels
+ matches := 0
+ for key, vals := range e.cfg.Labels() {
+ for _, v := range vals {
+ if labels.Contains(key, v) {
+ matches++
+ break // continue with next key
+ }
+ }
+ }
+
+ if len(e.cfg.Labels()) != matches {
+ skip = true
+ var kvs []string
+ for k, v := range labels {
+ kvs = append(kvs, fmt.Sprintf("%s=%s", k, v)) // prettify output
+ }
+ message = fmt.Sprintf(`Skipping feature "%s": unmatched labels "%s"`, testName, kvs)
+ return skip, message
+ }
+
+ // skip running a feature if labels matches with --skip-labels
+ for key, vals := range e.cfg.SkipLabels() {
+ for _, v := range vals {
+ if labels.Contains(key, v) {
+ skip = true
+ message = fmt.Sprintf(`Skipping feature "%s": matched label provided in --skip-lables "%s=%s"`, testName, key, labels[key])
+ return skip, message
+ }
+ }
+ }
+ }
+ return skip, message
+}
+
+// deepCopyFeature just copies the values from the Feature but creates a deep
+// copy to avoid mutation when we just want an informational copy.
+func deepCopyFeature(f types.Feature) types.Feature {
+ fcopy := features.New(f.Name())
+ for k, vals := range f.Labels() {
+ for _, v := range vals {
+ fcopy = fcopy.WithLabel(k, v)
+ }
+ }
+ f.Steps()
+ for _, step := range f.Steps() {
+ fcopy = fcopy.WithStep(step.Name(), step.Level(), nil)
+ }
+ return fcopy.Feature()
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/envconf/config.go b/vendor/sigs.k8s.io/e2e-framework/pkg/envconf/config.go
new file mode 100644
index 000000000..f2267ae2b
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/envconf/config.go
@@ -0,0 +1,310 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package envconf
+
+import (
+ "encoding/hex"
+ "fmt"
+ "math/rand"
+ "regexp"
+ "time"
+
+ log "k8s.io/klog/v2"
+
+ "sigs.k8s.io/e2e-framework/klient"
+ "sigs.k8s.io/e2e-framework/pkg/flags"
+)
+
+// Config represents and environment configuration
+type Config struct {
+ client klient.Client
+ kubeconfig string
+ namespace string
+ assessmentRegex *regexp.Regexp
+ featureRegex *regexp.Regexp
+ labels flags.LabelsMap
+ skipFeatureRegex *regexp.Regexp
+ skipLabels flags.LabelsMap
+ skipAssessmentRegex *regexp.Regexp
+ parallelTests bool
+ dryRun bool
+ failFast bool
+ disableGracefulTeardown bool
+ kubeContext string
+}
+
+// New creates and initializes an empty environment configuration
+func New() *Config {
+ return &Config{}
+}
+
+// NewWithKubeConfig creates and initializes an empty environment configuration
+func NewWithKubeConfig(kubeconfig string) *Config {
+ c := &Config{}
+ return c.WithKubeconfigFile(kubeconfig)
+}
+
+// NewFromFlags initializes an environment config using flag values
+// parsed from command-line arguments and returns an error on parsing failure.
+func NewFromFlags() (*Config, error) {
+ envFlags, err := flags.Parse()
+ if err != nil {
+ log.Fatalf("flags parse failed: %s", err)
+ }
+ e := New()
+ if envFlags.Assessment() != "" {
+ e.assessmentRegex = regexp.MustCompile(envFlags.Assessment())
+ }
+ if envFlags.Feature() != "" {
+ e.featureRegex = regexp.MustCompile(envFlags.Feature())
+ }
+ e.labels = envFlags.Labels()
+ e.namespace = envFlags.Namespace()
+ e.kubeconfig = envFlags.Kubeconfig()
+ if envFlags.SkipFeatures() != "" {
+ e.skipFeatureRegex = regexp.MustCompile(envFlags.SkipFeatures())
+ }
+ if envFlags.SkipAssessment() != "" {
+ e.skipAssessmentRegex = regexp.MustCompile(envFlags.SkipAssessment())
+ }
+ e.skipLabels = envFlags.SkipLabels()
+ e.parallelTests = envFlags.Parallel()
+ e.dryRun = envFlags.DryRun()
+ e.failFast = envFlags.FailFast()
+ e.disableGracefulTeardown = envFlags.DisableGracefulTeardown()
+ e.kubeContext = envFlags.KubeContext()
+
+ return e, nil
+}
+
+// WithKubeconfigFile creates a new klient.Client and injects it in the cfg
+func (c *Config) WithKubeconfigFile(kubecfg string) *Config {
+ c.kubeconfig = kubecfg
+ return c
+}
+
+func (c *Config) KubeconfigFile() string {
+ return c.kubeconfig
+}
+
+// WithClient used to update the environment klient.Client
+func (c *Config) WithClient(client klient.Client) *Config {
+ c.client = client
+ return c
+}
+
+// NewClient is a constructor function that returns a previously
+// created klient.Client or create a new one based on configuration
+// previously set. Will return an error if unable to do so.
+func (c *Config) NewClient() (klient.Client, error) {
+ if c.client != nil {
+ return c.client, nil
+ }
+
+ client, err := klient.NewWithKubeConfigFile(c.kubeconfig)
+ if err != nil {
+ return nil, fmt.Errorf("envconfig: client failed: %w", err)
+ }
+ c.client = client
+
+ return c.client, nil
+}
+
+// Client is a constructor function that returns a previously
+// created klient.Client or creates a new one based on configuration
+// previously set. Will panic on any error so it is recommended that you
+// are confident in the configuration or call NewClient() to ensure its
+// safe creation.
+func (c *Config) Client() klient.Client {
+ if c.client != nil {
+ return c.client
+ }
+
+ client, err := klient.NewWithKubeConfigFile(c.kubeconfig)
+ if err != nil {
+ panic(fmt.Errorf("envconfig: client failed: %w", err).Error())
+ }
+ c.client = client
+ return c.client
+}
+
+// WithNamespace updates the environment namespace value
+func (c *Config) WithNamespace(ns string) *Config {
+ c.namespace = ns
+ return c
+}
+
+// WithRandomNamespace sets the environment's namespace
+// to a random value
+func (c *Config) WithRandomNamespace() *Config {
+ c.namespace = randNS()
+ return c
+}
+
+// Namespace returns the namespace for the environment
+func (c *Config) Namespace() string {
+ return c.namespace
+}
+
+// WithAssessmentRegex sets the environment assessment regex filter
+func (c *Config) WithAssessmentRegex(regex string) *Config {
+ c.assessmentRegex = regexp.MustCompile(regex)
+ return c
+}
+
+// AssessmentRegex returns the environment assessment filter
+func (c *Config) AssessmentRegex() *regexp.Regexp {
+ return c.assessmentRegex
+}
+
+// WithSkipAssessmentRegex sets the environment assessment regex filter
+func (c *Config) WithSkipAssessmentRegex(regex string) *Config {
+ c.skipAssessmentRegex = regexp.MustCompile(regex)
+ return c
+}
+
+// SkipAssessmentRegex returns the environment assessment filter
+func (c *Config) SkipAssessmentRegex() *regexp.Regexp {
+ return c.skipAssessmentRegex
+}
+
+// WithFeatureRegex sets the environment's feature regex filter
+func (c *Config) WithFeatureRegex(regex string) *Config {
+ c.featureRegex = regexp.MustCompile(regex)
+ return c
+}
+
+// FeatureRegex returns the environment's feature regex filter
+func (c *Config) FeatureRegex() *regexp.Regexp {
+ return c.featureRegex
+}
+
+// WithSkipFeatureRegex sets the environment's skip feature regex filter
+func (c *Config) WithSkipFeatureRegex(regex string) *Config {
+ c.skipFeatureRegex = regexp.MustCompile(regex)
+ return c
+}
+
+// SkipFeatureRegex returns the environment's skipfeature regex filter
+func (c *Config) SkipFeatureRegex() *regexp.Regexp {
+ return c.skipFeatureRegex
+}
+
+// WithLabels sets the environment label filters
+func (c *Config) WithLabels(lbls map[string][]string) *Config {
+ c.labels = lbls
+ return c
+}
+
+// Labels returns the environment's label filters
+func (c *Config) Labels() map[string][]string {
+ return c.labels
+}
+
+// WithSkipLabels sets the environment label filters
+func (c *Config) WithSkipLabels(lbls map[string][]string) *Config {
+ c.skipLabels = lbls
+ return c
+}
+
+// SkipLabels returns the environment's label filters
+func (c *Config) SkipLabels() map[string][]string {
+ return c.skipLabels
+}
+
+// WithParallelTestEnabled can be used to enable parallel run of the test
+// features
+func (c *Config) WithParallelTestEnabled() *Config {
+ c.parallelTests = true
+ return c
+}
+
+// ParallelTestEnabled indicates if the test features are being run in
+// parallel or not
+func (c *Config) ParallelTestEnabled() bool {
+ return c.parallelTests
+}
+
+func (c *Config) WithDryRunMode() *Config {
+ c.dryRun = true
+ return c
+}
+
+func (c *Config) DryRunMode() bool {
+ return c.dryRun
+}
+
+// WithFailFast can be used to enable framework specific fail fast mode
+// that controls the test execution of the features and assessments under
+// test
+func (c *Config) WithFailFast() *Config {
+ c.failFast = true
+ return c
+}
+
+// FailFast indicate if the framework is running in fail fast mode. This
+// controls the behavior of how the assessments and features are handled
+// if a test encounters a failure result
+func (c *Config) FailFast() bool {
+ return c.failFast
+}
+
+// WithDisableGracefulTeardown can be used to programmatically disabled the panic
+// recovery enablement on test startup. This will prevent test Finish steps
+// from being executed on panic
+func (c *Config) WithDisableGracefulTeardown() *Config {
+ c.disableGracefulTeardown = true
+ return c
+}
+
+// DisableGracefulTeardown is used to check the panic recovery handler should be enabled
+func (c *Config) DisableGracefulTeardown() bool {
+ return c.disableGracefulTeardown
+}
+
+// WithKubeContext is used to set the kubeconfig context
+func (c *Config) WithKubeContext(kubeContext string) *Config {
+ c.kubeContext = kubeContext
+ return c
+}
+
+// WithKubeContext is used to get the kubeconfig context
+func (c *Config) KubeContext() string {
+ return c.kubeContext
+}
+
+func randNS() string {
+ return RandomName("testns-", 32)
+}
+
+// RandomName generates a random name of n length with the provided
+// prefix. If prefix is omitted, the then entire name is random char.
+func RandomName(prefix string, n int) string {
+ if n == 0 {
+ n = 32
+ }
+ if len(prefix) >= n {
+ return prefix
+ }
+ r := rand.New(rand.NewSource(time.Now().UnixNano()))
+ p := make([]byte, n)
+ r.Read(p)
+ if prefix == "" {
+ return hex.EncodeToString(p)[:n]
+ }
+ return fmt.Sprintf("%s-%s", prefix, hex.EncodeToString(p))[:n]
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/envconf/doc.go b/vendor/sigs.k8s.io/e2e-framework/pkg/envconf/doc.go
new file mode 100644
index 000000000..c5213ceff
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/envconf/doc.go
@@ -0,0 +1,18 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package envconf stores configuration for a test environment
+package envconf
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/kind_funcs.go b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/kind_funcs.go
new file mode 100644
index 000000000..66f621bb5
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/kind_funcs.go
@@ -0,0 +1,55 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package envfuncs
+
+import (
+ "context"
+
+ "sigs.k8s.io/e2e-framework/pkg/env"
+ "sigs.k8s.io/e2e-framework/support/kind"
+)
+
+// Deprecated: This handler has been deprecated in favor of GetClusterFromContext
+func GetKindClusterFromContext(ctx context.Context, clusterName string) (*kind.Cluster, bool) {
+ provider, ok := GetClusterFromContext(ctx, clusterName)
+ if ok {
+ return provider.(*kind.Cluster), ok
+ }
+ return nil, ok
+}
+
+// Deprecated: This handler has been deprecated in favor of CreateCluster which can now accept
+// support.ClusterProvider type as input in order to setup the cluster using right providers
+func CreateKindCluster(clusterName string) env.Func {
+ return CreateCluster(kind.NewProvider(), clusterName)
+}
+
+// Deprecated: This handler has been deprecated in favor of CreateClusterWithConfig which can now accept
+// support.ClusterProvider type as input in order to setup the cluster using right providers
+func CreateKindClusterWithConfig(clusterName, image, configFilePath string) env.Func {
+ return CreateClusterWithConfig(kind.NewProvider(), clusterName, configFilePath, kind.WithImage(image))
+}
+
+// Deprecated: This handler has been deprecated in favor of DestroyCluster
+func DestroyKindCluster(name string) env.Func {
+ return DestroyCluster(name)
+}
+
+// Deprecated: This handler has been deprecated in favor of ExportClusterLogs
+func ExportKindClusterLogs(name, dest string) env.Func {
+ return ExportClusterLogs(name, dest)
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/ns_funcs.go b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/ns_funcs.go
new file mode 100644
index 000000000..b4ed39c33
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/ns_funcs.go
@@ -0,0 +1,114 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package envfuncs
+
+import (
+ "context"
+ "fmt"
+
+ corev1 "k8s.io/api/core/v1"
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+ "sigs.k8s.io/e2e-framework/klient"
+ "sigs.k8s.io/e2e-framework/pkg/env"
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+)
+
+type NamespaceContextKey string
+
+type CreateNamespaceOpts func(klient.Client, *corev1.Namespace)
+
+// WithLabels provides an option to set custom labels on the namespace.
+func WithLabels(labels map[string]string) CreateNamespaceOpts {
+ return func(client klient.Client, ns *corev1.Namespace) {
+ client.Resources().Label(ns, labels)
+ }
+}
+
+// WithLabels provides an option to set custom annotations on the namespace.
+func WithAnnotations(annotations map[string]string) CreateNamespaceOpts {
+ return func(client klient.Client, ns *corev1.Namespace) {
+ client.Resources().Annotate(ns, annotations)
+ }
+}
+
+// CreateNamespace provides an Environment.Func that
+// creates a new namespace API object and stores it the context
+// using its name as key.
+//
+// NOTE: the returned environment function automatically updates
+// the env config, it receives, with the namespace to make it available
+// for subsequent call.
+func CreateNamespace(name string, opts ...CreateNamespaceOpts) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ namespace := corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: name}}
+ client, err := cfg.NewClient()
+ if err != nil {
+ return ctx, fmt.Errorf("create namespace func: %w", err)
+ }
+ for _, opt := range opts {
+ opt(client, &namespace)
+ }
+ if err := client.Resources().Create(ctx, &namespace); err != nil {
+ return ctx, fmt.Errorf("create namespace func: %w", err)
+ }
+ cfg.WithNamespace(name) // set env config default namespace
+ return context.WithValue(ctx, NamespaceContextKey(name), namespace), nil
+ }
+}
+
+// DeleteNamespace provides an Environment.Func that deletes the named
+// namespace. It first searches for the ns in its context, if not found then
+// attempt to retrieve it from the API server. Then deletes it.
+func DeleteNamespace(name string) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ var namespace *corev1.Namespace
+
+ // attempt to retrieve from context
+ nsVal := ctx.Value(NamespaceContextKey(name))
+ if nsVal != nil {
+ if ns, ok := nsVal.(corev1.Namespace); ok {
+ namespace = &ns
+ }
+ }
+
+ client, err := cfg.NewClient()
+ if err != nil {
+ return ctx, fmt.Errorf("delete namespace func: %w", err)
+ }
+
+ // if not in context, get from server
+ if namespace == nil {
+ var ns corev1.Namespace
+ if err := client.Resources().Get(ctx, name, name, &ns); err != nil {
+ return ctx, fmt.Errorf("delete namespace func: %w", err)
+ }
+ namespace = &ns
+ }
+
+ // if still nil, exit
+ if namespace == nil {
+ return ctx, fmt.Errorf("delete namespace func: namespace not found")
+ }
+
+ // remove namespace api object
+ if err := client.Resources().Delete(ctx, namespace); err != nil {
+ return ctx, fmt.Errorf("delete namespace func: %w", err)
+ }
+
+ return ctx, nil
+ }
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/provider_funcs.go b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/provider_funcs.go
new file mode 100644
index 000000000..4d2b6ac69
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/provider_funcs.go
@@ -0,0 +1,188 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package envfuncs
+
+import (
+ "context"
+ "fmt"
+
+ "sigs.k8s.io/e2e-framework/pkg/env"
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+ "sigs.k8s.io/e2e-framework/support"
+)
+
+type clusterNameContextKey string
+
+var LoadDockerImageToCluster = LoadImageToCluster
+
+// GetClusterFromContext helps extract the E2EClusterProvider object from the context.
+// This can be used to setup and run tests of multi cluster e2e Prioviders.
+func GetClusterFromContext(ctx context.Context, clusterName string) (support.E2EClusterProvider, bool) {
+ c := ctx.Value(clusterNameContextKey(clusterName))
+ if c == nil {
+ return nil, false
+ }
+ cluster, ok := c.(support.E2EClusterProvider)
+ return cluster, ok
+}
+
+// CreateCluster returns an env.Func that is used to
+// create an E2E provider cluster that is then injected in the context
+// using the name as a key.
+//
+// NOTE: the returned function will update its env config with the
+// kubeconfig file for the config client.
+func CreateCluster(p support.E2EClusterProvider, clusterName string) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ k := p.SetDefaults().WithName(clusterName)
+ kubecfg, err := k.Create(ctx)
+ if err != nil {
+ return ctx, err
+ }
+
+ // update envconfig with kubeconfig
+ cfg.WithKubeconfigFile(kubecfg)
+
+ // stall, wait for pods initializations
+ if err := k.WaitForControlPlane(ctx, cfg.Client()); err != nil {
+ return ctx, err
+ }
+
+ // store entire cluster value in ctx for future access using the cluster name
+ return context.WithValue(ctx, clusterNameContextKey(clusterName), k), nil
+ }
+}
+
+// CreateClusterWithConfig returns an env.Func that is used to
+// create a e2e provider cluster that is then injected in the context
+// using the name as a key.
+//
+// NOTE: the returned function will update its env config with the
+// kubeconfig file for the config client.
+func CreateClusterWithConfig(p support.E2EClusterProvider, clusterName, configFilePath string, opts ...support.ClusterOpts) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ k := p.SetDefaults().WithName(clusterName).WithOpts(opts...)
+ kubecfg, err := k.CreateWithConfig(ctx, configFilePath)
+ if err != nil {
+ return ctx, err
+ }
+
+ // update envconfig with kubeconfig
+ cfg.WithKubeconfigFile(kubecfg)
+
+ // stall, wait for pods initializations
+ if err := k.WaitForControlPlane(ctx, cfg.Client()); err != nil {
+ return ctx, err
+ }
+
+ // store entire cluster value in ctx for future access using the cluster name
+ return context.WithValue(ctx, clusterNameContextKey(clusterName), k), nil
+ }
+}
+
+// DestroyCluster returns an EnvFunc that
+// retrieves a previously saved e2e provider Cluster in the context (using the name), then deletes it.
+//
+// NOTE: this should be used in a Environment.Finish step.
+func DestroyCluster(name string) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ clusterVal := ctx.Value(clusterNameContextKey(name))
+ if clusterVal == nil {
+ return ctx, fmt.Errorf("destroy e2e provider cluster func: context cluster is nil")
+ }
+
+ cluster, ok := clusterVal.(support.E2EClusterProvider)
+ if !ok {
+ return ctx, fmt.Errorf("destroy e2e provider cluster func: unexpected type for cluster value")
+ }
+
+ if err := cluster.Destroy(ctx); err != nil {
+ return ctx, fmt.Errorf("destroy e2e provider cluster: %w", err)
+ }
+
+ return ctx, nil
+ }
+}
+
+// LoadImageToCluster returns an EnvFunc that
+// retrieves a previously saved e2e provider Cluster in the context (using the name), and then loads a container image
+// from the host into the cluster.
+func LoadImageToCluster(name, image string) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ clusterVal := ctx.Value(clusterNameContextKey(name))
+ if clusterVal == nil {
+ return ctx, fmt.Errorf("load image func: context cluster is nil")
+ }
+
+ cluster, ok := clusterVal.(support.E2EClusterProviderWithImageLoader)
+ if !ok {
+ return ctx, fmt.Errorf("load image archive func: cluster provider does not support LoadImage helper")
+ }
+
+ if err := cluster.LoadImage(ctx, image); err != nil {
+ return ctx, fmt.Errorf("load image: %w", err)
+ }
+
+ return ctx, nil
+ }
+}
+
+// LoadImageArchiveToCluster returns an EnvFunc that
+// retrieves a previously saved e2e provider Cluster in the context (using the name), and then loads a container image TAR archive
+// from the host into the cluster.
+func LoadImageArchiveToCluster(name, imageArchive string) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ clusterVal := ctx.Value(clusterNameContextKey(name))
+ if clusterVal == nil {
+ return ctx, fmt.Errorf("load image archive func: context cluster is nil")
+ }
+
+ cluster, ok := clusterVal.(support.E2EClusterProviderWithImageLoader)
+ if !ok {
+ return ctx, fmt.Errorf("load image archive func: cluster provider does not support LoadImageArchive helper")
+ }
+
+ if err := cluster.LoadImageArchive(ctx, imageArchive); err != nil {
+ return ctx, fmt.Errorf("load image archive: %w", err)
+ }
+
+ return ctx, nil
+ }
+}
+
+// ExportClusterLogs returns an EnvFunc that
+// retrieves a previously saved e2e provider Cluster in the context (using the name), and then export cluster logs
+// in the provided destination.
+func ExportClusterLogs(name, dest string) env.Func {
+ return func(ctx context.Context, cfg *envconf.Config) (context.Context, error) {
+ clusterVal := ctx.Value(clusterNameContextKey(name))
+ if clusterVal == nil {
+ return ctx, fmt.Errorf("export e2e provider cluster logs: context cluster is nil")
+ }
+
+ cluster, ok := clusterVal.(support.E2EClusterProvider)
+ if !ok {
+ return ctx, fmt.Errorf("export e2e provider cluster logs: unexpected type for cluster value")
+ }
+
+ if err := cluster.ExportLogs(ctx, dest); err != nil {
+ return ctx, fmt.Errorf("load image archive: %w", err)
+ }
+
+ return ctx, nil
+ }
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/resource_funcs.go b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/resource_funcs.go
new file mode 100644
index 000000000..54a5f565a
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/envfuncs/resource_funcs.go
@@ -0,0 +1,51 @@
+/*
+Copyright 2022 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package envfuncs
+
+import (
+ "context"
+
+ "sigs.k8s.io/e2e-framework/klient/decoder"
+ "sigs.k8s.io/e2e-framework/klient/k8s/resources"
+ "sigs.k8s.io/e2e-framework/pkg/env"
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+)
+
+// SetupCRDs is provided as a helper env.Func handler that can be used to setup the CRDs that are required
+// to process your controller code for testing. For additional control on resource creation handling, please
+// use the decoder.ApplyWithManifestDir directly with suitable arguments to customize the behavior
+func SetupCRDs(crdPath, pattern string) env.Func {
+ return func(ctx context.Context, c *envconf.Config) (context.Context, error) {
+ r, err := resources.New(c.Client().RESTConfig())
+ if err != nil {
+ return ctx, err
+ }
+ return ctx, decoder.ApplyWithManifestDir(ctx, r, crdPath, pattern, []resources.CreateOption{})
+ }
+}
+
+// TeardownCRDs is provided as a handler function that can be hooked into your test's teardown sequence to
+// make sure that you can cleanup the CRDs that were setup as part of the SetupCRDs hook
+func TeardownCRDs(crdPath, pattern string) env.Func {
+ return func(ctx context.Context, c *envconf.Config) (context.Context, error) {
+ r, err := resources.New(c.Client().RESTConfig())
+ if err != nil {
+ return ctx, err
+ }
+ return ctx, decoder.DeleteWithManifestDir(ctx, r, crdPath, pattern, []resources.DeleteOption{})
+ }
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/featuregate/featutegate.go b/vendor/sigs.k8s.io/e2e-framework/pkg/featuregate/featutegate.go
new file mode 100644
index 000000000..0c2bcfbb8
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/featuregate/featutegate.go
@@ -0,0 +1,43 @@
+/*
+Copyright 2024 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package featuregate
+
+import (
+ "k8s.io/component-base/featuregate"
+)
+
+var (
+ FeatureGate = featuregate.NewFeatureGate()
+
+ DefaultMutableFeatureGate featuregate.MutableFeatureGate = FeatureGate
+
+ DefaultFeatureGate featuregate.FeatureGate = DefaultMutableFeatureGate
+)
+
+const (
+ ReverseTestFinishExecutionOrder = featuregate.Feature("ReverseTestFinishExecutionOrder")
+)
+
+var defaultE2EFrakeworkFeatureGates = map[featuregate.Feature]featuregate.FeatureSpec{
+ ReverseTestFinishExecutionOrder: {Default: false, PreRelease: featuregate.Alpha},
+}
+
+func init() {
+ if err := DefaultMutableFeatureGate.Add(defaultE2EFrakeworkFeatureGates); err != nil {
+ panic(err)
+ }
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/features/builder.go b/vendor/sigs.k8s.io/e2e-framework/pkg/features/builder.go
new file mode 100644
index 000000000..f4b39a75c
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/features/builder.go
@@ -0,0 +1,90 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package features
+
+import (
+ "fmt"
+
+ "sigs.k8s.io/e2e-framework/pkg/types"
+)
+
+// FeatureBuilder represents is a type to define a
+// testable feature
+type FeatureBuilder struct {
+ feat *defaultFeature
+}
+
+func New(name string) *FeatureBuilder {
+ return &FeatureBuilder{feat: newDefaultFeature(name, "")}
+}
+
+func NewWithDescription(name, description string) *FeatureBuilder {
+ return &FeatureBuilder{feat: newDefaultFeature(name, description)}
+}
+
+// WithLabel adds a test label key/value pair
+func (b *FeatureBuilder) WithLabel(key, value string) *FeatureBuilder {
+ b.feat.labels[key] = append(b.feat.labels[key], value)
+ return b
+}
+
+// WithStep adds a new step that will be applied prior to feature test.
+func (b *FeatureBuilder) WithStep(name string, level Level, fn Func) *FeatureBuilder {
+ b.feat.steps = append(b.feat.steps, newStep(name, level, fn))
+ return b
+}
+
+func (b *FeatureBuilder) WithStepDescription(name, description string, level Level, fn Func) *FeatureBuilder {
+ b.feat.steps = append(b.feat.steps, newStepWithDescription(name, description, level, fn))
+ return b
+}
+
+// Setup adds a new setup step that will be applied prior to feature test.
+func (b *FeatureBuilder) Setup(fn Func) *FeatureBuilder {
+ return b.WithSetup(fmt.Sprintf("%s-setup", b.feat.name), fn)
+}
+
+// WithSetup adds a new setup step with a pre-defined setup name instead of automating
+// the setup name generation. This can make tests more readable.
+func (b *FeatureBuilder) WithSetup(name string, fn Func) *FeatureBuilder {
+ return b.WithStep(name, LevelSetup, fn)
+}
+
+// Teardown adds a new teardown step that will be applied after feature test.
+func (b *FeatureBuilder) Teardown(fn Func) *FeatureBuilder {
+ return b.WithTeardown(fmt.Sprintf("%s-teardown", b.feat.name), fn)
+}
+
+// WithTeardown adds a new teardown step with a pre-defined name instead of an
+// auto-generated one
+func (b *FeatureBuilder) WithTeardown(name string, fn Func) *FeatureBuilder {
+ return b.WithStep(name, LevelTeardown, fn)
+}
+
+// Assess adds an assessment step to the feature test.
+func (b *FeatureBuilder) Assess(desc string, fn Func) *FeatureBuilder {
+ return b.WithStep(desc, LevelAssess, fn)
+}
+
+func (b *FeatureBuilder) AssessWithDescription(name, description string, fn Func) *FeatureBuilder {
+ return b.WithStepDescription(name, description, LevelAssess, fn)
+}
+
+// Feature returns a feature configured by builder.
+func (b *FeatureBuilder) Feature() types.Feature {
+ return b.feat
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/features/doc.go b/vendor/sigs.k8s.io/e2e-framework/pkg/features/doc.go
new file mode 100644
index 000000000..f26ad60fc
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/features/doc.go
@@ -0,0 +1,19 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+// Package features hosts types that are used to define
+// a feature tests and other related types.
+package features
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/features/feature.go b/vendor/sigs.k8s.io/e2e-framework/pkg/features/feature.go
new file mode 100644
index 000000000..b7e2bfe8e
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/features/feature.go
@@ -0,0 +1,131 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package features
+
+import (
+ "regexp"
+
+ "sigs.k8s.io/e2e-framework/pkg/types"
+)
+
+type (
+ Labels = types.Labels
+ Feature = types.Feature
+ Step = types.Step
+ Func = types.StepFunc
+ Level = types.Level
+)
+
+const (
+ // LevelSetup when doing the setup phase
+ LevelSetup = types.LevelSetup
+ // LevelAssess when doing the assess phase
+ LevelAssess = types.LevelAssess
+ // LevelTeardown when doing the teardown phase
+ LevelTeardown = types.LevelTeardown
+)
+
+type defaultFeature struct {
+ name string
+ description string
+ labels types.Labels
+ steps []types.Step
+}
+
+func newDefaultFeature(name, description string) *defaultFeature {
+ return &defaultFeature{name: name, description: description, labels: make(types.Labels), steps: make([]types.Step, 0)}
+}
+
+func (f *defaultFeature) Name() string {
+ return f.name
+}
+
+func (f *defaultFeature) Labels() types.Labels {
+ return f.labels
+}
+
+func (f *defaultFeature) Steps() []types.Step {
+ return f.steps
+}
+
+func (f *defaultFeature) Description() string {
+ return f.description
+}
+
+type testStep struct {
+ name string
+ description string
+ level Level
+ fn Func
+}
+
+func newStep(name string, level Level, fn Func) *testStep {
+ return newStepWithDescription(name, "", level, fn)
+}
+
+func newStepWithDescription(name, description string, level Level, fn Func) *testStep {
+ return &testStep{
+ name: name,
+ description: description,
+ level: level,
+ fn: fn,
+ }
+}
+
+func (s *testStep) Name() string {
+ return s.name
+}
+
+func (s *testStep) Level() Level {
+ return s.level
+}
+
+func (s *testStep) Func() Func {
+ return s.fn
+}
+
+func (s *testStep) Description() string {
+ return s.description
+}
+
+func GetStepsByLevel(steps []types.Step, l types.Level) []types.Step {
+ if steps == nil {
+ return nil
+ }
+ var result []Step
+ for _, s := range steps {
+ if s.Level() == l {
+ result = append(result, s)
+ }
+ }
+
+ return result
+}
+
+func FilterStepsByName(steps []types.Step, regexName *regexp.Regexp) []types.Step {
+ if steps == nil {
+ return nil
+ }
+ var result []Step
+ for _, s := range steps {
+ if regexName.MatchString(s.Name()) {
+ result = append(result, s)
+ }
+ }
+
+ return result
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/features/table.go b/vendor/sigs.k8s.io/e2e-framework/pkg/features/table.go
new file mode 100644
index 000000000..9b2aa3eaf
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/features/table.go
@@ -0,0 +1,56 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package features
+
+import (
+ "fmt"
+)
+
+type TableRow struct {
+ Name string
+ Description string
+ Assessment Func
+}
+
+// Table provides a structure for table-driven tests.
+// Each entry in the table represents an executable assessment.
+type Table []TableRow
+
+// Build converts the defined test steps in the table
+// into a FeatureBuilder which can be used to add additional attributes
+// to the feature before it's exercised. Build takes an optional feature name
+// if omitted will be generated.
+func (table Table) Build(args ...string) *FeatureBuilder {
+ var name string
+ var description string
+ if len(args) > 0 {
+ name = args[0]
+ }
+ if len(args) > 1 {
+ description = args[1]
+ }
+ f := NewWithDescription(name, description)
+ for i, test := range table {
+ if test.Name == "" {
+ test.Name = fmt.Sprintf("Assessment-%d", i)
+ }
+ if test.Assessment != nil {
+ f.AssessWithDescription(test.Name, test.Description, test.Assessment)
+ }
+ }
+ return f
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/flags/flags.go b/vendor/sigs.k8s.io/e2e-framework/pkg/flags/flags.go
new file mode 100644
index 000000000..b6a9d62b5
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/flags/flags.go
@@ -0,0 +1,333 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package flags
+
+import (
+ "flag"
+ "fmt"
+ "os"
+ "strings"
+
+ klog "k8s.io/klog/v2"
+ "sigs.k8s.io/e2e-framework/pkg/featuregate"
+)
+
+const (
+ flagNamespaceName = "namespace"
+ flagKubecofigName = "kubeconfig"
+ flagFeatureName = "feature"
+ flagAssessName = "assess"
+ flagLabelsName = "labels"
+ flagSkipLabelName = "skip-labels"
+ flagSkipFeatureName = "skip-features"
+ flagSkipAssessmentName = "skip-assessment"
+ flagParallelTestsName = "parallel"
+ flagDryRunName = "dry-run"
+ flagFailFast = "fail-fast"
+ flagDisableGracefulTeardown = "disable-graceful-teardown"
+ flagContext = "context"
+)
+
+// Supported flag definitions
+var (
+ featureFlag = flag.Flag{
+ Name: flagFeatureName,
+ Usage: "Regular expression to select feature(s) to test",
+ }
+ assessFlag = flag.Flag{
+ Name: flagAssessName,
+ Usage: "Regular expression to select assessment(s) to run",
+ }
+ labelsFlag = flag.Flag{
+ Name: flagLabelsName,
+ Usage: "Comma-separated key=value to filter features by labels",
+ }
+ kubecfgFlag = flag.Flag{
+ Name: flagKubecofigName,
+ Usage: "Path to a cluster kubeconfig file (optional)",
+ }
+ kubeNSFlag = flag.Flag{
+ Name: flagNamespaceName,
+ Usage: "A namespace value to use for testing (optional)",
+ }
+ skipLabelsFlag = flag.Flag{
+ Name: flagSkipLabelName,
+ Usage: "Regular expression to skip label(s) to run",
+ }
+ skipFeatureFlag = flag.Flag{
+ Name: flagSkipFeatureName,
+ Usage: "Regular expression to skip feature(s) to run",
+ }
+ skipAssessmentFlag = flag.Flag{
+ Name: flagSkipAssessmentName,
+ Usage: "Regular expression to skip assessment(s) to run",
+ }
+ parallelTestsFlag = flag.Flag{
+ Name: flagParallelTestsName,
+ Usage: "Run test features in parallel",
+ }
+ dryRunFlag = flag.Flag{
+ Name: flagDryRunName,
+ Usage: "Run Test suite in dry-run mode. This will list the tests to be executed without actually running them",
+ }
+ failFastFlag = flag.Flag{
+ Name: flagFailFast,
+ Usage: "Fail immediately and stop running untested code",
+ }
+ disableGracefulTeardownFlag = flag.Flag{
+ Name: flagDisableGracefulTeardown,
+ Usage: "Ignore panic recovery while running tests. This will prevent test finish steps from getting executed on panic",
+ }
+ contextFlag = flag.Flag{
+ Name: flagContext,
+ Usage: "The name of the kubeconfig context to use",
+ }
+)
+
+// EnvFlags surfaces all resolved flag values for the testing framework
+type EnvFlags struct {
+ feature string
+ assess string
+ labels LabelsMap
+ kubeconfig string
+ namespace string
+ skiplabels LabelsMap
+ skipFeatures string
+ skipAssessments string
+ parallelTests bool
+ dryRun bool
+ failFast bool
+ disableGracefulTeardown bool
+ kubeContext string
+}
+
+// Feature returns value for `-feature` flag
+func (f *EnvFlags) Feature() string {
+ return f.feature
+}
+
+// Assessment returns value for `-assess` flag
+func (f *EnvFlags) Assessment() string {
+ return f.assess
+}
+
+// Labels returns a map of parsed key/value from `-labels` flag
+func (f *EnvFlags) Labels() LabelsMap {
+ return f.labels
+}
+
+// Namespace returns an optional namespace flag value
+func (f *EnvFlags) Namespace() string {
+ return f.namespace
+}
+
+// SkipFeatures is used to get a RegExp pattern that can be used
+// to skip test features from getting executed
+func (f *EnvFlags) SkipFeatures() string {
+ return f.skipFeatures
+}
+
+// SkipAssessment is used to track the RegExp pattern that can be
+// used to skip certain assessments of the current feature being
+// executed
+func (f *EnvFlags) SkipAssessment() string {
+ return f.skipAssessments
+}
+
+// SkipLabels is used to define a series of labels that can be used
+// to skip test cases during execution
+func (f *EnvFlags) SkipLabels() LabelsMap {
+ return f.skiplabels
+}
+
+// Kubeconfig returns an optional path for kubeconfig file
+func (f *EnvFlags) Kubeconfig() string {
+ return f.kubeconfig
+}
+
+// Parallel is used to indicate if the test features should be run in parallel
+// under a go-routine
+func (f *EnvFlags) Parallel() bool {
+ return f.parallelTests
+}
+
+func (f *EnvFlags) DryRun() bool {
+ return f.dryRun
+}
+
+// FailFast is used to indicate if the failure of an assessment should continue
+// assessing the rest of the features or skip it and continue to the next one.
+// This is set to false by default.
+func (f *EnvFlags) FailFast() bool {
+ return f.failFast
+}
+
+// DisableGracefulTeardown is used to indicate that the panic handlers should not be registered while
+// starting the test execution. This will prevent the test Finish steps from getting executed
+func (f *EnvFlags) DisableGracefulTeardown() bool {
+ return f.disableGracefulTeardown
+}
+
+// Parse parses defined CLI args os.Args[1:]
+func Parse() (*EnvFlags, error) {
+ return ParseArgs(os.Args[1:])
+}
+
+// Context returns an optional kubeconfig context to use
+func (f *EnvFlags) KubeContext() string {
+ return f.kubeContext
+}
+
+// ParseArgs parses the specified args from global flag.CommandLine
+// and returns a set of environment flag values.
+func ParseArgs(args []string) (*EnvFlags, error) {
+ var (
+ feature string
+ assess string
+ namespace string
+ kubeconfig string
+ skipFeature string
+ skipAssessment string
+ parallelTests bool
+ dryRun bool
+ failFast bool
+ disableGracefulTeardown bool
+ kubeContext string
+ )
+
+ labels := make(LabelsMap)
+ skipLabels := make(LabelsMap)
+
+ if flag.Lookup(featureFlag.Name) == nil {
+ flag.StringVar(&feature, featureFlag.Name, featureFlag.DefValue, featureFlag.Usage)
+ }
+
+ if flag.Lookup(assessFlag.Name) == nil {
+ flag.StringVar(&assess, assessFlag.Name, assessFlag.DefValue, assessFlag.Usage)
+ }
+
+ if flag.Lookup(kubecfgFlag.Name) == nil {
+ flag.StringVar(&kubeconfig, kubecfgFlag.Name, kubecfgFlag.DefValue, kubecfgFlag.Usage)
+ }
+
+ if flag.Lookup(kubeNSFlag.Name) == nil {
+ flag.StringVar(&namespace, kubeNSFlag.Name, kubeNSFlag.DefValue, kubeNSFlag.Usage)
+ }
+
+ if flag.Lookup(labelsFlag.Name) == nil {
+ flag.Var(&labels, labelsFlag.Name, labelsFlag.Usage)
+ }
+
+ if flag.Lookup(skipLabelsFlag.Name) == nil {
+ flag.Var(&skipLabels, skipLabelsFlag.Name, skipLabelsFlag.Usage)
+ }
+
+ if flag.Lookup(skipAssessmentFlag.Name) == nil {
+ flag.StringVar(&skipAssessment, skipAssessmentFlag.Name, skipAssessmentFlag.DefValue, skipAssessmentFlag.Usage)
+ }
+
+ if flag.Lookup(skipFeatureFlag.Name) == nil {
+ flag.StringVar(&skipFeature, skipFeatureFlag.Name, skipFeatureFlag.DefValue, skipFeatureFlag.Usage)
+ }
+
+ if flag.Lookup(parallelTestsFlag.Name) == nil {
+ flag.BoolVar(¶llelTests, parallelTestsFlag.Name, false, parallelTestsFlag.Usage)
+ }
+
+ if flag.Lookup(dryRunFlag.Name) == nil {
+ flag.BoolVar(&dryRun, dryRunFlag.Name, false, dryRunFlag.Usage)
+ }
+
+ if flag.Lookup(failFastFlag.Name) == nil {
+ flag.BoolVar(&failFast, failFastFlag.Name, false, failFastFlag.Usage)
+ }
+
+ if flag.Lookup(disableGracefulTeardownFlag.Name) == nil {
+ flag.BoolVar(&disableGracefulTeardown, disableGracefulTeardownFlag.Name, false, disableGracefulTeardownFlag.Usage)
+ }
+
+ if flag.Lookup(contextFlag.Name) == nil {
+ flag.StringVar(&kubeContext, contextFlag.Name, contextFlag.DefValue, contextFlag.Usage)
+ }
+
+ flag.Var(featuregate.FeatureGate, "feature-gates", "A set of key=value pairs that describe feature gates for alpha/experimental features. Options are: \n"+strings.Join(featuregate.FeatureGate.KnownFeatures(), "\n"))
+
+ // Enable klog/v2 flag integration
+ klog.InitFlags(nil)
+
+ if err := flag.CommandLine.Parse(args); err != nil {
+ return nil, fmt.Errorf("flags parsing: %w", err)
+ }
+
+ // Hook into the default test.list of the `go test` and integrate that with the `--dry-run` behavior. Treat them the same way
+ if !dryRun && flag.Lookup("test.list") != nil && flag.Lookup("test.list").Value.String() == "true" {
+ klog.V(2).Info("Enabling dry-run mode as the tests were invoked in list mode")
+ dryRun = true
+ }
+
+ if failFast && parallelTests {
+ panic(fmt.Errorf("--fail-fast and --parallel are mutually exclusive options"))
+ }
+
+ return &EnvFlags{
+ feature: feature,
+ assess: assess,
+ labels: labels,
+ namespace: namespace,
+ kubeconfig: kubeconfig,
+ skiplabels: skipLabels,
+ skipFeatures: skipFeature,
+ skipAssessments: skipAssessment,
+ parallelTests: parallelTests,
+ dryRun: dryRun,
+ failFast: failFast,
+ disableGracefulTeardown: disableGracefulTeardown,
+ kubeContext: kubeContext,
+ }, nil
+}
+
+type LabelsMap map[string][]string
+
+func (m LabelsMap) String() string {
+ i := map[string][]string(m)
+ return fmt.Sprint(i)
+}
+
+func (m LabelsMap) Set(val string) error {
+ // label: []string{"key=value",...}
+ for _, label := range strings.Split(val, ",") {
+ // split into k,v
+ kv := strings.Split(label, "=")
+ if len(kv) != 2 {
+ return fmt.Errorf("label format error: %s", label)
+ }
+ k := strings.TrimSpace(kv[0])
+ v := strings.TrimSpace(kv[1])
+ m[k] = append(m[k], v)
+ }
+
+ return nil
+}
+
+func (m LabelsMap) Contains(key, val string) bool {
+ for _, v := range m[key] {
+ if val == v {
+ return true
+ }
+ }
+ return false
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/pkg/types/types.go b/vendor/sigs.k8s.io/e2e-framework/pkg/types/types.go
new file mode 100644
index 000000000..f0f710c80
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/pkg/types/types.go
@@ -0,0 +1,137 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package types
+
+import (
+ "context"
+ "testing"
+
+ "sigs.k8s.io/e2e-framework/pkg/envconf"
+ "sigs.k8s.io/e2e-framework/pkg/flags"
+)
+
+// EnvFunc represents a user-defined operation that
+// can be used to customize the behavior of the
+// environment. Changes to context are expected to surface
+// to caller.
+type EnvFunc func(context.Context, *envconf.Config) (context.Context, error)
+
+// FeatureEnvFunc represents a user-defined operation that
+// can be used to customize the behavior of the
+// environment. Changes to context are expected to surface
+// to caller. Meant for use with before/after feature hooks.
+// *testing.T is provided in order to provide pass/fail context to
+// features.
+type FeatureEnvFunc func(context.Context, *envconf.Config, *testing.T, Feature) (context.Context, error)
+
+// TestEnvFunc represents a user-defined operation that
+// can be used to customize the behavior of the
+// environment. Changes to context are expected to surface
+// to caller. Meant for use with before/after test hooks.
+type TestEnvFunc func(context.Context, *envconf.Config, *testing.T) (context.Context, error)
+
+// Environment represents an environment where
+// features can be tested.
+type Environment interface {
+ // WithContext returns a new Environment with a new context
+ WithContext(context.Context) Environment
+
+ // Setup registers environment operations that are executed once
+ // prior to the environment being ready and prior to any test.
+ Setup(...EnvFunc) Environment
+
+ // BeforeEachTest registers environment funcs that are executed
+ // before each Env.Test(...)
+ BeforeEachTest(...TestEnvFunc) Environment
+
+ // BeforeEachFeature registers step functions that are executed
+ // before each Feature is tested during env.Test call.
+ BeforeEachFeature(...FeatureEnvFunc) Environment
+
+ // AfterEachFeature registers step functions that are executed
+ // after each feature is tested during an env.Test call.
+ AfterEachFeature(...FeatureEnvFunc) Environment
+
+ // Test executes a test feature defined in a TestXXX function
+ // This method surfaces context for further updates.
+ Test(*testing.T, ...Feature) context.Context
+
+ // TestInParallel executes a series of test features defined in a
+ // TestXXX function in parallel. This works the same way Test method
+ // does with the caveat that the features will all be run in parallel
+ TestInParallel(*testing.T, ...Feature) context.Context
+
+ // AfterEachTest registers environment funcs that are executed
+ // after each Env.Test(...).
+ AfterEachTest(...TestEnvFunc) Environment
+
+ // Finish registers funcs that are executed at the end of the
+ // test suite.
+ Finish(...EnvFunc) Environment
+
+ // Run Launches the test suite from within a TestMain
+ Run(*testing.M) int
+}
+
+type Labels = flags.LabelsMap
+
+type Feature interface {
+ // Name is a descriptive text for the feature
+ Name() string
+ // Labels returns a map of feature labels
+ Labels() Labels
+ // Steps testing tasks to test the feature
+ Steps() []Step
+}
+
+type Level uint8
+
+const (
+ // LevelSetup when doing the setup phase
+ LevelSetup Level = iota
+ // LevelAssess when doing the assess phase
+ LevelAssess
+ // LevelTeardown when doing the teardown phase
+ LevelTeardown
+)
+
+type StepFunc func(context.Context, *testing.T, *envconf.Config) context.Context
+
+type Step interface {
+ // Name is the step name
+ Name() string
+ // Level action level {setup|requirement|assertion|teardown}
+ Level() Level
+ // Func is the operation for the step
+ Func() StepFunc
+}
+
+type DescribableStep interface {
+ Step
+ // Description is the Readable test description indicating the purpose behind the test that
+ // can add more context to the test under question
+ Description() string
+}
+
+type DescribableFeature interface {
+ Feature
+
+ // Description is used to provide a readable context for the test feature. This can be used
+ // to provide more context for the test being performed and the assessment under each of the
+ // feature.
+ Description() string
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/support/kind/kind.go b/vendor/sigs.k8s.io/e2e-framework/support/kind/kind.go
new file mode 100644
index 000000000..4ca3d2a1f
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/support/kind/kind.go
@@ -0,0 +1,309 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package kind
+
+import (
+ "bytes"
+ "context"
+ "fmt"
+ "io"
+ "os"
+ "strings"
+
+ v1 "k8s.io/api/core/v1"
+ "k8s.io/client-go/rest"
+ log "k8s.io/klog/v2"
+ "sigs.k8s.io/e2e-framework/klient"
+ "sigs.k8s.io/e2e-framework/klient/conf"
+ "sigs.k8s.io/e2e-framework/klient/k8s/resources"
+ "sigs.k8s.io/e2e-framework/klient/wait"
+ "sigs.k8s.io/e2e-framework/klient/wait/conditions"
+ "sigs.k8s.io/e2e-framework/support"
+ "sigs.k8s.io/e2e-framework/support/utils"
+
+ metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+var kindVersion = "v0.17.0"
+
+type Cluster struct {
+ path string
+ name string
+ kubecfgFile string
+ version string
+ image string
+ rc *rest.Config
+}
+
+// Enforce Type check always to avoid future breaks
+var _ support.E2EClusterProvider = &Cluster{}
+
+func NewCluster(name string) *Cluster {
+ return &Cluster{name: name}
+}
+
+func NewProvider() support.E2EClusterProvider {
+ return &Cluster{}
+}
+
+func WithImage(image string) support.ClusterOpts {
+ return func(c support.E2EClusterProvider) {
+ k, ok := c.(*Cluster)
+ if ok {
+ k.image = image
+ }
+ }
+}
+
+func WithPath(path string) support.ClusterOpts {
+ return func(c support.E2EClusterProvider) {
+ k, ok := c.(*Cluster)
+ if ok {
+ k.path = path
+ }
+ }
+}
+
+func (k *Cluster) SetDefaults() support.E2EClusterProvider {
+ if k.path == "" {
+ k.path = "kind"
+ }
+ return k
+}
+
+func (k *Cluster) WithName(name string) support.E2EClusterProvider {
+ k.name = name
+ return k
+}
+
+func (k *Cluster) WithPath(path string) support.E2EClusterProvider {
+ k.path = path
+ return k
+}
+
+func (k *Cluster) WithVersion(ver string) support.E2EClusterProvider {
+ k.version = ver
+ return k
+}
+
+func (k *Cluster) WithOpts(opts ...support.ClusterOpts) support.E2EClusterProvider {
+ for _, o := range opts {
+ o(k)
+ }
+ return k
+}
+
+func (k *Cluster) getKubeconfig() (string, error) {
+ kubecfg := fmt.Sprintf("%s-kubecfg", k.name)
+
+ var stdout, stderr bytes.Buffer
+ err := utils.RunCommandWithSeperatedOutput(fmt.Sprintf(`%s get kubeconfig --name %s`, k.path, k.name), &stdout, &stderr)
+ if err != nil {
+ return "", fmt.Errorf("kind get kubeconfig: stderr: %s: %w", stderr.String(), err)
+ }
+ log.V(4).Info("kind get kubeconfig stderr \n", stderr.String())
+
+ file, err := os.CreateTemp("", fmt.Sprintf("kind-cluster-%s", kubecfg))
+ if err != nil {
+ return "", fmt.Errorf("kind kubeconfig file: %w", err)
+ }
+ defer file.Close()
+
+ k.kubecfgFile = file.Name()
+
+ if n, err := io.WriteString(file, stdout.String()); n == 0 || err != nil {
+ return "", fmt.Errorf("kind kubecfg file: bytes copied: %d: %w]", n, err)
+ }
+
+ return file.Name(), nil
+}
+
+func (k *Cluster) clusterExists(name string) (string, bool) {
+ clusters := utils.FetchCommandOutput(fmt.Sprintf("%s get clusters", k.path))
+ for _, c := range strings.Split(clusters, "\n") {
+ if c == name {
+ return clusters, true
+ }
+ }
+ return clusters, false
+}
+
+func (k *Cluster) CreateWithConfig(ctx context.Context, kindConfigFile string) (string, error) {
+ var args []string
+ if kindConfigFile != "" {
+ args = append(args, "--config", kindConfigFile)
+ }
+ return k.Create(ctx, args...)
+}
+
+func (k *Cluster) Create(ctx context.Context, args ...string) (string, error) {
+ log.V(4).Info("Creating kind cluster ", k.name)
+ if err := k.findOrInstallKind(); err != nil {
+ return "", err
+ }
+
+ if _, ok := k.clusterExists(k.name); ok {
+ log.V(4).Info("Skipping Kind Cluster.Create: cluster already created: ", k.name)
+ kConfig, err := k.getKubeconfig()
+ if err != nil {
+ return "", err
+ }
+ return kConfig, k.initKubernetesAccessClients()
+ }
+
+ if k.image != "" {
+ args = append(args, "--image", k.image)
+ }
+
+ command := fmt.Sprintf(`%s create cluster --name %s`, k.path, k.name)
+ if len(args) > 0 {
+ command = fmt.Sprintf("%s %s", command, strings.Join(args, " "))
+ }
+ log.V(4).Info("Launching:", command)
+ p := utils.RunCommand(command)
+ if p.Err() != nil {
+ outBytes, err := io.ReadAll(p.Out())
+ if err != nil {
+ log.ErrorS(err, "failed to read data from the kind create process output due to an error")
+ }
+ return "", fmt.Errorf("kind: failed to create cluster %q: %s: %s: %s", k.name, p.Err(), p.Result(), string(outBytes))
+ }
+ clusters, ok := k.clusterExists(k.name)
+ if !ok {
+ return "", fmt.Errorf("kind Cluster.Create: cluster %v still not in 'cluster list' after creation: %v", k.name, clusters)
+ }
+ log.V(4).Info("kind clusters available: ", clusters)
+
+ kConfig, err := k.getKubeconfig()
+ if err != nil {
+ return "", err
+ }
+ return kConfig, k.initKubernetesAccessClients()
+}
+
+func (k *Cluster) initKubernetesAccessClients() error {
+ cfg, err := conf.New(k.kubecfgFile)
+ if err != nil {
+ return err
+ }
+ k.rc = cfg
+ return nil
+}
+
+func (k *Cluster) GetKubeconfig() string {
+ return k.kubecfgFile
+}
+
+func (k *Cluster) GetKubectlContext() string {
+ return fmt.Sprintf("kind-%s", k.name)
+}
+
+// ExportLogs export all cluster logs to the provided path.
+func (k *Cluster) ExportLogs(ctx context.Context, dest string) error {
+ log.V(4).Info("Exporting kind cluster logs to ", dest)
+ if err := k.findOrInstallKind(); err != nil {
+ return err
+ }
+
+ p := utils.RunCommand(fmt.Sprintf(`%s export logs %s --name %s`, k.path, dest, k.name))
+ if p.Err() != nil {
+ return fmt.Errorf("kind: export cluster %v logs failed: %s: %s", k.name, p.Err(), p.Result())
+ }
+
+ return nil
+}
+
+func (k *Cluster) Destroy(ctx context.Context) error {
+ log.V(4).Info("Destroying kind cluster ", k.name)
+ if err := k.findOrInstallKind(); err != nil {
+ return err
+ }
+
+ p := utils.RunCommand(fmt.Sprintf(`%s delete cluster --name %s`, k.path, k.name))
+ if p.Err() != nil {
+ outBytes, err := io.ReadAll(p.Out())
+ if err != nil {
+ log.ErrorS(err, "failed to read data from the kind delete process output due to an error")
+ }
+ return fmt.Errorf("kind: failed to delete cluster %q: %s: %s: %s", k.name, p.Err(), p.Result(), string(outBytes))
+ }
+
+ log.V(4).Info("Removing kubeconfig file ", k.kubecfgFile)
+ if err := os.RemoveAll(k.kubecfgFile); err != nil {
+ return fmt.Errorf("kind: remove kubefconfig %v failed: %w", k.kubecfgFile, err)
+ }
+
+ return nil
+}
+
+func (k *Cluster) findOrInstallKind() error {
+ if k.version != "" {
+ kindVersion = k.version
+ }
+ path, err := utils.FindOrInstallGoBasedProvider(k.path, "kind", "sigs.k8s.io/kind", kindVersion)
+ if path != "" {
+ k.path = path
+ }
+ return err
+}
+
+func (k *Cluster) LoadImage(ctx context.Context, image string) error {
+ p := utils.RunCommand(fmt.Sprintf(`%s load docker-image --name %s %s`, k.path, k.name, image))
+ if p.Err() != nil {
+ return fmt.Errorf("kind: load docker-image %v failed: %s: %s", image, p.Err(), p.Result())
+ }
+ return nil
+}
+
+func (k *Cluster) LoadImageArchive(ctx context.Context, imageArchive string) error {
+ p := utils.RunCommand(fmt.Sprintf(`%s load image-archive --name %s %s`, k.path, k.name, imageArchive))
+ if p.Err() != nil {
+ return fmt.Errorf("kind: load image-archive %v failed: %s: %s", imageArchive, p.Err(), p.Result())
+ }
+ return nil
+}
+
+func (k *Cluster) WaitForControlPlane(ctx context.Context, client klient.Client) error {
+ r, err := resources.New(client.RESTConfig())
+ if err != nil {
+ return err
+ }
+ for _, sl := range []metav1.LabelSelectorRequirement{
+ {Key: "component", Operator: metav1.LabelSelectorOpIn, Values: []string{"etcd", "kube-apiserver", "kube-controller-manager", "kube-scheduler"}},
+ {Key: "k8s-app", Operator: metav1.LabelSelectorOpIn, Values: []string{"kindnet", "kube-dns", "kube-proxy"}},
+ } {
+ selector, err := metav1.LabelSelectorAsSelector(
+ &metav1.LabelSelector{
+ MatchExpressions: []metav1.LabelSelectorRequirement{
+ sl,
+ },
+ },
+ )
+ if err != nil {
+ return err
+ }
+ err = wait.For(conditions.New(r).ResourceListN(&v1.PodList{}, len(sl.Values), resources.WithLabelSelector(selector.String())))
+ if err != nil {
+ return err
+ }
+ }
+ return nil
+}
+
+func (k *Cluster) KubernetesRestConfig() *rest.Config {
+ return k.rc
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/support/types.go b/vendor/sigs.k8s.io/e2e-framework/support/types.go
new file mode 100644
index 000000000..25fcae263
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/support/types.go
@@ -0,0 +1,105 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package support
+
+import (
+ "context"
+
+ "k8s.io/client-go/rest"
+ "sigs.k8s.io/e2e-framework/klient"
+)
+
+type ClusterOpts func(c E2EClusterProvider)
+
+type E2EClusterProvider interface {
+ // WithName is used to configure the cluster Name that should be used while setting up the cluster. Might
+ // Not apply for all providers.
+ WithName(name string) E2EClusterProvider
+
+ // WithVersion helps you override the default version used while using the cluster provider.
+ // This can be useful in providing a mechanism to the end users where they want to test their
+ // code against a certain specific version of k8s that is not the default one configured
+ // for the provider
+ WithVersion(version string) E2EClusterProvider
+
+ // WithPath heps you customize the executable binary that is used to back the cluster provider.
+ // This is useful in cases where your binary is present in a non standard location output of the
+ // PATH variable and you want to use that instead of framework trying to install one on it's own.
+ WithPath(path string) E2EClusterProvider
+
+ // WithOpts provides a way to customize the options that can be used while setting up the
+ // cluster using the providers such as kind or kwok or anything else. These helpers can be
+ // leveraged to setup arguments or configuration values that can be provided while performing
+ // the cluster bring up
+ WithOpts(opts ...ClusterOpts) E2EClusterProvider
+
+ // Create Provides an interface to start the cluster creation workflow using the selected provider
+ Create(ctx context.Context, args ...string) (string, error)
+
+ // CreateWithConfig is used to provide a mechanism where cluster providers that take an input config
+ // file and then setup the cluster accordingly. This can be used to provide input such as kind config
+ CreateWithConfig(ctx context.Context, configFile string) (string, error)
+
+ // GetKubeconfig provides a way to extract the kubeconfig file associated with the cluster in question
+ // using the cluster provider native way
+ GetKubeconfig() string
+
+ // GetKubectlContext is used to extract the kubectl context to be used while performing the operation
+ GetKubectlContext() string
+
+ // ExportLogs is used to export the cluster logs via the cluster provider native workflow. This
+ // can be used to export logs from the cluster after test failures for example to analyze the test
+ // failures better after the fact.
+ ExportLogs(ctx context.Context, dest string) error
+
+ // Destroy is used to cleanup a cluster brought up as part of the test workflow
+ Destroy(ctx context.Context) error
+
+ // SetDefaults is a handler function invoked after creating an object of type E2EClusterProvider. This method is
+ // invoked as the first step after creating an object in order to make sure the default values for required
+ // attributes are setup accordingly if any.
+ SetDefaults() E2EClusterProvider
+
+ // WaitForControlPlane is a helper function that can be used to indiate the Provider based cluster create workflow
+ // that the control plane is fully up and running. This method is invoked after the Create/CreateWithConfig handlers
+ // and is expected to return an error if the control plane doesn't stabilize. If the provider being implemented
+ // does not have a clear mechanism to identify the Control plane readiness or is not required to wait for the control
+ // plane to be ready, such providers can simply add a no-op workflow for this function call.
+ // Returning an error message from this handler will stop the workflow of e2e-framework as returning an error from this
+ // is considered as failure to provision a cluster
+ WaitForControlPlane(ctx context.Context, client klient.Client) error
+
+ // KubernetesRestConfig is a helper function that provides an instance of rest.Config which can then be used to
+ // create your own clients if you chose to do so.
+ KubernetesRestConfig() *rest.Config
+}
+
+type E2EClusterProviderWithImageLoader interface {
+ E2EClusterProvider
+
+ // LoadImage is used to load a set of Docker images to the cluster via the cluster provider native workflow
+ // Not every provider will have a mechanism like this/need to do this. So, providers that do not have this support
+ // can just provide a no-op implementation to be compliant with the interface
+ LoadImage(ctx context.Context, image string) error
+
+ // LoadImageArchive is used to provide a mechanism where a tar.gz archive containing the docker images used
+ // by the services running on the cluster can be imported and loaded into the cluster prior to the execution of
+ // test if required.
+ // Not every provider will have a mechanism like this/need to do this. So, providers that do not have this support
+ // can just provide a no-op implementation to be compliant with the interface
+ LoadImageArchive(ctx context.Context, archivePath string) error
+}
diff --git a/vendor/sigs.k8s.io/e2e-framework/support/utils/command.go b/vendor/sigs.k8s.io/e2e-framework/support/utils/command.go
new file mode 100644
index 000000000..f23aabebf
--- /dev/null
+++ b/vendor/sigs.k8s.io/e2e-framework/support/utils/command.go
@@ -0,0 +1,98 @@
+/*
+Copyright 2023 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package utils
+
+import (
+ "fmt"
+ "io"
+
+ "github.com/vladimirvivien/gexe"
+ "github.com/vladimirvivien/gexe/exec"
+ log "k8s.io/klog/v2"
+)
+
+var commandRunner = gexe.New()
+
+// FindOrInstallGoBasedProvider check if the provider specified by the pPath executable exists or not.
+// If it exists, it returns the path with no error and if not, it uses the `go install` capabilities to
+// install the provider and setup the required binaries to perform the tests. In case if the install
+// is done by this helper, it will return the value for installed binary as provider which can then
+// be set in the in the invoker to make sure the right path is used for the binaries while invoking
+// rest of the workfow after this helper is triggered.
+func FindOrInstallGoBasedProvider(pPath, provider, module, version string) (string, error) {
+ if commandRunner.Prog().Avail(pPath) != "" {
+ log.V(4).InfoS("Found Provider tooling already installed on the machine", "command", pPath)
+ return pPath, nil
+ }
+
+ installCommand := fmt.Sprintf("go install %s@%s", module, version)
+ log.V(4).InfoS("Installing provider tooling using go install", "command", installCommand)
+ p := commandRunner.RunProc(installCommand)
+ if p.Err() != nil {
+ return "", fmt.Errorf("failed to install %s: %s", pPath, p.Err())
+ }
+
+ if !p.IsSuccess() || p.ExitCode() != 0 {
+ return "", fmt.Errorf("failed to install %s: %s", pPath, p.Result())
+ }
+
+ if providerPath := commandRunner.Prog().Avail(provider); providerPath != "" {
+ log.V(4).Infof("Installed %s at %s", pPath, providerPath)
+ return provider, nil
+ }
+
+ p = commandRunner.RunProc("ls $GOPATH/bin")
+ if p.Err() != nil {
+ return "", fmt.Errorf("failed to install %s: %s", pPath, p.Err())
+ }
+
+ p = commandRunner.RunProc("echo $PATH:$GOPATH/bin")
+ if p.Err() != nil {
+ return "", fmt.Errorf("failed to install %s: %s", pPath, p.Err())
+ }
+
+ log.V(4).Info(`Setting path to include $GOPATH/bin:`, p.Result())
+ commandRunner.SetEnv("PATH", p.Result())
+
+ if providerPath := commandRunner.Prog().Avail(provider); providerPath != "" {
+ log.V(4).Infof("Installed %s at %s", pPath, providerPath)
+ return provider, nil
+ }
+
+ return "", fmt.Errorf("%s not available even after installation", provider)
+}
+
+// RunCommand run command and returns an *exec.Proc with information about the executed process.
+func RunCommand(command string) *exec.Proc {
+ return commandRunner.RunProc(command)
+}
+
+// RunCommandWithSeperatedOutput run command and returns the results to the provided
+// stdout and stderr io.Writer.
+func RunCommandWithSeperatedOutput(command string, stdout, stderr io.Writer) error {
+ p := commandRunner.NewProc(command)
+ p.SetStdout(stdout)
+ p.SetStderr(stderr)
+ result := p.Run()
+
+ return result.Err()
+}
+
+// FetchCommandOutput run command and returns the combined stderr and stdout output.
+func FetchCommandOutput(command string) string {
+ return commandRunner.Run(command)
+}
diff --git a/vendor/sigs.k8s.io/yaml/LICENSE b/vendor/sigs.k8s.io/yaml/LICENSE
index 7805d36de..093d6d3ed 100644
--- a/vendor/sigs.k8s.io/yaml/LICENSE
+++ b/vendor/sigs.k8s.io/yaml/LICENSE
@@ -48,3 +48,259 @@ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# The forked go-yaml.v3 library under this project is covered by two
+different licenses (MIT and Apache):
+
+#### MIT License ####
+
+The following files were ported to Go from C files of libyaml, and thus
+are still covered by their original MIT license, with the additional
+copyright staring in 2011 when the project was ported over:
+
+ apic.go emitterc.go parserc.go readerc.go scannerc.go
+ writerc.go yamlh.go yamlprivateh.go
+
+Copyright (c) 2006-2010 Kirill Simonov
+Copyright (c) 2006-2011 Kirill Simonov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+### Apache License ###
+
+All the remaining project files are covered by the Apache license:
+
+Copyright (c) 2011-2019 Canonical Ltd
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+# The forked go-yaml.v2 library under the project is covered by an
+Apache license:
+
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "{}"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright {yyyy} {name of copyright owner}
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/vendor/sigs.k8s.io/yaml/OWNERS b/vendor/sigs.k8s.io/yaml/OWNERS
index 325b40b07..003a149e1 100644
--- a/vendor/sigs.k8s.io/yaml/OWNERS
+++ b/vendor/sigs.k8s.io/yaml/OWNERS
@@ -2,26 +2,22 @@
approvers:
- dims
-- lavalamp
+- jpbetz
- smarterclayton
- deads2k
- sttts
- liggitt
-- caesarxuchao
reviewers:
- dims
- thockin
-- lavalamp
+- jpbetz
- smarterclayton
- wojtek-t
- deads2k
- derekwaynecarr
-- caesarxuchao
- mikedanese
- liggitt
-- gmarek
- sttts
-- ncdc
- tallclair
labels:
- sig/api-machinery
diff --git a/vendor/sigs.k8s.io/yaml/fields.go b/vendor/sigs.k8s.io/yaml/fields.go
index 235b7f2cf..0ea28bd03 100644
--- a/vendor/sigs.k8s.io/yaml/fields.go
+++ b/vendor/sigs.k8s.io/yaml/fields.go
@@ -16,53 +16,53 @@ import (
"unicode/utf8"
)
-// indirect walks down v allocating pointers as needed,
+// indirect walks down 'value' allocating pointers as needed,
// until it gets to a non-pointer.
// if it encounters an Unmarshaler, indirect stops and returns that.
// if decodingNull is true, indirect stops at the last pointer so it can be set to nil.
-func indirect(v reflect.Value, decodingNull bool) (json.Unmarshaler, encoding.TextUnmarshaler, reflect.Value) {
- // If v is a named type and is addressable,
+func indirect(value reflect.Value, decodingNull bool) (json.Unmarshaler, encoding.TextUnmarshaler, reflect.Value) {
+ // If 'value' is a named type and is addressable,
// start with its address, so that if the type has pointer methods,
// we find them.
- if v.Kind() != reflect.Ptr && v.Type().Name() != "" && v.CanAddr() {
- v = v.Addr()
+ if value.Kind() != reflect.Ptr && value.Type().Name() != "" && value.CanAddr() {
+ value = value.Addr()
}
for {
// Load value from interface, but only if the result will be
// usefully addressable.
- if v.Kind() == reflect.Interface && !v.IsNil() {
- e := v.Elem()
- if e.Kind() == reflect.Ptr && !e.IsNil() && (!decodingNull || e.Elem().Kind() == reflect.Ptr) {
- v = e
+ if value.Kind() == reflect.Interface && !value.IsNil() {
+ element := value.Elem()
+ if element.Kind() == reflect.Ptr && !element.IsNil() && (!decodingNull || element.Elem().Kind() == reflect.Ptr) {
+ value = element
continue
}
}
- if v.Kind() != reflect.Ptr {
+ if value.Kind() != reflect.Ptr {
break
}
- if v.Elem().Kind() != reflect.Ptr && decodingNull && v.CanSet() {
+ if value.Elem().Kind() != reflect.Ptr && decodingNull && value.CanSet() {
break
}
- if v.IsNil() {
- if v.CanSet() {
- v.Set(reflect.New(v.Type().Elem()))
+ if value.IsNil() {
+ if value.CanSet() {
+ value.Set(reflect.New(value.Type().Elem()))
} else {
- v = reflect.New(v.Type().Elem())
+ value = reflect.New(value.Type().Elem())
}
}
- if v.Type().NumMethod() > 0 {
- if u, ok := v.Interface().(json.Unmarshaler); ok {
+ if value.Type().NumMethod() > 0 {
+ if u, ok := value.Interface().(json.Unmarshaler); ok {
return u, nil, reflect.Value{}
}
- if u, ok := v.Interface().(encoding.TextUnmarshaler); ok {
+ if u, ok := value.Interface().(encoding.TextUnmarshaler); ok {
return nil, u, reflect.Value{}
}
}
- v = v.Elem()
+ value = value.Elem()
}
- return nil, nil, v
+ return nil, nil, value
}
// A field represents a single field found in a struct.
@@ -134,8 +134,8 @@ func typeFields(t reflect.Type) []field {
next := []field{{typ: t}}
// Count of queued names for current level and the next.
- count := map[reflect.Type]int{}
- nextCount := map[reflect.Type]int{}
+ var count map[reflect.Type]int
+ var nextCount map[reflect.Type]int
// Types already visited at an earlier level.
visited := map[reflect.Type]bool{}
@@ -348,8 +348,9 @@ const (
// 4) simpleLetterEqualFold, no specials, no non-letters.
//
// The letters S and K are special because they map to 3 runes, not just 2:
-// * S maps to s and to U+017F 'ſ' Latin small letter long s
-// * k maps to K and to U+212A 'K' Kelvin sign
+// - S maps to s and to U+017F 'ſ' Latin small letter long s
+// - k maps to K and to U+212A 'K' Kelvin sign
+//
// See http://play.golang.org/p/tTxjOc0OGo
//
// The returned function is specialized for matching against s and
@@ -420,10 +421,8 @@ func equalFoldRight(s, t []byte) bool {
t = t[size:]
}
- if len(t) > 0 {
- return false
- }
- return true
+
+ return len(t) <= 0
}
// asciiEqualFold is a specialization of bytes.EqualFold for use when
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/LICENSE b/vendor/sigs.k8s.io/yaml/goyaml.v2/LICENSE
new file mode 100644
index 000000000..8dada3eda
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/LICENSE
@@ -0,0 +1,201 @@
+ Apache License
+ Version 2.0, January 2004
+ http://www.apache.org/licenses/
+
+ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+ 1. Definitions.
+
+ "License" shall mean the terms and conditions for use, reproduction,
+ and distribution as defined by Sections 1 through 9 of this document.
+
+ "Licensor" shall mean the copyright owner or entity authorized by
+ the copyright owner that is granting the License.
+
+ "Legal Entity" shall mean the union of the acting entity and all
+ other entities that control, are controlled by, or are under common
+ control with that entity. For the purposes of this definition,
+ "control" means (i) the power, direct or indirect, to cause the
+ direction or management of such entity, whether by contract or
+ otherwise, or (ii) ownership of fifty percent (50%) or more of the
+ outstanding shares, or (iii) beneficial ownership of such entity.
+
+ "You" (or "Your") shall mean an individual or Legal Entity
+ exercising permissions granted by this License.
+
+ "Source" form shall mean the preferred form for making modifications,
+ including but not limited to software source code, documentation
+ source, and configuration files.
+
+ "Object" form shall mean any form resulting from mechanical
+ transformation or translation of a Source form, including but
+ not limited to compiled object code, generated documentation,
+ and conversions to other media types.
+
+ "Work" shall mean the work of authorship, whether in Source or
+ Object form, made available under the License, as indicated by a
+ copyright notice that is included in or attached to the work
+ (an example is provided in the Appendix below).
+
+ "Derivative Works" shall mean any work, whether in Source or Object
+ form, that is based on (or derived from) the Work and for which the
+ editorial revisions, annotations, elaborations, or other modifications
+ represent, as a whole, an original work of authorship. For the purposes
+ of this License, Derivative Works shall not include works that remain
+ separable from, or merely link (or bind by name) to the interfaces of,
+ the Work and Derivative Works thereof.
+
+ "Contribution" shall mean any work of authorship, including
+ the original version of the Work and any modifications or additions
+ to that Work or Derivative Works thereof, that is intentionally
+ submitted to Licensor for inclusion in the Work by the copyright owner
+ or by an individual or Legal Entity authorized to submit on behalf of
+ the copyright owner. For the purposes of this definition, "submitted"
+ means any form of electronic, verbal, or written communication sent
+ to the Licensor or its representatives, including but not limited to
+ communication on electronic mailing lists, source code control systems,
+ and issue tracking systems that are managed by, or on behalf of, the
+ Licensor for the purpose of discussing and improving the Work, but
+ excluding communication that is conspicuously marked or otherwise
+ designated in writing by the copyright owner as "Not a Contribution."
+
+ "Contributor" shall mean Licensor and any individual or Legal Entity
+ on behalf of whom a Contribution has been received by Licensor and
+ subsequently incorporated within the Work.
+
+ 2. Grant of Copyright License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ copyright license to reproduce, prepare Derivative Works of,
+ publicly display, publicly perform, sublicense, and distribute the
+ Work and such Derivative Works in Source or Object form.
+
+ 3. Grant of Patent License. Subject to the terms and conditions of
+ this License, each Contributor hereby grants to You a perpetual,
+ worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+ (except as stated in this section) patent license to make, have made,
+ use, offer to sell, sell, import, and otherwise transfer the Work,
+ where such license applies only to those patent claims licensable
+ by such Contributor that are necessarily infringed by their
+ Contribution(s) alone or by combination of their Contribution(s)
+ with the Work to which such Contribution(s) was submitted. If You
+ institute patent litigation against any entity (including a
+ cross-claim or counterclaim in a lawsuit) alleging that the Work
+ or a Contribution incorporated within the Work constitutes direct
+ or contributory patent infringement, then any patent licenses
+ granted to You under this License for that Work shall terminate
+ as of the date such litigation is filed.
+
+ 4. Redistribution. You may reproduce and distribute copies of the
+ Work or Derivative Works thereof in any medium, with or without
+ modifications, and in Source or Object form, provided that You
+ meet the following conditions:
+
+ (a) You must give any other recipients of the Work or
+ Derivative Works a copy of this License; and
+
+ (b) You must cause any modified files to carry prominent notices
+ stating that You changed the files; and
+
+ (c) You must retain, in the Source form of any Derivative Works
+ that You distribute, all copyright, patent, trademark, and
+ attribution notices from the Source form of the Work,
+ excluding those notices that do not pertain to any part of
+ the Derivative Works; and
+
+ (d) If the Work includes a "NOTICE" text file as part of its
+ distribution, then any Derivative Works that You distribute must
+ include a readable copy of the attribution notices contained
+ within such NOTICE file, excluding those notices that do not
+ pertain to any part of the Derivative Works, in at least one
+ of the following places: within a NOTICE text file distributed
+ as part of the Derivative Works; within the Source form or
+ documentation, if provided along with the Derivative Works; or,
+ within a display generated by the Derivative Works, if and
+ wherever such third-party notices normally appear. The contents
+ of the NOTICE file are for informational purposes only and
+ do not modify the License. You may add Your own attribution
+ notices within Derivative Works that You distribute, alongside
+ or as an addendum to the NOTICE text from the Work, provided
+ that such additional attribution notices cannot be construed
+ as modifying the License.
+
+ You may add Your own copyright statement to Your modifications and
+ may provide additional or different license terms and conditions
+ for use, reproduction, or distribution of Your modifications, or
+ for any such Derivative Works as a whole, provided Your use,
+ reproduction, and distribution of the Work otherwise complies with
+ the conditions stated in this License.
+
+ 5. Submission of Contributions. Unless You explicitly state otherwise,
+ any Contribution intentionally submitted for inclusion in the Work
+ by You to the Licensor shall be under the terms and conditions of
+ this License, without any additional terms or conditions.
+ Notwithstanding the above, nothing herein shall supersede or modify
+ the terms of any separate license agreement you may have executed
+ with Licensor regarding such Contributions.
+
+ 6. Trademarks. This License does not grant permission to use the trade
+ names, trademarks, service marks, or product names of the Licensor,
+ except as required for reasonable and customary use in describing the
+ origin of the Work and reproducing the content of the NOTICE file.
+
+ 7. Disclaimer of Warranty. Unless required by applicable law or
+ agreed to in writing, Licensor provides the Work (and each
+ Contributor provides its Contributions) on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+ implied, including, without limitation, any warranties or conditions
+ of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+ PARTICULAR PURPOSE. You are solely responsible for determining the
+ appropriateness of using or redistributing the Work and assume any
+ risks associated with Your exercise of permissions under this License.
+
+ 8. Limitation of Liability. In no event and under no legal theory,
+ whether in tort (including negligence), contract, or otherwise,
+ unless required by applicable law (such as deliberate and grossly
+ negligent acts) or agreed to in writing, shall any Contributor be
+ liable to You for damages, including any direct, indirect, special,
+ incidental, or consequential damages of any character arising as a
+ result of this License or out of the use or inability to use the
+ Work (including but not limited to damages for loss of goodwill,
+ work stoppage, computer failure or malfunction, or any and all
+ other commercial damages or losses), even if such Contributor
+ has been advised of the possibility of such damages.
+
+ 9. Accepting Warranty or Additional Liability. While redistributing
+ the Work or Derivative Works thereof, You may choose to offer,
+ and charge a fee for, acceptance of support, warranty, indemnity,
+ or other liability obligations and/or rights consistent with this
+ License. However, in accepting such obligations, You may act only
+ on Your own behalf and on Your sole responsibility, not on behalf
+ of any other Contributor, and only if You agree to indemnify,
+ defend, and hold each Contributor harmless for any liability
+ incurred by, or claims asserted against, such Contributor by reason
+ of your accepting any such warranty or additional liability.
+
+ END OF TERMS AND CONDITIONS
+
+ APPENDIX: How to apply the Apache License to your work.
+
+ To apply the Apache License to your work, attach the following
+ boilerplate notice, with the fields enclosed by brackets "{}"
+ replaced with your own identifying information. (Don't include
+ the brackets!) The text should be enclosed in the appropriate
+ comment syntax for the file format. We also recommend that a
+ file or class name and description of purpose be included on the
+ same "printed page" as the copyright notice for easier
+ identification within third-party archives.
+
+ Copyright {yyyy} {name of copyright owner}
+
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/LICENSE.libyaml b/vendor/sigs.k8s.io/yaml/goyaml.v2/LICENSE.libyaml
new file mode 100644
index 000000000..8da58fbf6
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/LICENSE.libyaml
@@ -0,0 +1,31 @@
+The following files were ported to Go from C files of libyaml, and thus
+are still covered by their original copyright and license:
+
+ apic.go
+ emitterc.go
+ parserc.go
+ readerc.go
+ scannerc.go
+ writerc.go
+ yamlh.go
+ yamlprivateh.go
+
+Copyright (c) 2006 Kirill Simonov
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/NOTICE b/vendor/sigs.k8s.io/yaml/goyaml.v2/NOTICE
new file mode 100644
index 000000000..866d74a7a
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/NOTICE
@@ -0,0 +1,13 @@
+Copyright 2011-2016 Canonical Ltd.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/OWNERS b/vendor/sigs.k8s.io/yaml/goyaml.v2/OWNERS
new file mode 100644
index 000000000..73be0a3a9
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/OWNERS
@@ -0,0 +1,24 @@
+# See the OWNERS docs at https://go.k8s.io/owners
+
+approvers:
+- dims
+- jpbetz
+- smarterclayton
+- deads2k
+- sttts
+- liggitt
+- natasha41575
+- knverey
+reviewers:
+- dims
+- thockin
+- jpbetz
+- smarterclayton
+- deads2k
+- derekwaynecarr
+- mikedanese
+- liggitt
+- sttts
+- tallclair
+labels:
+- sig/api-machinery
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/README.md b/vendor/sigs.k8s.io/yaml/goyaml.v2/README.md
new file mode 100644
index 000000000..53f4139dc
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/README.md
@@ -0,0 +1,143 @@
+# go-yaml fork
+
+This package is a fork of the go-yaml library and is intended solely for consumption
+by kubernetes projects. In this fork, we plan to support only critical changes required for
+kubernetes, such as small bug fixes and regressions. Larger, general-purpose feature requests
+should be made in the upstream go-yaml library, and we will reject such changes in this fork
+unless we are pulling them from upstream.
+
+This fork is based on v2.4.0: https://github.com/go-yaml/yaml/releases/tag/v2.4.0
+
+# YAML support for the Go language
+
+Introduction
+------------
+
+The yaml package enables Go programs to comfortably encode and decode YAML
+values. It was developed within [Canonical](https://www.canonical.com) as
+part of the [juju](https://juju.ubuntu.com) project, and is based on a
+pure Go port of the well-known [libyaml](http://pyyaml.org/wiki/LibYAML)
+C library to parse and generate YAML data quickly and reliably.
+
+Compatibility
+-------------
+
+The yaml package supports most of YAML 1.1 and 1.2, including support for
+anchors, tags, map merging, etc. Multi-document unmarshalling is not yet
+implemented, and base-60 floats from YAML 1.1 are purposefully not
+supported since they're a poor design and are gone in YAML 1.2.
+
+Installation and usage
+----------------------
+
+The import path for the package is *gopkg.in/yaml.v2*.
+
+To install it, run:
+
+ go get gopkg.in/yaml.v2
+
+API documentation
+-----------------
+
+If opened in a browser, the import path itself leads to the API documentation:
+
+ * [https://gopkg.in/yaml.v2](https://gopkg.in/yaml.v2)
+
+API stability
+-------------
+
+The package API for yaml v2 will remain stable as described in [gopkg.in](https://gopkg.in).
+
+
+License
+-------
+
+The yaml package is licensed under the Apache License 2.0. Please see the LICENSE file for details.
+
+
+Example
+-------
+
+```Go
+package main
+
+import (
+ "fmt"
+ "log"
+
+ "gopkg.in/yaml.v2"
+)
+
+var data = `
+a: Easy!
+b:
+ c: 2
+ d: [3, 4]
+`
+
+// Note: struct fields must be public in order for unmarshal to
+// correctly populate the data.
+type T struct {
+ A string
+ B struct {
+ RenamedC int `yaml:"c"`
+ D []int `yaml:",flow"`
+ }
+}
+
+func main() {
+ t := T{}
+
+ err := yaml.Unmarshal([]byte(data), &t)
+ if err != nil {
+ log.Fatalf("error: %v", err)
+ }
+ fmt.Printf("--- t:\n%v\n\n", t)
+
+ d, err := yaml.Marshal(&t)
+ if err != nil {
+ log.Fatalf("error: %v", err)
+ }
+ fmt.Printf("--- t dump:\n%s\n\n", string(d))
+
+ m := make(map[interface{}]interface{})
+
+ err = yaml.Unmarshal([]byte(data), &m)
+ if err != nil {
+ log.Fatalf("error: %v", err)
+ }
+ fmt.Printf("--- m:\n%v\n\n", m)
+
+ d, err = yaml.Marshal(&m)
+ if err != nil {
+ log.Fatalf("error: %v", err)
+ }
+ fmt.Printf("--- m dump:\n%s\n\n", string(d))
+}
+```
+
+This example will generate the following output:
+
+```
+--- t:
+{Easy! {2 [3 4]}}
+
+--- t dump:
+a: Easy!
+b:
+ c: 2
+ d: [3, 4]
+
+
+--- m:
+map[a:Easy! b:map[c:2 d:[3 4]]]
+
+--- m dump:
+a: Easy!
+b:
+ c: 2
+ d:
+ - 3
+ - 4
+```
+
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/apic.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/apic.go
new file mode 100644
index 000000000..acf71402c
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/apic.go
@@ -0,0 +1,744 @@
+package yaml
+
+import (
+ "io"
+)
+
+func yaml_insert_token(parser *yaml_parser_t, pos int, token *yaml_token_t) {
+ //fmt.Println("yaml_insert_token", "pos:", pos, "typ:", token.typ, "head:", parser.tokens_head, "len:", len(parser.tokens))
+
+ // Check if we can move the queue at the beginning of the buffer.
+ if parser.tokens_head > 0 && len(parser.tokens) == cap(parser.tokens) {
+ if parser.tokens_head != len(parser.tokens) {
+ copy(parser.tokens, parser.tokens[parser.tokens_head:])
+ }
+ parser.tokens = parser.tokens[:len(parser.tokens)-parser.tokens_head]
+ parser.tokens_head = 0
+ }
+ parser.tokens = append(parser.tokens, *token)
+ if pos < 0 {
+ return
+ }
+ copy(parser.tokens[parser.tokens_head+pos+1:], parser.tokens[parser.tokens_head+pos:])
+ parser.tokens[parser.tokens_head+pos] = *token
+}
+
+// Create a new parser object.
+func yaml_parser_initialize(parser *yaml_parser_t) bool {
+ *parser = yaml_parser_t{
+ raw_buffer: make([]byte, 0, input_raw_buffer_size),
+ buffer: make([]byte, 0, input_buffer_size),
+ }
+ return true
+}
+
+// Destroy a parser object.
+func yaml_parser_delete(parser *yaml_parser_t) {
+ *parser = yaml_parser_t{}
+}
+
+// String read handler.
+func yaml_string_read_handler(parser *yaml_parser_t, buffer []byte) (n int, err error) {
+ if parser.input_pos == len(parser.input) {
+ return 0, io.EOF
+ }
+ n = copy(buffer, parser.input[parser.input_pos:])
+ parser.input_pos += n
+ return n, nil
+}
+
+// Reader read handler.
+func yaml_reader_read_handler(parser *yaml_parser_t, buffer []byte) (n int, err error) {
+ return parser.input_reader.Read(buffer)
+}
+
+// Set a string input.
+func yaml_parser_set_input_string(parser *yaml_parser_t, input []byte) {
+ if parser.read_handler != nil {
+ panic("must set the input source only once")
+ }
+ parser.read_handler = yaml_string_read_handler
+ parser.input = input
+ parser.input_pos = 0
+}
+
+// Set a file input.
+func yaml_parser_set_input_reader(parser *yaml_parser_t, r io.Reader) {
+ if parser.read_handler != nil {
+ panic("must set the input source only once")
+ }
+ parser.read_handler = yaml_reader_read_handler
+ parser.input_reader = r
+}
+
+// Set the source encoding.
+func yaml_parser_set_encoding(parser *yaml_parser_t, encoding yaml_encoding_t) {
+ if parser.encoding != yaml_ANY_ENCODING {
+ panic("must set the encoding only once")
+ }
+ parser.encoding = encoding
+}
+
+var disableLineWrapping = false
+
+// Create a new emitter object.
+func yaml_emitter_initialize(emitter *yaml_emitter_t) {
+ *emitter = yaml_emitter_t{
+ buffer: make([]byte, output_buffer_size),
+ raw_buffer: make([]byte, 0, output_raw_buffer_size),
+ states: make([]yaml_emitter_state_t, 0, initial_stack_size),
+ events: make([]yaml_event_t, 0, initial_queue_size),
+ }
+ if disableLineWrapping {
+ emitter.best_width = -1
+ }
+}
+
+// Destroy an emitter object.
+func yaml_emitter_delete(emitter *yaml_emitter_t) {
+ *emitter = yaml_emitter_t{}
+}
+
+// String write handler.
+func yaml_string_write_handler(emitter *yaml_emitter_t, buffer []byte) error {
+ *emitter.output_buffer = append(*emitter.output_buffer, buffer...)
+ return nil
+}
+
+// yaml_writer_write_handler uses emitter.output_writer to write the
+// emitted text.
+func yaml_writer_write_handler(emitter *yaml_emitter_t, buffer []byte) error {
+ _, err := emitter.output_writer.Write(buffer)
+ return err
+}
+
+// Set a string output.
+func yaml_emitter_set_output_string(emitter *yaml_emitter_t, output_buffer *[]byte) {
+ if emitter.write_handler != nil {
+ panic("must set the output target only once")
+ }
+ emitter.write_handler = yaml_string_write_handler
+ emitter.output_buffer = output_buffer
+}
+
+// Set a file output.
+func yaml_emitter_set_output_writer(emitter *yaml_emitter_t, w io.Writer) {
+ if emitter.write_handler != nil {
+ panic("must set the output target only once")
+ }
+ emitter.write_handler = yaml_writer_write_handler
+ emitter.output_writer = w
+}
+
+// Set the output encoding.
+func yaml_emitter_set_encoding(emitter *yaml_emitter_t, encoding yaml_encoding_t) {
+ if emitter.encoding != yaml_ANY_ENCODING {
+ panic("must set the output encoding only once")
+ }
+ emitter.encoding = encoding
+}
+
+// Set the canonical output style.
+func yaml_emitter_set_canonical(emitter *yaml_emitter_t, canonical bool) {
+ emitter.canonical = canonical
+}
+
+//// Set the indentation increment.
+func yaml_emitter_set_indent(emitter *yaml_emitter_t, indent int) {
+ if indent < 2 || indent > 9 {
+ indent = 2
+ }
+ emitter.best_indent = indent
+}
+
+// Set the preferred line width.
+func yaml_emitter_set_width(emitter *yaml_emitter_t, width int) {
+ if width < 0 {
+ width = -1
+ }
+ emitter.best_width = width
+}
+
+// Set if unescaped non-ASCII characters are allowed.
+func yaml_emitter_set_unicode(emitter *yaml_emitter_t, unicode bool) {
+ emitter.unicode = unicode
+}
+
+// Set the preferred line break character.
+func yaml_emitter_set_break(emitter *yaml_emitter_t, line_break yaml_break_t) {
+ emitter.line_break = line_break
+}
+
+///*
+// * Destroy a token object.
+// */
+//
+//YAML_DECLARE(void)
+//yaml_token_delete(yaml_token_t *token)
+//{
+// assert(token); // Non-NULL token object expected.
+//
+// switch (token.type)
+// {
+// case YAML_TAG_DIRECTIVE_TOKEN:
+// yaml_free(token.data.tag_directive.handle);
+// yaml_free(token.data.tag_directive.prefix);
+// break;
+//
+// case YAML_ALIAS_TOKEN:
+// yaml_free(token.data.alias.value);
+// break;
+//
+// case YAML_ANCHOR_TOKEN:
+// yaml_free(token.data.anchor.value);
+// break;
+//
+// case YAML_TAG_TOKEN:
+// yaml_free(token.data.tag.handle);
+// yaml_free(token.data.tag.suffix);
+// break;
+//
+// case YAML_SCALAR_TOKEN:
+// yaml_free(token.data.scalar.value);
+// break;
+//
+// default:
+// break;
+// }
+//
+// memset(token, 0, sizeof(yaml_token_t));
+//}
+//
+///*
+// * Check if a string is a valid UTF-8 sequence.
+// *
+// * Check 'reader.c' for more details on UTF-8 encoding.
+// */
+//
+//static int
+//yaml_check_utf8(yaml_char_t *start, size_t length)
+//{
+// yaml_char_t *end = start+length;
+// yaml_char_t *pointer = start;
+//
+// while (pointer < end) {
+// unsigned char octet;
+// unsigned int width;
+// unsigned int value;
+// size_t k;
+//
+// octet = pointer[0];
+// width = (octet & 0x80) == 0x00 ? 1 :
+// (octet & 0xE0) == 0xC0 ? 2 :
+// (octet & 0xF0) == 0xE0 ? 3 :
+// (octet & 0xF8) == 0xF0 ? 4 : 0;
+// value = (octet & 0x80) == 0x00 ? octet & 0x7F :
+// (octet & 0xE0) == 0xC0 ? octet & 0x1F :
+// (octet & 0xF0) == 0xE0 ? octet & 0x0F :
+// (octet & 0xF8) == 0xF0 ? octet & 0x07 : 0;
+// if (!width) return 0;
+// if (pointer+width > end) return 0;
+// for (k = 1; k < width; k ++) {
+// octet = pointer[k];
+// if ((octet & 0xC0) != 0x80) return 0;
+// value = (value << 6) + (octet & 0x3F);
+// }
+// if (!((width == 1) ||
+// (width == 2 && value >= 0x80) ||
+// (width == 3 && value >= 0x800) ||
+// (width == 4 && value >= 0x10000))) return 0;
+//
+// pointer += width;
+// }
+//
+// return 1;
+//}
+//
+
+// Create STREAM-START.
+func yaml_stream_start_event_initialize(event *yaml_event_t, encoding yaml_encoding_t) {
+ *event = yaml_event_t{
+ typ: yaml_STREAM_START_EVENT,
+ encoding: encoding,
+ }
+}
+
+// Create STREAM-END.
+func yaml_stream_end_event_initialize(event *yaml_event_t) {
+ *event = yaml_event_t{
+ typ: yaml_STREAM_END_EVENT,
+ }
+}
+
+// Create DOCUMENT-START.
+func yaml_document_start_event_initialize(
+ event *yaml_event_t,
+ version_directive *yaml_version_directive_t,
+ tag_directives []yaml_tag_directive_t,
+ implicit bool,
+) {
+ *event = yaml_event_t{
+ typ: yaml_DOCUMENT_START_EVENT,
+ version_directive: version_directive,
+ tag_directives: tag_directives,
+ implicit: implicit,
+ }
+}
+
+// Create DOCUMENT-END.
+func yaml_document_end_event_initialize(event *yaml_event_t, implicit bool) {
+ *event = yaml_event_t{
+ typ: yaml_DOCUMENT_END_EVENT,
+ implicit: implicit,
+ }
+}
+
+///*
+// * Create ALIAS.
+// */
+//
+//YAML_DECLARE(int)
+//yaml_alias_event_initialize(event *yaml_event_t, anchor *yaml_char_t)
+//{
+// mark yaml_mark_t = { 0, 0, 0 }
+// anchor_copy *yaml_char_t = NULL
+//
+// assert(event) // Non-NULL event object is expected.
+// assert(anchor) // Non-NULL anchor is expected.
+//
+// if (!yaml_check_utf8(anchor, strlen((char *)anchor))) return 0
+//
+// anchor_copy = yaml_strdup(anchor)
+// if (!anchor_copy)
+// return 0
+//
+// ALIAS_EVENT_INIT(*event, anchor_copy, mark, mark)
+//
+// return 1
+//}
+
+// Create SCALAR.
+func yaml_scalar_event_initialize(event *yaml_event_t, anchor, tag, value []byte, plain_implicit, quoted_implicit bool, style yaml_scalar_style_t) bool {
+ *event = yaml_event_t{
+ typ: yaml_SCALAR_EVENT,
+ anchor: anchor,
+ tag: tag,
+ value: value,
+ implicit: plain_implicit,
+ quoted_implicit: quoted_implicit,
+ style: yaml_style_t(style),
+ }
+ return true
+}
+
+// Create SEQUENCE-START.
+func yaml_sequence_start_event_initialize(event *yaml_event_t, anchor, tag []byte, implicit bool, style yaml_sequence_style_t) bool {
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_START_EVENT,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ style: yaml_style_t(style),
+ }
+ return true
+}
+
+// Create SEQUENCE-END.
+func yaml_sequence_end_event_initialize(event *yaml_event_t) bool {
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_END_EVENT,
+ }
+ return true
+}
+
+// Create MAPPING-START.
+func yaml_mapping_start_event_initialize(event *yaml_event_t, anchor, tag []byte, implicit bool, style yaml_mapping_style_t) {
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_START_EVENT,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ style: yaml_style_t(style),
+ }
+}
+
+// Create MAPPING-END.
+func yaml_mapping_end_event_initialize(event *yaml_event_t) {
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_END_EVENT,
+ }
+}
+
+// Destroy an event object.
+func yaml_event_delete(event *yaml_event_t) {
+ *event = yaml_event_t{}
+}
+
+///*
+// * Create a document object.
+// */
+//
+//YAML_DECLARE(int)
+//yaml_document_initialize(document *yaml_document_t,
+// version_directive *yaml_version_directive_t,
+// tag_directives_start *yaml_tag_directive_t,
+// tag_directives_end *yaml_tag_directive_t,
+// start_implicit int, end_implicit int)
+//{
+// struct {
+// error yaml_error_type_t
+// } context
+// struct {
+// start *yaml_node_t
+// end *yaml_node_t
+// top *yaml_node_t
+// } nodes = { NULL, NULL, NULL }
+// version_directive_copy *yaml_version_directive_t = NULL
+// struct {
+// start *yaml_tag_directive_t
+// end *yaml_tag_directive_t
+// top *yaml_tag_directive_t
+// } tag_directives_copy = { NULL, NULL, NULL }
+// value yaml_tag_directive_t = { NULL, NULL }
+// mark yaml_mark_t = { 0, 0, 0 }
+//
+// assert(document) // Non-NULL document object is expected.
+// assert((tag_directives_start && tag_directives_end) ||
+// (tag_directives_start == tag_directives_end))
+// // Valid tag directives are expected.
+//
+// if (!STACK_INIT(&context, nodes, INITIAL_STACK_SIZE)) goto error
+//
+// if (version_directive) {
+// version_directive_copy = yaml_malloc(sizeof(yaml_version_directive_t))
+// if (!version_directive_copy) goto error
+// version_directive_copy.major = version_directive.major
+// version_directive_copy.minor = version_directive.minor
+// }
+//
+// if (tag_directives_start != tag_directives_end) {
+// tag_directive *yaml_tag_directive_t
+// if (!STACK_INIT(&context, tag_directives_copy, INITIAL_STACK_SIZE))
+// goto error
+// for (tag_directive = tag_directives_start
+// tag_directive != tag_directives_end; tag_directive ++) {
+// assert(tag_directive.handle)
+// assert(tag_directive.prefix)
+// if (!yaml_check_utf8(tag_directive.handle,
+// strlen((char *)tag_directive.handle)))
+// goto error
+// if (!yaml_check_utf8(tag_directive.prefix,
+// strlen((char *)tag_directive.prefix)))
+// goto error
+// value.handle = yaml_strdup(tag_directive.handle)
+// value.prefix = yaml_strdup(tag_directive.prefix)
+// if (!value.handle || !value.prefix) goto error
+// if (!PUSH(&context, tag_directives_copy, value))
+// goto error
+// value.handle = NULL
+// value.prefix = NULL
+// }
+// }
+//
+// DOCUMENT_INIT(*document, nodes.start, nodes.end, version_directive_copy,
+// tag_directives_copy.start, tag_directives_copy.top,
+// start_implicit, end_implicit, mark, mark)
+//
+// return 1
+//
+//error:
+// STACK_DEL(&context, nodes)
+// yaml_free(version_directive_copy)
+// while (!STACK_EMPTY(&context, tag_directives_copy)) {
+// value yaml_tag_directive_t = POP(&context, tag_directives_copy)
+// yaml_free(value.handle)
+// yaml_free(value.prefix)
+// }
+// STACK_DEL(&context, tag_directives_copy)
+// yaml_free(value.handle)
+// yaml_free(value.prefix)
+//
+// return 0
+//}
+//
+///*
+// * Destroy a document object.
+// */
+//
+//YAML_DECLARE(void)
+//yaml_document_delete(document *yaml_document_t)
+//{
+// struct {
+// error yaml_error_type_t
+// } context
+// tag_directive *yaml_tag_directive_t
+//
+// context.error = YAML_NO_ERROR // Eliminate a compiler warning.
+//
+// assert(document) // Non-NULL document object is expected.
+//
+// while (!STACK_EMPTY(&context, document.nodes)) {
+// node yaml_node_t = POP(&context, document.nodes)
+// yaml_free(node.tag)
+// switch (node.type) {
+// case YAML_SCALAR_NODE:
+// yaml_free(node.data.scalar.value)
+// break
+// case YAML_SEQUENCE_NODE:
+// STACK_DEL(&context, node.data.sequence.items)
+// break
+// case YAML_MAPPING_NODE:
+// STACK_DEL(&context, node.data.mapping.pairs)
+// break
+// default:
+// assert(0) // Should not happen.
+// }
+// }
+// STACK_DEL(&context, document.nodes)
+//
+// yaml_free(document.version_directive)
+// for (tag_directive = document.tag_directives.start
+// tag_directive != document.tag_directives.end
+// tag_directive++) {
+// yaml_free(tag_directive.handle)
+// yaml_free(tag_directive.prefix)
+// }
+// yaml_free(document.tag_directives.start)
+//
+// memset(document, 0, sizeof(yaml_document_t))
+//}
+//
+///**
+// * Get a document node.
+// */
+//
+//YAML_DECLARE(yaml_node_t *)
+//yaml_document_get_node(document *yaml_document_t, index int)
+//{
+// assert(document) // Non-NULL document object is expected.
+//
+// if (index > 0 && document.nodes.start + index <= document.nodes.top) {
+// return document.nodes.start + index - 1
+// }
+// return NULL
+//}
+//
+///**
+// * Get the root object.
+// */
+//
+//YAML_DECLARE(yaml_node_t *)
+//yaml_document_get_root_node(document *yaml_document_t)
+//{
+// assert(document) // Non-NULL document object is expected.
+//
+// if (document.nodes.top != document.nodes.start) {
+// return document.nodes.start
+// }
+// return NULL
+//}
+//
+///*
+// * Add a scalar node to a document.
+// */
+//
+//YAML_DECLARE(int)
+//yaml_document_add_scalar(document *yaml_document_t,
+// tag *yaml_char_t, value *yaml_char_t, length int,
+// style yaml_scalar_style_t)
+//{
+// struct {
+// error yaml_error_type_t
+// } context
+// mark yaml_mark_t = { 0, 0, 0 }
+// tag_copy *yaml_char_t = NULL
+// value_copy *yaml_char_t = NULL
+// node yaml_node_t
+//
+// assert(document) // Non-NULL document object is expected.
+// assert(value) // Non-NULL value is expected.
+//
+// if (!tag) {
+// tag = (yaml_char_t *)YAML_DEFAULT_SCALAR_TAG
+// }
+//
+// if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error
+// tag_copy = yaml_strdup(tag)
+// if (!tag_copy) goto error
+//
+// if (length < 0) {
+// length = strlen((char *)value)
+// }
+//
+// if (!yaml_check_utf8(value, length)) goto error
+// value_copy = yaml_malloc(length+1)
+// if (!value_copy) goto error
+// memcpy(value_copy, value, length)
+// value_copy[length] = '\0'
+//
+// SCALAR_NODE_INIT(node, tag_copy, value_copy, length, style, mark, mark)
+// if (!PUSH(&context, document.nodes, node)) goto error
+//
+// return document.nodes.top - document.nodes.start
+//
+//error:
+// yaml_free(tag_copy)
+// yaml_free(value_copy)
+//
+// return 0
+//}
+//
+///*
+// * Add a sequence node to a document.
+// */
+//
+//YAML_DECLARE(int)
+//yaml_document_add_sequence(document *yaml_document_t,
+// tag *yaml_char_t, style yaml_sequence_style_t)
+//{
+// struct {
+// error yaml_error_type_t
+// } context
+// mark yaml_mark_t = { 0, 0, 0 }
+// tag_copy *yaml_char_t = NULL
+// struct {
+// start *yaml_node_item_t
+// end *yaml_node_item_t
+// top *yaml_node_item_t
+// } items = { NULL, NULL, NULL }
+// node yaml_node_t
+//
+// assert(document) // Non-NULL document object is expected.
+//
+// if (!tag) {
+// tag = (yaml_char_t *)YAML_DEFAULT_SEQUENCE_TAG
+// }
+//
+// if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error
+// tag_copy = yaml_strdup(tag)
+// if (!tag_copy) goto error
+//
+// if (!STACK_INIT(&context, items, INITIAL_STACK_SIZE)) goto error
+//
+// SEQUENCE_NODE_INIT(node, tag_copy, items.start, items.end,
+// style, mark, mark)
+// if (!PUSH(&context, document.nodes, node)) goto error
+//
+// return document.nodes.top - document.nodes.start
+//
+//error:
+// STACK_DEL(&context, items)
+// yaml_free(tag_copy)
+//
+// return 0
+//}
+//
+///*
+// * Add a mapping node to a document.
+// */
+//
+//YAML_DECLARE(int)
+//yaml_document_add_mapping(document *yaml_document_t,
+// tag *yaml_char_t, style yaml_mapping_style_t)
+//{
+// struct {
+// error yaml_error_type_t
+// } context
+// mark yaml_mark_t = { 0, 0, 0 }
+// tag_copy *yaml_char_t = NULL
+// struct {
+// start *yaml_node_pair_t
+// end *yaml_node_pair_t
+// top *yaml_node_pair_t
+// } pairs = { NULL, NULL, NULL }
+// node yaml_node_t
+//
+// assert(document) // Non-NULL document object is expected.
+//
+// if (!tag) {
+// tag = (yaml_char_t *)YAML_DEFAULT_MAPPING_TAG
+// }
+//
+// if (!yaml_check_utf8(tag, strlen((char *)tag))) goto error
+// tag_copy = yaml_strdup(tag)
+// if (!tag_copy) goto error
+//
+// if (!STACK_INIT(&context, pairs, INITIAL_STACK_SIZE)) goto error
+//
+// MAPPING_NODE_INIT(node, tag_copy, pairs.start, pairs.end,
+// style, mark, mark)
+// if (!PUSH(&context, document.nodes, node)) goto error
+//
+// return document.nodes.top - document.nodes.start
+//
+//error:
+// STACK_DEL(&context, pairs)
+// yaml_free(tag_copy)
+//
+// return 0
+//}
+//
+///*
+// * Append an item to a sequence node.
+// */
+//
+//YAML_DECLARE(int)
+//yaml_document_append_sequence_item(document *yaml_document_t,
+// sequence int, item int)
+//{
+// struct {
+// error yaml_error_type_t
+// } context
+//
+// assert(document) // Non-NULL document is required.
+// assert(sequence > 0
+// && document.nodes.start + sequence <= document.nodes.top)
+// // Valid sequence id is required.
+// assert(document.nodes.start[sequence-1].type == YAML_SEQUENCE_NODE)
+// // A sequence node is required.
+// assert(item > 0 && document.nodes.start + item <= document.nodes.top)
+// // Valid item id is required.
+//
+// if (!PUSH(&context,
+// document.nodes.start[sequence-1].data.sequence.items, item))
+// return 0
+//
+// return 1
+//}
+//
+///*
+// * Append a pair of a key and a value to a mapping node.
+// */
+//
+//YAML_DECLARE(int)
+//yaml_document_append_mapping_pair(document *yaml_document_t,
+// mapping int, key int, value int)
+//{
+// struct {
+// error yaml_error_type_t
+// } context
+//
+// pair yaml_node_pair_t
+//
+// assert(document) // Non-NULL document is required.
+// assert(mapping > 0
+// && document.nodes.start + mapping <= document.nodes.top)
+// // Valid mapping id is required.
+// assert(document.nodes.start[mapping-1].type == YAML_MAPPING_NODE)
+// // A mapping node is required.
+// assert(key > 0 && document.nodes.start + key <= document.nodes.top)
+// // Valid key id is required.
+// assert(value > 0 && document.nodes.start + value <= document.nodes.top)
+// // Valid value id is required.
+//
+// pair.key = key
+// pair.value = value
+//
+// if (!PUSH(&context,
+// document.nodes.start[mapping-1].data.mapping.pairs, pair))
+// return 0
+//
+// return 1
+//}
+//
+//
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/decode.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/decode.go
new file mode 100644
index 000000000..129bc2a97
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/decode.go
@@ -0,0 +1,815 @@
+package yaml
+
+import (
+ "encoding"
+ "encoding/base64"
+ "fmt"
+ "io"
+ "math"
+ "reflect"
+ "strconv"
+ "time"
+)
+
+const (
+ documentNode = 1 << iota
+ mappingNode
+ sequenceNode
+ scalarNode
+ aliasNode
+)
+
+type node struct {
+ kind int
+ line, column int
+ tag string
+ // For an alias node, alias holds the resolved alias.
+ alias *node
+ value string
+ implicit bool
+ children []*node
+ anchors map[string]*node
+}
+
+// ----------------------------------------------------------------------------
+// Parser, produces a node tree out of a libyaml event stream.
+
+type parser struct {
+ parser yaml_parser_t
+ event yaml_event_t
+ doc *node
+ doneInit bool
+}
+
+func newParser(b []byte) *parser {
+ p := parser{}
+ if !yaml_parser_initialize(&p.parser) {
+ panic("failed to initialize YAML emitter")
+ }
+ if len(b) == 0 {
+ b = []byte{'\n'}
+ }
+ yaml_parser_set_input_string(&p.parser, b)
+ return &p
+}
+
+func newParserFromReader(r io.Reader) *parser {
+ p := parser{}
+ if !yaml_parser_initialize(&p.parser) {
+ panic("failed to initialize YAML emitter")
+ }
+ yaml_parser_set_input_reader(&p.parser, r)
+ return &p
+}
+
+func (p *parser) init() {
+ if p.doneInit {
+ return
+ }
+ p.expect(yaml_STREAM_START_EVENT)
+ p.doneInit = true
+}
+
+func (p *parser) destroy() {
+ if p.event.typ != yaml_NO_EVENT {
+ yaml_event_delete(&p.event)
+ }
+ yaml_parser_delete(&p.parser)
+}
+
+// expect consumes an event from the event stream and
+// checks that it's of the expected type.
+func (p *parser) expect(e yaml_event_type_t) {
+ if p.event.typ == yaml_NO_EVENT {
+ if !yaml_parser_parse(&p.parser, &p.event) {
+ p.fail()
+ }
+ }
+ if p.event.typ == yaml_STREAM_END_EVENT {
+ failf("attempted to go past the end of stream; corrupted value?")
+ }
+ if p.event.typ != e {
+ p.parser.problem = fmt.Sprintf("expected %s event but got %s", e, p.event.typ)
+ p.fail()
+ }
+ yaml_event_delete(&p.event)
+ p.event.typ = yaml_NO_EVENT
+}
+
+// peek peeks at the next event in the event stream,
+// puts the results into p.event and returns the event type.
+func (p *parser) peek() yaml_event_type_t {
+ if p.event.typ != yaml_NO_EVENT {
+ return p.event.typ
+ }
+ if !yaml_parser_parse(&p.parser, &p.event) {
+ p.fail()
+ }
+ return p.event.typ
+}
+
+func (p *parser) fail() {
+ var where string
+ var line int
+ if p.parser.problem_mark.line != 0 {
+ line = p.parser.problem_mark.line
+ // Scanner errors don't iterate line before returning error
+ if p.parser.error == yaml_SCANNER_ERROR {
+ line++
+ }
+ } else if p.parser.context_mark.line != 0 {
+ line = p.parser.context_mark.line
+ }
+ if line != 0 {
+ where = "line " + strconv.Itoa(line) + ": "
+ }
+ var msg string
+ if len(p.parser.problem) > 0 {
+ msg = p.parser.problem
+ } else {
+ msg = "unknown problem parsing YAML content"
+ }
+ failf("%s%s", where, msg)
+}
+
+func (p *parser) anchor(n *node, anchor []byte) {
+ if anchor != nil {
+ p.doc.anchors[string(anchor)] = n
+ }
+}
+
+func (p *parser) parse() *node {
+ p.init()
+ switch p.peek() {
+ case yaml_SCALAR_EVENT:
+ return p.scalar()
+ case yaml_ALIAS_EVENT:
+ return p.alias()
+ case yaml_MAPPING_START_EVENT:
+ return p.mapping()
+ case yaml_SEQUENCE_START_EVENT:
+ return p.sequence()
+ case yaml_DOCUMENT_START_EVENT:
+ return p.document()
+ case yaml_STREAM_END_EVENT:
+ // Happens when attempting to decode an empty buffer.
+ return nil
+ default:
+ panic("attempted to parse unknown event: " + p.event.typ.String())
+ }
+}
+
+func (p *parser) node(kind int) *node {
+ return &node{
+ kind: kind,
+ line: p.event.start_mark.line,
+ column: p.event.start_mark.column,
+ }
+}
+
+func (p *parser) document() *node {
+ n := p.node(documentNode)
+ n.anchors = make(map[string]*node)
+ p.doc = n
+ p.expect(yaml_DOCUMENT_START_EVENT)
+ n.children = append(n.children, p.parse())
+ p.expect(yaml_DOCUMENT_END_EVENT)
+ return n
+}
+
+func (p *parser) alias() *node {
+ n := p.node(aliasNode)
+ n.value = string(p.event.anchor)
+ n.alias = p.doc.anchors[n.value]
+ if n.alias == nil {
+ failf("unknown anchor '%s' referenced", n.value)
+ }
+ p.expect(yaml_ALIAS_EVENT)
+ return n
+}
+
+func (p *parser) scalar() *node {
+ n := p.node(scalarNode)
+ n.value = string(p.event.value)
+ n.tag = string(p.event.tag)
+ n.implicit = p.event.implicit
+ p.anchor(n, p.event.anchor)
+ p.expect(yaml_SCALAR_EVENT)
+ return n
+}
+
+func (p *parser) sequence() *node {
+ n := p.node(sequenceNode)
+ p.anchor(n, p.event.anchor)
+ p.expect(yaml_SEQUENCE_START_EVENT)
+ for p.peek() != yaml_SEQUENCE_END_EVENT {
+ n.children = append(n.children, p.parse())
+ }
+ p.expect(yaml_SEQUENCE_END_EVENT)
+ return n
+}
+
+func (p *parser) mapping() *node {
+ n := p.node(mappingNode)
+ p.anchor(n, p.event.anchor)
+ p.expect(yaml_MAPPING_START_EVENT)
+ for p.peek() != yaml_MAPPING_END_EVENT {
+ n.children = append(n.children, p.parse(), p.parse())
+ }
+ p.expect(yaml_MAPPING_END_EVENT)
+ return n
+}
+
+// ----------------------------------------------------------------------------
+// Decoder, unmarshals a node into a provided value.
+
+type decoder struct {
+ doc *node
+ aliases map[*node]bool
+ mapType reflect.Type
+ terrors []string
+ strict bool
+
+ decodeCount int
+ aliasCount int
+ aliasDepth int
+}
+
+var (
+ mapItemType = reflect.TypeOf(MapItem{})
+ durationType = reflect.TypeOf(time.Duration(0))
+ defaultMapType = reflect.TypeOf(map[interface{}]interface{}{})
+ ifaceType = defaultMapType.Elem()
+ timeType = reflect.TypeOf(time.Time{})
+ ptrTimeType = reflect.TypeOf(&time.Time{})
+)
+
+func newDecoder(strict bool) *decoder {
+ d := &decoder{mapType: defaultMapType, strict: strict}
+ d.aliases = make(map[*node]bool)
+ return d
+}
+
+func (d *decoder) terror(n *node, tag string, out reflect.Value) {
+ if n.tag != "" {
+ tag = n.tag
+ }
+ value := n.value
+ if tag != yaml_SEQ_TAG && tag != yaml_MAP_TAG {
+ if len(value) > 10 {
+ value = " `" + value[:7] + "...`"
+ } else {
+ value = " `" + value + "`"
+ }
+ }
+ d.terrors = append(d.terrors, fmt.Sprintf("line %d: cannot unmarshal %s%s into %s", n.line+1, shortTag(tag), value, out.Type()))
+}
+
+func (d *decoder) callUnmarshaler(n *node, u Unmarshaler) (good bool) {
+ terrlen := len(d.terrors)
+ err := u.UnmarshalYAML(func(v interface{}) (err error) {
+ defer handleErr(&err)
+ d.unmarshal(n, reflect.ValueOf(v))
+ if len(d.terrors) > terrlen {
+ issues := d.terrors[terrlen:]
+ d.terrors = d.terrors[:terrlen]
+ return &TypeError{issues}
+ }
+ return nil
+ })
+ if e, ok := err.(*TypeError); ok {
+ d.terrors = append(d.terrors, e.Errors...)
+ return false
+ }
+ if err != nil {
+ fail(err)
+ }
+ return true
+}
+
+// d.prepare initializes and dereferences pointers and calls UnmarshalYAML
+// if a value is found to implement it.
+// It returns the initialized and dereferenced out value, whether
+// unmarshalling was already done by UnmarshalYAML, and if so whether
+// its types unmarshalled appropriately.
+//
+// If n holds a null value, prepare returns before doing anything.
+func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unmarshaled, good bool) {
+ if n.tag == yaml_NULL_TAG || n.kind == scalarNode && n.tag == "" && (n.value == "null" || n.value == "~" || n.value == "" && n.implicit) {
+ return out, false, false
+ }
+ again := true
+ for again {
+ again = false
+ if out.Kind() == reflect.Ptr {
+ if out.IsNil() {
+ out.Set(reflect.New(out.Type().Elem()))
+ }
+ out = out.Elem()
+ again = true
+ }
+ if out.CanAddr() {
+ if u, ok := out.Addr().Interface().(Unmarshaler); ok {
+ good = d.callUnmarshaler(n, u)
+ return out, true, good
+ }
+ }
+ }
+ return out, false, false
+}
+
+const (
+ // 400,000 decode operations is ~500kb of dense object declarations, or
+ // ~5kb of dense object declarations with 10000% alias expansion
+ alias_ratio_range_low = 400000
+
+ // 4,000,000 decode operations is ~5MB of dense object declarations, or
+ // ~4.5MB of dense object declarations with 10% alias expansion
+ alias_ratio_range_high = 4000000
+
+ // alias_ratio_range is the range over which we scale allowed alias ratios
+ alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low)
+)
+
+func allowedAliasRatio(decodeCount int) float64 {
+ switch {
+ case decodeCount <= alias_ratio_range_low:
+ // allow 99% to come from alias expansion for small-to-medium documents
+ return 0.99
+ case decodeCount >= alias_ratio_range_high:
+ // allow 10% to come from alias expansion for very large documents
+ return 0.10
+ default:
+ // scale smoothly from 99% down to 10% over the range.
+ // this maps to 396,000 - 400,000 allowed alias-driven decodes over the range.
+ // 400,000 decode operations is ~100MB of allocations in worst-case scenarios (single-item maps).
+ return 0.99 - 0.89*(float64(decodeCount-alias_ratio_range_low)/alias_ratio_range)
+ }
+}
+
+func (d *decoder) unmarshal(n *node, out reflect.Value) (good bool) {
+ d.decodeCount++
+ if d.aliasDepth > 0 {
+ d.aliasCount++
+ }
+ if d.aliasCount > 100 && d.decodeCount > 1000 && float64(d.aliasCount)/float64(d.decodeCount) > allowedAliasRatio(d.decodeCount) {
+ failf("document contains excessive aliasing")
+ }
+ switch n.kind {
+ case documentNode:
+ return d.document(n, out)
+ case aliasNode:
+ return d.alias(n, out)
+ }
+ out, unmarshaled, good := d.prepare(n, out)
+ if unmarshaled {
+ return good
+ }
+ switch n.kind {
+ case scalarNode:
+ good = d.scalar(n, out)
+ case mappingNode:
+ good = d.mapping(n, out)
+ case sequenceNode:
+ good = d.sequence(n, out)
+ default:
+ panic("internal error: unknown node kind: " + strconv.Itoa(n.kind))
+ }
+ return good
+}
+
+func (d *decoder) document(n *node, out reflect.Value) (good bool) {
+ if len(n.children) == 1 {
+ d.doc = n
+ d.unmarshal(n.children[0], out)
+ return true
+ }
+ return false
+}
+
+func (d *decoder) alias(n *node, out reflect.Value) (good bool) {
+ if d.aliases[n] {
+ // TODO this could actually be allowed in some circumstances.
+ failf("anchor '%s' value contains itself", n.value)
+ }
+ d.aliases[n] = true
+ d.aliasDepth++
+ good = d.unmarshal(n.alias, out)
+ d.aliasDepth--
+ delete(d.aliases, n)
+ return good
+}
+
+var zeroValue reflect.Value
+
+func resetMap(out reflect.Value) {
+ for _, k := range out.MapKeys() {
+ out.SetMapIndex(k, zeroValue)
+ }
+}
+
+func (d *decoder) scalar(n *node, out reflect.Value) bool {
+ var tag string
+ var resolved interface{}
+ if n.tag == "" && !n.implicit {
+ tag = yaml_STR_TAG
+ resolved = n.value
+ } else {
+ tag, resolved = resolve(n.tag, n.value)
+ if tag == yaml_BINARY_TAG {
+ data, err := base64.StdEncoding.DecodeString(resolved.(string))
+ if err != nil {
+ failf("!!binary value contains invalid base64 data")
+ }
+ resolved = string(data)
+ }
+ }
+ if resolved == nil {
+ if out.Kind() == reflect.Map && !out.CanAddr() {
+ resetMap(out)
+ } else {
+ out.Set(reflect.Zero(out.Type()))
+ }
+ return true
+ }
+ if resolvedv := reflect.ValueOf(resolved); out.Type() == resolvedv.Type() {
+ // We've resolved to exactly the type we want, so use that.
+ out.Set(resolvedv)
+ return true
+ }
+ // Perhaps we can use the value as a TextUnmarshaler to
+ // set its value.
+ if out.CanAddr() {
+ u, ok := out.Addr().Interface().(encoding.TextUnmarshaler)
+ if ok {
+ var text []byte
+ if tag == yaml_BINARY_TAG {
+ text = []byte(resolved.(string))
+ } else {
+ // We let any value be unmarshaled into TextUnmarshaler.
+ // That might be more lax than we'd like, but the
+ // TextUnmarshaler itself should bowl out any dubious values.
+ text = []byte(n.value)
+ }
+ err := u.UnmarshalText(text)
+ if err != nil {
+ fail(err)
+ }
+ return true
+ }
+ }
+ switch out.Kind() {
+ case reflect.String:
+ if tag == yaml_BINARY_TAG {
+ out.SetString(resolved.(string))
+ return true
+ }
+ if resolved != nil {
+ out.SetString(n.value)
+ return true
+ }
+ case reflect.Interface:
+ if resolved == nil {
+ out.Set(reflect.Zero(out.Type()))
+ } else if tag == yaml_TIMESTAMP_TAG {
+ // It looks like a timestamp but for backward compatibility
+ // reasons we set it as a string, so that code that unmarshals
+ // timestamp-like values into interface{} will continue to
+ // see a string and not a time.Time.
+ // TODO(v3) Drop this.
+ out.Set(reflect.ValueOf(n.value))
+ } else {
+ out.Set(reflect.ValueOf(resolved))
+ }
+ return true
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ switch resolved := resolved.(type) {
+ case int:
+ if !out.OverflowInt(int64(resolved)) {
+ out.SetInt(int64(resolved))
+ return true
+ }
+ case int64:
+ if !out.OverflowInt(resolved) {
+ out.SetInt(resolved)
+ return true
+ }
+ case uint64:
+ if resolved <= math.MaxInt64 && !out.OverflowInt(int64(resolved)) {
+ out.SetInt(int64(resolved))
+ return true
+ }
+ case float64:
+ if resolved <= math.MaxInt64 && !out.OverflowInt(int64(resolved)) {
+ out.SetInt(int64(resolved))
+ return true
+ }
+ case string:
+ if out.Type() == durationType {
+ d, err := time.ParseDuration(resolved)
+ if err == nil {
+ out.SetInt(int64(d))
+ return true
+ }
+ }
+ }
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ switch resolved := resolved.(type) {
+ case int:
+ if resolved >= 0 && !out.OverflowUint(uint64(resolved)) {
+ out.SetUint(uint64(resolved))
+ return true
+ }
+ case int64:
+ if resolved >= 0 && !out.OverflowUint(uint64(resolved)) {
+ out.SetUint(uint64(resolved))
+ return true
+ }
+ case uint64:
+ if !out.OverflowUint(uint64(resolved)) {
+ out.SetUint(uint64(resolved))
+ return true
+ }
+ case float64:
+ if resolved <= math.MaxUint64 && !out.OverflowUint(uint64(resolved)) {
+ out.SetUint(uint64(resolved))
+ return true
+ }
+ }
+ case reflect.Bool:
+ switch resolved := resolved.(type) {
+ case bool:
+ out.SetBool(resolved)
+ return true
+ }
+ case reflect.Float32, reflect.Float64:
+ switch resolved := resolved.(type) {
+ case int:
+ out.SetFloat(float64(resolved))
+ return true
+ case int64:
+ out.SetFloat(float64(resolved))
+ return true
+ case uint64:
+ out.SetFloat(float64(resolved))
+ return true
+ case float64:
+ out.SetFloat(resolved)
+ return true
+ }
+ case reflect.Struct:
+ if resolvedv := reflect.ValueOf(resolved); out.Type() == resolvedv.Type() {
+ out.Set(resolvedv)
+ return true
+ }
+ case reflect.Ptr:
+ if out.Type().Elem() == reflect.TypeOf(resolved) {
+ // TODO DOes this make sense? When is out a Ptr except when decoding a nil value?
+ elem := reflect.New(out.Type().Elem())
+ elem.Elem().Set(reflect.ValueOf(resolved))
+ out.Set(elem)
+ return true
+ }
+ }
+ d.terror(n, tag, out)
+ return false
+}
+
+func settableValueOf(i interface{}) reflect.Value {
+ v := reflect.ValueOf(i)
+ sv := reflect.New(v.Type()).Elem()
+ sv.Set(v)
+ return sv
+}
+
+func (d *decoder) sequence(n *node, out reflect.Value) (good bool) {
+ l := len(n.children)
+
+ var iface reflect.Value
+ switch out.Kind() {
+ case reflect.Slice:
+ out.Set(reflect.MakeSlice(out.Type(), l, l))
+ case reflect.Array:
+ if l != out.Len() {
+ failf("invalid array: want %d elements but got %d", out.Len(), l)
+ }
+ case reflect.Interface:
+ // No type hints. Will have to use a generic sequence.
+ iface = out
+ out = settableValueOf(make([]interface{}, l))
+ default:
+ d.terror(n, yaml_SEQ_TAG, out)
+ return false
+ }
+ et := out.Type().Elem()
+
+ j := 0
+ for i := 0; i < l; i++ {
+ e := reflect.New(et).Elem()
+ if ok := d.unmarshal(n.children[i], e); ok {
+ out.Index(j).Set(e)
+ j++
+ }
+ }
+ if out.Kind() != reflect.Array {
+ out.Set(out.Slice(0, j))
+ }
+ if iface.IsValid() {
+ iface.Set(out)
+ }
+ return true
+}
+
+func (d *decoder) mapping(n *node, out reflect.Value) (good bool) {
+ switch out.Kind() {
+ case reflect.Struct:
+ return d.mappingStruct(n, out)
+ case reflect.Slice:
+ return d.mappingSlice(n, out)
+ case reflect.Map:
+ // okay
+ case reflect.Interface:
+ if d.mapType.Kind() == reflect.Map {
+ iface := out
+ out = reflect.MakeMap(d.mapType)
+ iface.Set(out)
+ } else {
+ slicev := reflect.New(d.mapType).Elem()
+ if !d.mappingSlice(n, slicev) {
+ return false
+ }
+ out.Set(slicev)
+ return true
+ }
+ default:
+ d.terror(n, yaml_MAP_TAG, out)
+ return false
+ }
+ outt := out.Type()
+ kt := outt.Key()
+ et := outt.Elem()
+
+ mapType := d.mapType
+ if outt.Key() == ifaceType && outt.Elem() == ifaceType {
+ d.mapType = outt
+ }
+
+ if out.IsNil() {
+ out.Set(reflect.MakeMap(outt))
+ }
+ l := len(n.children)
+ for i := 0; i < l; i += 2 {
+ if isMerge(n.children[i]) {
+ d.merge(n.children[i+1], out)
+ continue
+ }
+ k := reflect.New(kt).Elem()
+ if d.unmarshal(n.children[i], k) {
+ kkind := k.Kind()
+ if kkind == reflect.Interface {
+ kkind = k.Elem().Kind()
+ }
+ if kkind == reflect.Map || kkind == reflect.Slice {
+ failf("invalid map key: %#v", k.Interface())
+ }
+ e := reflect.New(et).Elem()
+ if d.unmarshal(n.children[i+1], e) {
+ d.setMapIndex(n.children[i+1], out, k, e)
+ }
+ }
+ }
+ d.mapType = mapType
+ return true
+}
+
+func (d *decoder) setMapIndex(n *node, out, k, v reflect.Value) {
+ if d.strict && out.MapIndex(k) != zeroValue {
+ d.terrors = append(d.terrors, fmt.Sprintf("line %d: key %#v already set in map", n.line+1, k.Interface()))
+ return
+ }
+ out.SetMapIndex(k, v)
+}
+
+func (d *decoder) mappingSlice(n *node, out reflect.Value) (good bool) {
+ outt := out.Type()
+ if outt.Elem() != mapItemType {
+ d.terror(n, yaml_MAP_TAG, out)
+ return false
+ }
+
+ mapType := d.mapType
+ d.mapType = outt
+
+ var slice []MapItem
+ var l = len(n.children)
+ for i := 0; i < l; i += 2 {
+ if isMerge(n.children[i]) {
+ d.merge(n.children[i+1], out)
+ continue
+ }
+ item := MapItem{}
+ k := reflect.ValueOf(&item.Key).Elem()
+ if d.unmarshal(n.children[i], k) {
+ v := reflect.ValueOf(&item.Value).Elem()
+ if d.unmarshal(n.children[i+1], v) {
+ slice = append(slice, item)
+ }
+ }
+ }
+ out.Set(reflect.ValueOf(slice))
+ d.mapType = mapType
+ return true
+}
+
+func (d *decoder) mappingStruct(n *node, out reflect.Value) (good bool) {
+ sinfo, err := getStructInfo(out.Type())
+ if err != nil {
+ panic(err)
+ }
+ name := settableValueOf("")
+ l := len(n.children)
+
+ var inlineMap reflect.Value
+ var elemType reflect.Type
+ if sinfo.InlineMap != -1 {
+ inlineMap = out.Field(sinfo.InlineMap)
+ inlineMap.Set(reflect.New(inlineMap.Type()).Elem())
+ elemType = inlineMap.Type().Elem()
+ }
+
+ var doneFields []bool
+ if d.strict {
+ doneFields = make([]bool, len(sinfo.FieldsList))
+ }
+ for i := 0; i < l; i += 2 {
+ ni := n.children[i]
+ if isMerge(ni) {
+ d.merge(n.children[i+1], out)
+ continue
+ }
+ if !d.unmarshal(ni, name) {
+ continue
+ }
+ if info, ok := sinfo.FieldsMap[name.String()]; ok {
+ if d.strict {
+ if doneFields[info.Id] {
+ d.terrors = append(d.terrors, fmt.Sprintf("line %d: field %s already set in type %s", ni.line+1, name.String(), out.Type()))
+ continue
+ }
+ doneFields[info.Id] = true
+ }
+ var field reflect.Value
+ if info.Inline == nil {
+ field = out.Field(info.Num)
+ } else {
+ field = out.FieldByIndex(info.Inline)
+ }
+ d.unmarshal(n.children[i+1], field)
+ } else if sinfo.InlineMap != -1 {
+ if inlineMap.IsNil() {
+ inlineMap.Set(reflect.MakeMap(inlineMap.Type()))
+ }
+ value := reflect.New(elemType).Elem()
+ d.unmarshal(n.children[i+1], value)
+ d.setMapIndex(n.children[i+1], inlineMap, name, value)
+ } else if d.strict {
+ d.terrors = append(d.terrors, fmt.Sprintf("line %d: field %s not found in type %s", ni.line+1, name.String(), out.Type()))
+ }
+ }
+ return true
+}
+
+func failWantMap() {
+ failf("map merge requires map or sequence of maps as the value")
+}
+
+func (d *decoder) merge(n *node, out reflect.Value) {
+ switch n.kind {
+ case mappingNode:
+ d.unmarshal(n, out)
+ case aliasNode:
+ if n.alias != nil && n.alias.kind != mappingNode {
+ failWantMap()
+ }
+ d.unmarshal(n, out)
+ case sequenceNode:
+ // Step backwards as earlier nodes take precedence.
+ for i := len(n.children) - 1; i >= 0; i-- {
+ ni := n.children[i]
+ if ni.kind == aliasNode {
+ if ni.alias != nil && ni.alias.kind != mappingNode {
+ failWantMap()
+ }
+ } else if ni.kind != mappingNode {
+ failWantMap()
+ }
+ d.unmarshal(ni, out)
+ }
+ default:
+ failWantMap()
+ }
+}
+
+func isMerge(n *node) bool {
+ return n.kind == scalarNode && n.value == "<<" && (n.implicit == true || n.tag == yaml_MERGE_TAG)
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/emitterc.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/emitterc.go
new file mode 100644
index 000000000..a1c2cc526
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/emitterc.go
@@ -0,0 +1,1685 @@
+package yaml
+
+import (
+ "bytes"
+ "fmt"
+)
+
+// Flush the buffer if needed.
+func flush(emitter *yaml_emitter_t) bool {
+ if emitter.buffer_pos+5 >= len(emitter.buffer) {
+ return yaml_emitter_flush(emitter)
+ }
+ return true
+}
+
+// Put a character to the output buffer.
+func put(emitter *yaml_emitter_t, value byte) bool {
+ if emitter.buffer_pos+5 >= len(emitter.buffer) && !yaml_emitter_flush(emitter) {
+ return false
+ }
+ emitter.buffer[emitter.buffer_pos] = value
+ emitter.buffer_pos++
+ emitter.column++
+ return true
+}
+
+// Put a line break to the output buffer.
+func put_break(emitter *yaml_emitter_t) bool {
+ if emitter.buffer_pos+5 >= len(emitter.buffer) && !yaml_emitter_flush(emitter) {
+ return false
+ }
+ switch emitter.line_break {
+ case yaml_CR_BREAK:
+ emitter.buffer[emitter.buffer_pos] = '\r'
+ emitter.buffer_pos += 1
+ case yaml_LN_BREAK:
+ emitter.buffer[emitter.buffer_pos] = '\n'
+ emitter.buffer_pos += 1
+ case yaml_CRLN_BREAK:
+ emitter.buffer[emitter.buffer_pos+0] = '\r'
+ emitter.buffer[emitter.buffer_pos+1] = '\n'
+ emitter.buffer_pos += 2
+ default:
+ panic("unknown line break setting")
+ }
+ emitter.column = 0
+ emitter.line++
+ return true
+}
+
+// Copy a character from a string into buffer.
+func write(emitter *yaml_emitter_t, s []byte, i *int) bool {
+ if emitter.buffer_pos+5 >= len(emitter.buffer) && !yaml_emitter_flush(emitter) {
+ return false
+ }
+ p := emitter.buffer_pos
+ w := width(s[*i])
+ switch w {
+ case 4:
+ emitter.buffer[p+3] = s[*i+3]
+ fallthrough
+ case 3:
+ emitter.buffer[p+2] = s[*i+2]
+ fallthrough
+ case 2:
+ emitter.buffer[p+1] = s[*i+1]
+ fallthrough
+ case 1:
+ emitter.buffer[p+0] = s[*i+0]
+ default:
+ panic("unknown character width")
+ }
+ emitter.column++
+ emitter.buffer_pos += w
+ *i += w
+ return true
+}
+
+// Write a whole string into buffer.
+func write_all(emitter *yaml_emitter_t, s []byte) bool {
+ for i := 0; i < len(s); {
+ if !write(emitter, s, &i) {
+ return false
+ }
+ }
+ return true
+}
+
+// Copy a line break character from a string into buffer.
+func write_break(emitter *yaml_emitter_t, s []byte, i *int) bool {
+ if s[*i] == '\n' {
+ if !put_break(emitter) {
+ return false
+ }
+ *i++
+ } else {
+ if !write(emitter, s, i) {
+ return false
+ }
+ emitter.column = 0
+ emitter.line++
+ }
+ return true
+}
+
+// Set an emitter error and return false.
+func yaml_emitter_set_emitter_error(emitter *yaml_emitter_t, problem string) bool {
+ emitter.error = yaml_EMITTER_ERROR
+ emitter.problem = problem
+ return false
+}
+
+// Emit an event.
+func yaml_emitter_emit(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ emitter.events = append(emitter.events, *event)
+ for !yaml_emitter_need_more_events(emitter) {
+ event := &emitter.events[emitter.events_head]
+ if !yaml_emitter_analyze_event(emitter, event) {
+ return false
+ }
+ if !yaml_emitter_state_machine(emitter, event) {
+ return false
+ }
+ yaml_event_delete(event)
+ emitter.events_head++
+ }
+ return true
+}
+
+// Check if we need to accumulate more events before emitting.
+//
+// We accumulate extra
+// - 1 event for DOCUMENT-START
+// - 2 events for SEQUENCE-START
+// - 3 events for MAPPING-START
+//
+func yaml_emitter_need_more_events(emitter *yaml_emitter_t) bool {
+ if emitter.events_head == len(emitter.events) {
+ return true
+ }
+ var accumulate int
+ switch emitter.events[emitter.events_head].typ {
+ case yaml_DOCUMENT_START_EVENT:
+ accumulate = 1
+ break
+ case yaml_SEQUENCE_START_EVENT:
+ accumulate = 2
+ break
+ case yaml_MAPPING_START_EVENT:
+ accumulate = 3
+ break
+ default:
+ return false
+ }
+ if len(emitter.events)-emitter.events_head > accumulate {
+ return false
+ }
+ var level int
+ for i := emitter.events_head; i < len(emitter.events); i++ {
+ switch emitter.events[i].typ {
+ case yaml_STREAM_START_EVENT, yaml_DOCUMENT_START_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT:
+ level++
+ case yaml_STREAM_END_EVENT, yaml_DOCUMENT_END_EVENT, yaml_SEQUENCE_END_EVENT, yaml_MAPPING_END_EVENT:
+ level--
+ }
+ if level == 0 {
+ return false
+ }
+ }
+ return true
+}
+
+// Append a directive to the directives stack.
+func yaml_emitter_append_tag_directive(emitter *yaml_emitter_t, value *yaml_tag_directive_t, allow_duplicates bool) bool {
+ for i := 0; i < len(emitter.tag_directives); i++ {
+ if bytes.Equal(value.handle, emitter.tag_directives[i].handle) {
+ if allow_duplicates {
+ return true
+ }
+ return yaml_emitter_set_emitter_error(emitter, "duplicate %TAG directive")
+ }
+ }
+
+ // [Go] Do we actually need to copy this given garbage collection
+ // and the lack of deallocating destructors?
+ tag_copy := yaml_tag_directive_t{
+ handle: make([]byte, len(value.handle)),
+ prefix: make([]byte, len(value.prefix)),
+ }
+ copy(tag_copy.handle, value.handle)
+ copy(tag_copy.prefix, value.prefix)
+ emitter.tag_directives = append(emitter.tag_directives, tag_copy)
+ return true
+}
+
+// Increase the indentation level.
+func yaml_emitter_increase_indent(emitter *yaml_emitter_t, flow, indentless bool) bool {
+ emitter.indents = append(emitter.indents, emitter.indent)
+ if emitter.indent < 0 {
+ if flow {
+ emitter.indent = emitter.best_indent
+ } else {
+ emitter.indent = 0
+ }
+ } else if !indentless {
+ emitter.indent += emitter.best_indent
+ }
+ return true
+}
+
+// State dispatcher.
+func yaml_emitter_state_machine(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ switch emitter.state {
+ default:
+ case yaml_EMIT_STREAM_START_STATE:
+ return yaml_emitter_emit_stream_start(emitter, event)
+
+ case yaml_EMIT_FIRST_DOCUMENT_START_STATE:
+ return yaml_emitter_emit_document_start(emitter, event, true)
+
+ case yaml_EMIT_DOCUMENT_START_STATE:
+ return yaml_emitter_emit_document_start(emitter, event, false)
+
+ case yaml_EMIT_DOCUMENT_CONTENT_STATE:
+ return yaml_emitter_emit_document_content(emitter, event)
+
+ case yaml_EMIT_DOCUMENT_END_STATE:
+ return yaml_emitter_emit_document_end(emitter, event)
+
+ case yaml_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE:
+ return yaml_emitter_emit_flow_sequence_item(emitter, event, true)
+
+ case yaml_EMIT_FLOW_SEQUENCE_ITEM_STATE:
+ return yaml_emitter_emit_flow_sequence_item(emitter, event, false)
+
+ case yaml_EMIT_FLOW_MAPPING_FIRST_KEY_STATE:
+ return yaml_emitter_emit_flow_mapping_key(emitter, event, true)
+
+ case yaml_EMIT_FLOW_MAPPING_KEY_STATE:
+ return yaml_emitter_emit_flow_mapping_key(emitter, event, false)
+
+ case yaml_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE:
+ return yaml_emitter_emit_flow_mapping_value(emitter, event, true)
+
+ case yaml_EMIT_FLOW_MAPPING_VALUE_STATE:
+ return yaml_emitter_emit_flow_mapping_value(emitter, event, false)
+
+ case yaml_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE:
+ return yaml_emitter_emit_block_sequence_item(emitter, event, true)
+
+ case yaml_EMIT_BLOCK_SEQUENCE_ITEM_STATE:
+ return yaml_emitter_emit_block_sequence_item(emitter, event, false)
+
+ case yaml_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE:
+ return yaml_emitter_emit_block_mapping_key(emitter, event, true)
+
+ case yaml_EMIT_BLOCK_MAPPING_KEY_STATE:
+ return yaml_emitter_emit_block_mapping_key(emitter, event, false)
+
+ case yaml_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE:
+ return yaml_emitter_emit_block_mapping_value(emitter, event, true)
+
+ case yaml_EMIT_BLOCK_MAPPING_VALUE_STATE:
+ return yaml_emitter_emit_block_mapping_value(emitter, event, false)
+
+ case yaml_EMIT_END_STATE:
+ return yaml_emitter_set_emitter_error(emitter, "expected nothing after STREAM-END")
+ }
+ panic("invalid emitter state")
+}
+
+// Expect STREAM-START.
+func yaml_emitter_emit_stream_start(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ if event.typ != yaml_STREAM_START_EVENT {
+ return yaml_emitter_set_emitter_error(emitter, "expected STREAM-START")
+ }
+ if emitter.encoding == yaml_ANY_ENCODING {
+ emitter.encoding = event.encoding
+ if emitter.encoding == yaml_ANY_ENCODING {
+ emitter.encoding = yaml_UTF8_ENCODING
+ }
+ }
+ if emitter.best_indent < 2 || emitter.best_indent > 9 {
+ emitter.best_indent = 2
+ }
+ if emitter.best_width >= 0 && emitter.best_width <= emitter.best_indent*2 {
+ emitter.best_width = 80
+ }
+ if emitter.best_width < 0 {
+ emitter.best_width = 1<<31 - 1
+ }
+ if emitter.line_break == yaml_ANY_BREAK {
+ emitter.line_break = yaml_LN_BREAK
+ }
+
+ emitter.indent = -1
+ emitter.line = 0
+ emitter.column = 0
+ emitter.whitespace = true
+ emitter.indention = true
+
+ if emitter.encoding != yaml_UTF8_ENCODING {
+ if !yaml_emitter_write_bom(emitter) {
+ return false
+ }
+ }
+ emitter.state = yaml_EMIT_FIRST_DOCUMENT_START_STATE
+ return true
+}
+
+// Expect DOCUMENT-START or STREAM-END.
+func yaml_emitter_emit_document_start(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
+
+ if event.typ == yaml_DOCUMENT_START_EVENT {
+
+ if event.version_directive != nil {
+ if !yaml_emitter_analyze_version_directive(emitter, event.version_directive) {
+ return false
+ }
+ }
+
+ for i := 0; i < len(event.tag_directives); i++ {
+ tag_directive := &event.tag_directives[i]
+ if !yaml_emitter_analyze_tag_directive(emitter, tag_directive) {
+ return false
+ }
+ if !yaml_emitter_append_tag_directive(emitter, tag_directive, false) {
+ return false
+ }
+ }
+
+ for i := 0; i < len(default_tag_directives); i++ {
+ tag_directive := &default_tag_directives[i]
+ if !yaml_emitter_append_tag_directive(emitter, tag_directive, true) {
+ return false
+ }
+ }
+
+ implicit := event.implicit
+ if !first || emitter.canonical {
+ implicit = false
+ }
+
+ if emitter.open_ended && (event.version_directive != nil || len(event.tag_directives) > 0) {
+ if !yaml_emitter_write_indicator(emitter, []byte("..."), true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+
+ if event.version_directive != nil {
+ implicit = false
+ if !yaml_emitter_write_indicator(emitter, []byte("%YAML"), true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte("1.1"), true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+
+ if len(event.tag_directives) > 0 {
+ implicit = false
+ for i := 0; i < len(event.tag_directives); i++ {
+ tag_directive := &event.tag_directives[i]
+ if !yaml_emitter_write_indicator(emitter, []byte("%TAG"), true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_tag_handle(emitter, tag_directive.handle) {
+ return false
+ }
+ if !yaml_emitter_write_tag_content(emitter, tag_directive.prefix, true) {
+ return false
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ }
+
+ if yaml_emitter_check_empty_document(emitter) {
+ implicit = false
+ }
+ if !implicit {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte("---"), true, false, false) {
+ return false
+ }
+ if emitter.canonical {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ }
+
+ emitter.state = yaml_EMIT_DOCUMENT_CONTENT_STATE
+ return true
+ }
+
+ if event.typ == yaml_STREAM_END_EVENT {
+ if emitter.open_ended {
+ if !yaml_emitter_write_indicator(emitter, []byte("..."), true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if !yaml_emitter_flush(emitter) {
+ return false
+ }
+ emitter.state = yaml_EMIT_END_STATE
+ return true
+ }
+
+ return yaml_emitter_set_emitter_error(emitter, "expected DOCUMENT-START or STREAM-END")
+}
+
+// Expect the root node.
+func yaml_emitter_emit_document_content(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ emitter.states = append(emitter.states, yaml_EMIT_DOCUMENT_END_STATE)
+ return yaml_emitter_emit_node(emitter, event, true, false, false, false)
+}
+
+// Expect DOCUMENT-END.
+func yaml_emitter_emit_document_end(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ if event.typ != yaml_DOCUMENT_END_EVENT {
+ return yaml_emitter_set_emitter_error(emitter, "expected DOCUMENT-END")
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ if !event.implicit {
+ // [Go] Allocate the slice elsewhere.
+ if !yaml_emitter_write_indicator(emitter, []byte("..."), true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if !yaml_emitter_flush(emitter) {
+ return false
+ }
+ emitter.state = yaml_EMIT_DOCUMENT_START_STATE
+ emitter.tag_directives = emitter.tag_directives[:0]
+ return true
+}
+
+// Expect a flow item node.
+func yaml_emitter_emit_flow_sequence_item(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
+ if first {
+ if !yaml_emitter_write_indicator(emitter, []byte{'['}, true, true, false) {
+ return false
+ }
+ if !yaml_emitter_increase_indent(emitter, true, false) {
+ return false
+ }
+ emitter.flow_level++
+ }
+
+ if event.typ == yaml_SEQUENCE_END_EVENT {
+ emitter.flow_level--
+ emitter.indent = emitter.indents[len(emitter.indents)-1]
+ emitter.indents = emitter.indents[:len(emitter.indents)-1]
+ if emitter.canonical && !first {
+ if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{']'}, false, false, false) {
+ return false
+ }
+ emitter.state = emitter.states[len(emitter.states)-1]
+ emitter.states = emitter.states[:len(emitter.states)-1]
+
+ return true
+ }
+
+ if !first {
+ if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
+ return false
+ }
+ }
+
+ if emitter.canonical || emitter.column > emitter.best_width {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ emitter.states = append(emitter.states, yaml_EMIT_FLOW_SEQUENCE_ITEM_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, true, false, false)
+}
+
+// Expect a flow key node.
+func yaml_emitter_emit_flow_mapping_key(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
+ if first {
+ if !yaml_emitter_write_indicator(emitter, []byte{'{'}, true, true, false) {
+ return false
+ }
+ if !yaml_emitter_increase_indent(emitter, true, false) {
+ return false
+ }
+ emitter.flow_level++
+ }
+
+ if event.typ == yaml_MAPPING_END_EVENT {
+ emitter.flow_level--
+ emitter.indent = emitter.indents[len(emitter.indents)-1]
+ emitter.indents = emitter.indents[:len(emitter.indents)-1]
+ if emitter.canonical && !first {
+ if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{'}'}, false, false, false) {
+ return false
+ }
+ emitter.state = emitter.states[len(emitter.states)-1]
+ emitter.states = emitter.states[:len(emitter.states)-1]
+ return true
+ }
+
+ if !first {
+ if !yaml_emitter_write_indicator(emitter, []byte{','}, false, false, false) {
+ return false
+ }
+ }
+ if emitter.canonical || emitter.column > emitter.best_width {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+
+ if !emitter.canonical && yaml_emitter_check_simple_key(emitter) {
+ emitter.states = append(emitter.states, yaml_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, false, true, true)
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{'?'}, true, false, false) {
+ return false
+ }
+ emitter.states = append(emitter.states, yaml_EMIT_FLOW_MAPPING_VALUE_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, false, true, false)
+}
+
+// Expect a flow value node.
+func yaml_emitter_emit_flow_mapping_value(emitter *yaml_emitter_t, event *yaml_event_t, simple bool) bool {
+ if simple {
+ if !yaml_emitter_write_indicator(emitter, []byte{':'}, false, false, false) {
+ return false
+ }
+ } else {
+ if emitter.canonical || emitter.column > emitter.best_width {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{':'}, true, false, false) {
+ return false
+ }
+ }
+ emitter.states = append(emitter.states, yaml_EMIT_FLOW_MAPPING_KEY_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, false, true, false)
+}
+
+// Expect a block item node.
+func yaml_emitter_emit_block_sequence_item(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
+ if first {
+ if !yaml_emitter_increase_indent(emitter, false, emitter.mapping_context && !emitter.indention) {
+ return false
+ }
+ }
+ if event.typ == yaml_SEQUENCE_END_EVENT {
+ emitter.indent = emitter.indents[len(emitter.indents)-1]
+ emitter.indents = emitter.indents[:len(emitter.indents)-1]
+ emitter.state = emitter.states[len(emitter.states)-1]
+ emitter.states = emitter.states[:len(emitter.states)-1]
+ return true
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{'-'}, true, false, true) {
+ return false
+ }
+ emitter.states = append(emitter.states, yaml_EMIT_BLOCK_SEQUENCE_ITEM_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, true, false, false)
+}
+
+// Expect a block key node.
+func yaml_emitter_emit_block_mapping_key(emitter *yaml_emitter_t, event *yaml_event_t, first bool) bool {
+ if first {
+ if !yaml_emitter_increase_indent(emitter, false, false) {
+ return false
+ }
+ }
+ if event.typ == yaml_MAPPING_END_EVENT {
+ emitter.indent = emitter.indents[len(emitter.indents)-1]
+ emitter.indents = emitter.indents[:len(emitter.indents)-1]
+ emitter.state = emitter.states[len(emitter.states)-1]
+ emitter.states = emitter.states[:len(emitter.states)-1]
+ return true
+ }
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ if yaml_emitter_check_simple_key(emitter) {
+ emitter.states = append(emitter.states, yaml_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, false, true, true)
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{'?'}, true, false, true) {
+ return false
+ }
+ emitter.states = append(emitter.states, yaml_EMIT_BLOCK_MAPPING_VALUE_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, false, true, false)
+}
+
+// Expect a block value node.
+func yaml_emitter_emit_block_mapping_value(emitter *yaml_emitter_t, event *yaml_event_t, simple bool) bool {
+ if simple {
+ if !yaml_emitter_write_indicator(emitter, []byte{':'}, false, false, false) {
+ return false
+ }
+ } else {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{':'}, true, false, true) {
+ return false
+ }
+ }
+ emitter.states = append(emitter.states, yaml_EMIT_BLOCK_MAPPING_KEY_STATE)
+ return yaml_emitter_emit_node(emitter, event, false, false, true, false)
+}
+
+// Expect a node.
+func yaml_emitter_emit_node(emitter *yaml_emitter_t, event *yaml_event_t,
+ root bool, sequence bool, mapping bool, simple_key bool) bool {
+
+ emitter.root_context = root
+ emitter.sequence_context = sequence
+ emitter.mapping_context = mapping
+ emitter.simple_key_context = simple_key
+
+ switch event.typ {
+ case yaml_ALIAS_EVENT:
+ return yaml_emitter_emit_alias(emitter, event)
+ case yaml_SCALAR_EVENT:
+ return yaml_emitter_emit_scalar(emitter, event)
+ case yaml_SEQUENCE_START_EVENT:
+ return yaml_emitter_emit_sequence_start(emitter, event)
+ case yaml_MAPPING_START_EVENT:
+ return yaml_emitter_emit_mapping_start(emitter, event)
+ default:
+ return yaml_emitter_set_emitter_error(emitter,
+ fmt.Sprintf("expected SCALAR, SEQUENCE-START, MAPPING-START, or ALIAS, but got %v", event.typ))
+ }
+}
+
+// Expect ALIAS.
+func yaml_emitter_emit_alias(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ if !yaml_emitter_process_anchor(emitter) {
+ return false
+ }
+ emitter.state = emitter.states[len(emitter.states)-1]
+ emitter.states = emitter.states[:len(emitter.states)-1]
+ return true
+}
+
+// Expect SCALAR.
+func yaml_emitter_emit_scalar(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ if !yaml_emitter_select_scalar_style(emitter, event) {
+ return false
+ }
+ if !yaml_emitter_process_anchor(emitter) {
+ return false
+ }
+ if !yaml_emitter_process_tag(emitter) {
+ return false
+ }
+ if !yaml_emitter_increase_indent(emitter, true, false) {
+ return false
+ }
+ if !yaml_emitter_process_scalar(emitter) {
+ return false
+ }
+ emitter.indent = emitter.indents[len(emitter.indents)-1]
+ emitter.indents = emitter.indents[:len(emitter.indents)-1]
+ emitter.state = emitter.states[len(emitter.states)-1]
+ emitter.states = emitter.states[:len(emitter.states)-1]
+ return true
+}
+
+// Expect SEQUENCE-START.
+func yaml_emitter_emit_sequence_start(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ if !yaml_emitter_process_anchor(emitter) {
+ return false
+ }
+ if !yaml_emitter_process_tag(emitter) {
+ return false
+ }
+ if emitter.flow_level > 0 || emitter.canonical || event.sequence_style() == yaml_FLOW_SEQUENCE_STYLE ||
+ yaml_emitter_check_empty_sequence(emitter) {
+ emitter.state = yaml_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE
+ } else {
+ emitter.state = yaml_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE
+ }
+ return true
+}
+
+// Expect MAPPING-START.
+func yaml_emitter_emit_mapping_start(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+ if !yaml_emitter_process_anchor(emitter) {
+ return false
+ }
+ if !yaml_emitter_process_tag(emitter) {
+ return false
+ }
+ if emitter.flow_level > 0 || emitter.canonical || event.mapping_style() == yaml_FLOW_MAPPING_STYLE ||
+ yaml_emitter_check_empty_mapping(emitter) {
+ emitter.state = yaml_EMIT_FLOW_MAPPING_FIRST_KEY_STATE
+ } else {
+ emitter.state = yaml_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE
+ }
+ return true
+}
+
+// Check if the document content is an empty scalar.
+func yaml_emitter_check_empty_document(emitter *yaml_emitter_t) bool {
+ return false // [Go] Huh?
+}
+
+// Check if the next events represent an empty sequence.
+func yaml_emitter_check_empty_sequence(emitter *yaml_emitter_t) bool {
+ if len(emitter.events)-emitter.events_head < 2 {
+ return false
+ }
+ return emitter.events[emitter.events_head].typ == yaml_SEQUENCE_START_EVENT &&
+ emitter.events[emitter.events_head+1].typ == yaml_SEQUENCE_END_EVENT
+}
+
+// Check if the next events represent an empty mapping.
+func yaml_emitter_check_empty_mapping(emitter *yaml_emitter_t) bool {
+ if len(emitter.events)-emitter.events_head < 2 {
+ return false
+ }
+ return emitter.events[emitter.events_head].typ == yaml_MAPPING_START_EVENT &&
+ emitter.events[emitter.events_head+1].typ == yaml_MAPPING_END_EVENT
+}
+
+// Check if the next node can be expressed as a simple key.
+func yaml_emitter_check_simple_key(emitter *yaml_emitter_t) bool {
+ length := 0
+ switch emitter.events[emitter.events_head].typ {
+ case yaml_ALIAS_EVENT:
+ length += len(emitter.anchor_data.anchor)
+ case yaml_SCALAR_EVENT:
+ if emitter.scalar_data.multiline {
+ return false
+ }
+ length += len(emitter.anchor_data.anchor) +
+ len(emitter.tag_data.handle) +
+ len(emitter.tag_data.suffix) +
+ len(emitter.scalar_data.value)
+ case yaml_SEQUENCE_START_EVENT:
+ if !yaml_emitter_check_empty_sequence(emitter) {
+ return false
+ }
+ length += len(emitter.anchor_data.anchor) +
+ len(emitter.tag_data.handle) +
+ len(emitter.tag_data.suffix)
+ case yaml_MAPPING_START_EVENT:
+ if !yaml_emitter_check_empty_mapping(emitter) {
+ return false
+ }
+ length += len(emitter.anchor_data.anchor) +
+ len(emitter.tag_data.handle) +
+ len(emitter.tag_data.suffix)
+ default:
+ return false
+ }
+ return length <= 128
+}
+
+// Determine an acceptable scalar style.
+func yaml_emitter_select_scalar_style(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+
+ no_tag := len(emitter.tag_data.handle) == 0 && len(emitter.tag_data.suffix) == 0
+ if no_tag && !event.implicit && !event.quoted_implicit {
+ return yaml_emitter_set_emitter_error(emitter, "neither tag nor implicit flags are specified")
+ }
+
+ style := event.scalar_style()
+ if style == yaml_ANY_SCALAR_STYLE {
+ style = yaml_PLAIN_SCALAR_STYLE
+ }
+ if emitter.canonical {
+ style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
+ }
+ if emitter.simple_key_context && emitter.scalar_data.multiline {
+ style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
+ }
+
+ if style == yaml_PLAIN_SCALAR_STYLE {
+ if emitter.flow_level > 0 && !emitter.scalar_data.flow_plain_allowed ||
+ emitter.flow_level == 0 && !emitter.scalar_data.block_plain_allowed {
+ style = yaml_SINGLE_QUOTED_SCALAR_STYLE
+ }
+ if len(emitter.scalar_data.value) == 0 && (emitter.flow_level > 0 || emitter.simple_key_context) {
+ style = yaml_SINGLE_QUOTED_SCALAR_STYLE
+ }
+ if no_tag && !event.implicit {
+ style = yaml_SINGLE_QUOTED_SCALAR_STYLE
+ }
+ }
+ if style == yaml_SINGLE_QUOTED_SCALAR_STYLE {
+ if !emitter.scalar_data.single_quoted_allowed {
+ style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
+ }
+ }
+ if style == yaml_LITERAL_SCALAR_STYLE || style == yaml_FOLDED_SCALAR_STYLE {
+ if !emitter.scalar_data.block_allowed || emitter.flow_level > 0 || emitter.simple_key_context {
+ style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
+ }
+ }
+
+ if no_tag && !event.quoted_implicit && style != yaml_PLAIN_SCALAR_STYLE {
+ emitter.tag_data.handle = []byte{'!'}
+ }
+ emitter.scalar_data.style = style
+ return true
+}
+
+// Write an anchor.
+func yaml_emitter_process_anchor(emitter *yaml_emitter_t) bool {
+ if emitter.anchor_data.anchor == nil {
+ return true
+ }
+ c := []byte{'&'}
+ if emitter.anchor_data.alias {
+ c[0] = '*'
+ }
+ if !yaml_emitter_write_indicator(emitter, c, true, false, false) {
+ return false
+ }
+ return yaml_emitter_write_anchor(emitter, emitter.anchor_data.anchor)
+}
+
+// Write a tag.
+func yaml_emitter_process_tag(emitter *yaml_emitter_t) bool {
+ if len(emitter.tag_data.handle) == 0 && len(emitter.tag_data.suffix) == 0 {
+ return true
+ }
+ if len(emitter.tag_data.handle) > 0 {
+ if !yaml_emitter_write_tag_handle(emitter, emitter.tag_data.handle) {
+ return false
+ }
+ if len(emitter.tag_data.suffix) > 0 {
+ if !yaml_emitter_write_tag_content(emitter, emitter.tag_data.suffix, false) {
+ return false
+ }
+ }
+ } else {
+ // [Go] Allocate these slices elsewhere.
+ if !yaml_emitter_write_indicator(emitter, []byte("!<"), true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_tag_content(emitter, emitter.tag_data.suffix, false) {
+ return false
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{'>'}, false, false, false) {
+ return false
+ }
+ }
+ return true
+}
+
+// Write a scalar.
+func yaml_emitter_process_scalar(emitter *yaml_emitter_t) bool {
+ switch emitter.scalar_data.style {
+ case yaml_PLAIN_SCALAR_STYLE:
+ return yaml_emitter_write_plain_scalar(emitter, emitter.scalar_data.value, !emitter.simple_key_context)
+
+ case yaml_SINGLE_QUOTED_SCALAR_STYLE:
+ return yaml_emitter_write_single_quoted_scalar(emitter, emitter.scalar_data.value, !emitter.simple_key_context)
+
+ case yaml_DOUBLE_QUOTED_SCALAR_STYLE:
+ return yaml_emitter_write_double_quoted_scalar(emitter, emitter.scalar_data.value, !emitter.simple_key_context)
+
+ case yaml_LITERAL_SCALAR_STYLE:
+ return yaml_emitter_write_literal_scalar(emitter, emitter.scalar_data.value)
+
+ case yaml_FOLDED_SCALAR_STYLE:
+ return yaml_emitter_write_folded_scalar(emitter, emitter.scalar_data.value)
+ }
+ panic("unknown scalar style")
+}
+
+// Check if a %YAML directive is valid.
+func yaml_emitter_analyze_version_directive(emitter *yaml_emitter_t, version_directive *yaml_version_directive_t) bool {
+ if version_directive.major != 1 || version_directive.minor != 1 {
+ return yaml_emitter_set_emitter_error(emitter, "incompatible %YAML directive")
+ }
+ return true
+}
+
+// Check if a %TAG directive is valid.
+func yaml_emitter_analyze_tag_directive(emitter *yaml_emitter_t, tag_directive *yaml_tag_directive_t) bool {
+ handle := tag_directive.handle
+ prefix := tag_directive.prefix
+ if len(handle) == 0 {
+ return yaml_emitter_set_emitter_error(emitter, "tag handle must not be empty")
+ }
+ if handle[0] != '!' {
+ return yaml_emitter_set_emitter_error(emitter, "tag handle must start with '!'")
+ }
+ if handle[len(handle)-1] != '!' {
+ return yaml_emitter_set_emitter_error(emitter, "tag handle must end with '!'")
+ }
+ for i := 1; i < len(handle)-1; i += width(handle[i]) {
+ if !is_alpha(handle, i) {
+ return yaml_emitter_set_emitter_error(emitter, "tag handle must contain alphanumerical characters only")
+ }
+ }
+ if len(prefix) == 0 {
+ return yaml_emitter_set_emitter_error(emitter, "tag prefix must not be empty")
+ }
+ return true
+}
+
+// Check if an anchor is valid.
+func yaml_emitter_analyze_anchor(emitter *yaml_emitter_t, anchor []byte, alias bool) bool {
+ if len(anchor) == 0 {
+ problem := "anchor value must not be empty"
+ if alias {
+ problem = "alias value must not be empty"
+ }
+ return yaml_emitter_set_emitter_error(emitter, problem)
+ }
+ for i := 0; i < len(anchor); i += width(anchor[i]) {
+ if !is_alpha(anchor, i) {
+ problem := "anchor value must contain alphanumerical characters only"
+ if alias {
+ problem = "alias value must contain alphanumerical characters only"
+ }
+ return yaml_emitter_set_emitter_error(emitter, problem)
+ }
+ }
+ emitter.anchor_data.anchor = anchor
+ emitter.anchor_data.alias = alias
+ return true
+}
+
+// Check if a tag is valid.
+func yaml_emitter_analyze_tag(emitter *yaml_emitter_t, tag []byte) bool {
+ if len(tag) == 0 {
+ return yaml_emitter_set_emitter_error(emitter, "tag value must not be empty")
+ }
+ for i := 0; i < len(emitter.tag_directives); i++ {
+ tag_directive := &emitter.tag_directives[i]
+ if bytes.HasPrefix(tag, tag_directive.prefix) {
+ emitter.tag_data.handle = tag_directive.handle
+ emitter.tag_data.suffix = tag[len(tag_directive.prefix):]
+ return true
+ }
+ }
+ emitter.tag_data.suffix = tag
+ return true
+}
+
+// Check if a scalar is valid.
+func yaml_emitter_analyze_scalar(emitter *yaml_emitter_t, value []byte) bool {
+ var (
+ block_indicators = false
+ flow_indicators = false
+ line_breaks = false
+ special_characters = false
+
+ leading_space = false
+ leading_break = false
+ trailing_space = false
+ trailing_break = false
+ break_space = false
+ space_break = false
+
+ preceded_by_whitespace = false
+ followed_by_whitespace = false
+ previous_space = false
+ previous_break = false
+ )
+
+ emitter.scalar_data.value = value
+
+ if len(value) == 0 {
+ emitter.scalar_data.multiline = false
+ emitter.scalar_data.flow_plain_allowed = false
+ emitter.scalar_data.block_plain_allowed = true
+ emitter.scalar_data.single_quoted_allowed = true
+ emitter.scalar_data.block_allowed = false
+ return true
+ }
+
+ if len(value) >= 3 && ((value[0] == '-' && value[1] == '-' && value[2] == '-') || (value[0] == '.' && value[1] == '.' && value[2] == '.')) {
+ block_indicators = true
+ flow_indicators = true
+ }
+
+ preceded_by_whitespace = true
+ for i, w := 0, 0; i < len(value); i += w {
+ w = width(value[i])
+ followed_by_whitespace = i+w >= len(value) || is_blank(value, i+w)
+
+ if i == 0 {
+ switch value[i] {
+ case '#', ',', '[', ']', '{', '}', '&', '*', '!', '|', '>', '\'', '"', '%', '@', '`':
+ flow_indicators = true
+ block_indicators = true
+ case '?', ':':
+ flow_indicators = true
+ if followed_by_whitespace {
+ block_indicators = true
+ }
+ case '-':
+ if followed_by_whitespace {
+ flow_indicators = true
+ block_indicators = true
+ }
+ }
+ } else {
+ switch value[i] {
+ case ',', '?', '[', ']', '{', '}':
+ flow_indicators = true
+ case ':':
+ flow_indicators = true
+ if followed_by_whitespace {
+ block_indicators = true
+ }
+ case '#':
+ if preceded_by_whitespace {
+ flow_indicators = true
+ block_indicators = true
+ }
+ }
+ }
+
+ if !is_printable(value, i) || !is_ascii(value, i) && !emitter.unicode {
+ special_characters = true
+ }
+ if is_space(value, i) {
+ if i == 0 {
+ leading_space = true
+ }
+ if i+width(value[i]) == len(value) {
+ trailing_space = true
+ }
+ if previous_break {
+ break_space = true
+ }
+ previous_space = true
+ previous_break = false
+ } else if is_break(value, i) {
+ line_breaks = true
+ if i == 0 {
+ leading_break = true
+ }
+ if i+width(value[i]) == len(value) {
+ trailing_break = true
+ }
+ if previous_space {
+ space_break = true
+ }
+ previous_space = false
+ previous_break = true
+ } else {
+ previous_space = false
+ previous_break = false
+ }
+
+ // [Go]: Why 'z'? Couldn't be the end of the string as that's the loop condition.
+ preceded_by_whitespace = is_blankz(value, i)
+ }
+
+ emitter.scalar_data.multiline = line_breaks
+ emitter.scalar_data.flow_plain_allowed = true
+ emitter.scalar_data.block_plain_allowed = true
+ emitter.scalar_data.single_quoted_allowed = true
+ emitter.scalar_data.block_allowed = true
+
+ if leading_space || leading_break || trailing_space || trailing_break {
+ emitter.scalar_data.flow_plain_allowed = false
+ emitter.scalar_data.block_plain_allowed = false
+ }
+ if trailing_space {
+ emitter.scalar_data.block_allowed = false
+ }
+ if break_space {
+ emitter.scalar_data.flow_plain_allowed = false
+ emitter.scalar_data.block_plain_allowed = false
+ emitter.scalar_data.single_quoted_allowed = false
+ }
+ if space_break || special_characters {
+ emitter.scalar_data.flow_plain_allowed = false
+ emitter.scalar_data.block_plain_allowed = false
+ emitter.scalar_data.single_quoted_allowed = false
+ emitter.scalar_data.block_allowed = false
+ }
+ if line_breaks {
+ emitter.scalar_data.flow_plain_allowed = false
+ emitter.scalar_data.block_plain_allowed = false
+ }
+ if flow_indicators {
+ emitter.scalar_data.flow_plain_allowed = false
+ }
+ if block_indicators {
+ emitter.scalar_data.block_plain_allowed = false
+ }
+ return true
+}
+
+// Check if the event data is valid.
+func yaml_emitter_analyze_event(emitter *yaml_emitter_t, event *yaml_event_t) bool {
+
+ emitter.anchor_data.anchor = nil
+ emitter.tag_data.handle = nil
+ emitter.tag_data.suffix = nil
+ emitter.scalar_data.value = nil
+
+ switch event.typ {
+ case yaml_ALIAS_EVENT:
+ if !yaml_emitter_analyze_anchor(emitter, event.anchor, true) {
+ return false
+ }
+
+ case yaml_SCALAR_EVENT:
+ if len(event.anchor) > 0 {
+ if !yaml_emitter_analyze_anchor(emitter, event.anchor, false) {
+ return false
+ }
+ }
+ if len(event.tag) > 0 && (emitter.canonical || (!event.implicit && !event.quoted_implicit)) {
+ if !yaml_emitter_analyze_tag(emitter, event.tag) {
+ return false
+ }
+ }
+ if !yaml_emitter_analyze_scalar(emitter, event.value) {
+ return false
+ }
+
+ case yaml_SEQUENCE_START_EVENT:
+ if len(event.anchor) > 0 {
+ if !yaml_emitter_analyze_anchor(emitter, event.anchor, false) {
+ return false
+ }
+ }
+ if len(event.tag) > 0 && (emitter.canonical || !event.implicit) {
+ if !yaml_emitter_analyze_tag(emitter, event.tag) {
+ return false
+ }
+ }
+
+ case yaml_MAPPING_START_EVENT:
+ if len(event.anchor) > 0 {
+ if !yaml_emitter_analyze_anchor(emitter, event.anchor, false) {
+ return false
+ }
+ }
+ if len(event.tag) > 0 && (emitter.canonical || !event.implicit) {
+ if !yaml_emitter_analyze_tag(emitter, event.tag) {
+ return false
+ }
+ }
+ }
+ return true
+}
+
+// Write the BOM character.
+func yaml_emitter_write_bom(emitter *yaml_emitter_t) bool {
+ if !flush(emitter) {
+ return false
+ }
+ pos := emitter.buffer_pos
+ emitter.buffer[pos+0] = '\xEF'
+ emitter.buffer[pos+1] = '\xBB'
+ emitter.buffer[pos+2] = '\xBF'
+ emitter.buffer_pos += 3
+ return true
+}
+
+func yaml_emitter_write_indent(emitter *yaml_emitter_t) bool {
+ indent := emitter.indent
+ if indent < 0 {
+ indent = 0
+ }
+ if !emitter.indention || emitter.column > indent || (emitter.column == indent && !emitter.whitespace) {
+ if !put_break(emitter) {
+ return false
+ }
+ }
+ for emitter.column < indent {
+ if !put(emitter, ' ') {
+ return false
+ }
+ }
+ emitter.whitespace = true
+ emitter.indention = true
+ return true
+}
+
+func yaml_emitter_write_indicator(emitter *yaml_emitter_t, indicator []byte, need_whitespace, is_whitespace, is_indention bool) bool {
+ if need_whitespace && !emitter.whitespace {
+ if !put(emitter, ' ') {
+ return false
+ }
+ }
+ if !write_all(emitter, indicator) {
+ return false
+ }
+ emitter.whitespace = is_whitespace
+ emitter.indention = (emitter.indention && is_indention)
+ emitter.open_ended = false
+ return true
+}
+
+func yaml_emitter_write_anchor(emitter *yaml_emitter_t, value []byte) bool {
+ if !write_all(emitter, value) {
+ return false
+ }
+ emitter.whitespace = false
+ emitter.indention = false
+ return true
+}
+
+func yaml_emitter_write_tag_handle(emitter *yaml_emitter_t, value []byte) bool {
+ if !emitter.whitespace {
+ if !put(emitter, ' ') {
+ return false
+ }
+ }
+ if !write_all(emitter, value) {
+ return false
+ }
+ emitter.whitespace = false
+ emitter.indention = false
+ return true
+}
+
+func yaml_emitter_write_tag_content(emitter *yaml_emitter_t, value []byte, need_whitespace bool) bool {
+ if need_whitespace && !emitter.whitespace {
+ if !put(emitter, ' ') {
+ return false
+ }
+ }
+ for i := 0; i < len(value); {
+ var must_write bool
+ switch value[i] {
+ case ';', '/', '?', ':', '@', '&', '=', '+', '$', ',', '_', '.', '~', '*', '\'', '(', ')', '[', ']':
+ must_write = true
+ default:
+ must_write = is_alpha(value, i)
+ }
+ if must_write {
+ if !write(emitter, value, &i) {
+ return false
+ }
+ } else {
+ w := width(value[i])
+ for k := 0; k < w; k++ {
+ octet := value[i]
+ i++
+ if !put(emitter, '%') {
+ return false
+ }
+
+ c := octet >> 4
+ if c < 10 {
+ c += '0'
+ } else {
+ c += 'A' - 10
+ }
+ if !put(emitter, c) {
+ return false
+ }
+
+ c = octet & 0x0f
+ if c < 10 {
+ c += '0'
+ } else {
+ c += 'A' - 10
+ }
+ if !put(emitter, c) {
+ return false
+ }
+ }
+ }
+ }
+ emitter.whitespace = false
+ emitter.indention = false
+ return true
+}
+
+func yaml_emitter_write_plain_scalar(emitter *yaml_emitter_t, value []byte, allow_breaks bool) bool {
+ if !emitter.whitespace {
+ if !put(emitter, ' ') {
+ return false
+ }
+ }
+
+ spaces := false
+ breaks := false
+ for i := 0; i < len(value); {
+ if is_space(value, i) {
+ if allow_breaks && !spaces && emitter.column > emitter.best_width && !is_space(value, i+1) {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ i += width(value[i])
+ } else {
+ if !write(emitter, value, &i) {
+ return false
+ }
+ }
+ spaces = true
+ } else if is_break(value, i) {
+ if !breaks && value[i] == '\n' {
+ if !put_break(emitter) {
+ return false
+ }
+ }
+ if !write_break(emitter, value, &i) {
+ return false
+ }
+ emitter.indention = true
+ breaks = true
+ } else {
+ if breaks {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if !write(emitter, value, &i) {
+ return false
+ }
+ emitter.indention = false
+ spaces = false
+ breaks = false
+ }
+ }
+
+ emitter.whitespace = false
+ emitter.indention = false
+ if emitter.root_context {
+ emitter.open_ended = true
+ }
+
+ return true
+}
+
+func yaml_emitter_write_single_quoted_scalar(emitter *yaml_emitter_t, value []byte, allow_breaks bool) bool {
+
+ if !yaml_emitter_write_indicator(emitter, []byte{'\''}, true, false, false) {
+ return false
+ }
+
+ spaces := false
+ breaks := false
+ for i := 0; i < len(value); {
+ if is_space(value, i) {
+ if allow_breaks && !spaces && emitter.column > emitter.best_width && i > 0 && i < len(value)-1 && !is_space(value, i+1) {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ i += width(value[i])
+ } else {
+ if !write(emitter, value, &i) {
+ return false
+ }
+ }
+ spaces = true
+ } else if is_break(value, i) {
+ if !breaks && value[i] == '\n' {
+ if !put_break(emitter) {
+ return false
+ }
+ }
+ if !write_break(emitter, value, &i) {
+ return false
+ }
+ emitter.indention = true
+ breaks = true
+ } else {
+ if breaks {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if value[i] == '\'' {
+ if !put(emitter, '\'') {
+ return false
+ }
+ }
+ if !write(emitter, value, &i) {
+ return false
+ }
+ emitter.indention = false
+ spaces = false
+ breaks = false
+ }
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{'\''}, false, false, false) {
+ return false
+ }
+ emitter.whitespace = false
+ emitter.indention = false
+ return true
+}
+
+func yaml_emitter_write_double_quoted_scalar(emitter *yaml_emitter_t, value []byte, allow_breaks bool) bool {
+ spaces := false
+ if !yaml_emitter_write_indicator(emitter, []byte{'"'}, true, false, false) {
+ return false
+ }
+
+ for i := 0; i < len(value); {
+ if !is_printable(value, i) || (!emitter.unicode && !is_ascii(value, i)) ||
+ is_bom(value, i) || is_break(value, i) ||
+ value[i] == '"' || value[i] == '\\' {
+
+ octet := value[i]
+
+ var w int
+ var v rune
+ switch {
+ case octet&0x80 == 0x00:
+ w, v = 1, rune(octet&0x7F)
+ case octet&0xE0 == 0xC0:
+ w, v = 2, rune(octet&0x1F)
+ case octet&0xF0 == 0xE0:
+ w, v = 3, rune(octet&0x0F)
+ case octet&0xF8 == 0xF0:
+ w, v = 4, rune(octet&0x07)
+ }
+ for k := 1; k < w; k++ {
+ octet = value[i+k]
+ v = (v << 6) + (rune(octet) & 0x3F)
+ }
+ i += w
+
+ if !put(emitter, '\\') {
+ return false
+ }
+
+ var ok bool
+ switch v {
+ case 0x00:
+ ok = put(emitter, '0')
+ case 0x07:
+ ok = put(emitter, 'a')
+ case 0x08:
+ ok = put(emitter, 'b')
+ case 0x09:
+ ok = put(emitter, 't')
+ case 0x0A:
+ ok = put(emitter, 'n')
+ case 0x0b:
+ ok = put(emitter, 'v')
+ case 0x0c:
+ ok = put(emitter, 'f')
+ case 0x0d:
+ ok = put(emitter, 'r')
+ case 0x1b:
+ ok = put(emitter, 'e')
+ case 0x22:
+ ok = put(emitter, '"')
+ case 0x5c:
+ ok = put(emitter, '\\')
+ case 0x85:
+ ok = put(emitter, 'N')
+ case 0xA0:
+ ok = put(emitter, '_')
+ case 0x2028:
+ ok = put(emitter, 'L')
+ case 0x2029:
+ ok = put(emitter, 'P')
+ default:
+ if v <= 0xFF {
+ ok = put(emitter, 'x')
+ w = 2
+ } else if v <= 0xFFFF {
+ ok = put(emitter, 'u')
+ w = 4
+ } else {
+ ok = put(emitter, 'U')
+ w = 8
+ }
+ for k := (w - 1) * 4; ok && k >= 0; k -= 4 {
+ digit := byte((v >> uint(k)) & 0x0F)
+ if digit < 10 {
+ ok = put(emitter, digit+'0')
+ } else {
+ ok = put(emitter, digit+'A'-10)
+ }
+ }
+ }
+ if !ok {
+ return false
+ }
+ spaces = false
+ } else if is_space(value, i) {
+ if allow_breaks && !spaces && emitter.column > emitter.best_width && i > 0 && i < len(value)-1 {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ if is_space(value, i+1) {
+ if !put(emitter, '\\') {
+ return false
+ }
+ }
+ i += width(value[i])
+ } else if !write(emitter, value, &i) {
+ return false
+ }
+ spaces = true
+ } else {
+ if !write(emitter, value, &i) {
+ return false
+ }
+ spaces = false
+ }
+ }
+ if !yaml_emitter_write_indicator(emitter, []byte{'"'}, false, false, false) {
+ return false
+ }
+ emitter.whitespace = false
+ emitter.indention = false
+ return true
+}
+
+func yaml_emitter_write_block_scalar_hints(emitter *yaml_emitter_t, value []byte) bool {
+ if is_space(value, 0) || is_break(value, 0) {
+ indent_hint := []byte{'0' + byte(emitter.best_indent)}
+ if !yaml_emitter_write_indicator(emitter, indent_hint, false, false, false) {
+ return false
+ }
+ }
+
+ emitter.open_ended = false
+
+ var chomp_hint [1]byte
+ if len(value) == 0 {
+ chomp_hint[0] = '-'
+ } else {
+ i := len(value) - 1
+ for value[i]&0xC0 == 0x80 {
+ i--
+ }
+ if !is_break(value, i) {
+ chomp_hint[0] = '-'
+ } else if i == 0 {
+ chomp_hint[0] = '+'
+ emitter.open_ended = true
+ } else {
+ i--
+ for value[i]&0xC0 == 0x80 {
+ i--
+ }
+ if is_break(value, i) {
+ chomp_hint[0] = '+'
+ emitter.open_ended = true
+ }
+ }
+ }
+ if chomp_hint[0] != 0 {
+ if !yaml_emitter_write_indicator(emitter, chomp_hint[:], false, false, false) {
+ return false
+ }
+ }
+ return true
+}
+
+func yaml_emitter_write_literal_scalar(emitter *yaml_emitter_t, value []byte) bool {
+ if !yaml_emitter_write_indicator(emitter, []byte{'|'}, true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_block_scalar_hints(emitter, value) {
+ return false
+ }
+ if !put_break(emitter) {
+ return false
+ }
+ emitter.indention = true
+ emitter.whitespace = true
+ breaks := true
+ for i := 0; i < len(value); {
+ if is_break(value, i) {
+ if !write_break(emitter, value, &i) {
+ return false
+ }
+ emitter.indention = true
+ breaks = true
+ } else {
+ if breaks {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ }
+ if !write(emitter, value, &i) {
+ return false
+ }
+ emitter.indention = false
+ breaks = false
+ }
+ }
+
+ return true
+}
+
+func yaml_emitter_write_folded_scalar(emitter *yaml_emitter_t, value []byte) bool {
+ if !yaml_emitter_write_indicator(emitter, []byte{'>'}, true, false, false) {
+ return false
+ }
+ if !yaml_emitter_write_block_scalar_hints(emitter, value) {
+ return false
+ }
+
+ if !put_break(emitter) {
+ return false
+ }
+ emitter.indention = true
+ emitter.whitespace = true
+
+ breaks := true
+ leading_spaces := true
+ for i := 0; i < len(value); {
+ if is_break(value, i) {
+ if !breaks && !leading_spaces && value[i] == '\n' {
+ k := 0
+ for is_break(value, k) {
+ k += width(value[k])
+ }
+ if !is_blankz(value, k) {
+ if !put_break(emitter) {
+ return false
+ }
+ }
+ }
+ if !write_break(emitter, value, &i) {
+ return false
+ }
+ emitter.indention = true
+ breaks = true
+ } else {
+ if breaks {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ leading_spaces = is_blank(value, i)
+ }
+ if !breaks && is_space(value, i) && !is_space(value, i+1) && emitter.column > emitter.best_width {
+ if !yaml_emitter_write_indent(emitter) {
+ return false
+ }
+ i += width(value[i])
+ } else {
+ if !write(emitter, value, &i) {
+ return false
+ }
+ }
+ emitter.indention = false
+ breaks = false
+ }
+ }
+ return true
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/encode.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/encode.go
new file mode 100644
index 000000000..0ee738e11
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/encode.go
@@ -0,0 +1,390 @@
+package yaml
+
+import (
+ "encoding"
+ "fmt"
+ "io"
+ "reflect"
+ "regexp"
+ "sort"
+ "strconv"
+ "strings"
+ "time"
+ "unicode/utf8"
+)
+
+// jsonNumber is the interface of the encoding/json.Number datatype.
+// Repeating the interface here avoids a dependency on encoding/json, and also
+// supports other libraries like jsoniter, which use a similar datatype with
+// the same interface. Detecting this interface is useful when dealing with
+// structures containing json.Number, which is a string under the hood. The
+// encoder should prefer the use of Int64(), Float64() and string(), in that
+// order, when encoding this type.
+type jsonNumber interface {
+ Float64() (float64, error)
+ Int64() (int64, error)
+ String() string
+}
+
+type encoder struct {
+ emitter yaml_emitter_t
+ event yaml_event_t
+ out []byte
+ flow bool
+ // doneInit holds whether the initial stream_start_event has been
+ // emitted.
+ doneInit bool
+}
+
+func newEncoder() *encoder {
+ e := &encoder{}
+ yaml_emitter_initialize(&e.emitter)
+ yaml_emitter_set_output_string(&e.emitter, &e.out)
+ yaml_emitter_set_unicode(&e.emitter, true)
+ return e
+}
+
+func newEncoderWithWriter(w io.Writer) *encoder {
+ e := &encoder{}
+ yaml_emitter_initialize(&e.emitter)
+ yaml_emitter_set_output_writer(&e.emitter, w)
+ yaml_emitter_set_unicode(&e.emitter, true)
+ return e
+}
+
+func (e *encoder) init() {
+ if e.doneInit {
+ return
+ }
+ yaml_stream_start_event_initialize(&e.event, yaml_UTF8_ENCODING)
+ e.emit()
+ e.doneInit = true
+}
+
+func (e *encoder) finish() {
+ e.emitter.open_ended = false
+ yaml_stream_end_event_initialize(&e.event)
+ e.emit()
+}
+
+func (e *encoder) destroy() {
+ yaml_emitter_delete(&e.emitter)
+}
+
+func (e *encoder) emit() {
+ // This will internally delete the e.event value.
+ e.must(yaml_emitter_emit(&e.emitter, &e.event))
+}
+
+func (e *encoder) must(ok bool) {
+ if !ok {
+ msg := e.emitter.problem
+ if msg == "" {
+ msg = "unknown problem generating YAML content"
+ }
+ failf("%s", msg)
+ }
+}
+
+func (e *encoder) marshalDoc(tag string, in reflect.Value) {
+ e.init()
+ yaml_document_start_event_initialize(&e.event, nil, nil, true)
+ e.emit()
+ e.marshal(tag, in)
+ yaml_document_end_event_initialize(&e.event, true)
+ e.emit()
+}
+
+func (e *encoder) marshal(tag string, in reflect.Value) {
+ if !in.IsValid() || in.Kind() == reflect.Ptr && in.IsNil() {
+ e.nilv()
+ return
+ }
+ iface := in.Interface()
+ switch m := iface.(type) {
+ case jsonNumber:
+ integer, err := m.Int64()
+ if err == nil {
+ // In this case the json.Number is a valid int64
+ in = reflect.ValueOf(integer)
+ break
+ }
+ float, err := m.Float64()
+ if err == nil {
+ // In this case the json.Number is a valid float64
+ in = reflect.ValueOf(float)
+ break
+ }
+ // fallback case - no number could be obtained
+ in = reflect.ValueOf(m.String())
+ case time.Time, *time.Time:
+ // Although time.Time implements TextMarshaler,
+ // we don't want to treat it as a string for YAML
+ // purposes because YAML has special support for
+ // timestamps.
+ case Marshaler:
+ v, err := m.MarshalYAML()
+ if err != nil {
+ fail(err)
+ }
+ if v == nil {
+ e.nilv()
+ return
+ }
+ in = reflect.ValueOf(v)
+ case encoding.TextMarshaler:
+ text, err := m.MarshalText()
+ if err != nil {
+ fail(err)
+ }
+ in = reflect.ValueOf(string(text))
+ case nil:
+ e.nilv()
+ return
+ }
+ switch in.Kind() {
+ case reflect.Interface:
+ e.marshal(tag, in.Elem())
+ case reflect.Map:
+ e.mapv(tag, in)
+ case reflect.Ptr:
+ if in.Type() == ptrTimeType {
+ e.timev(tag, in.Elem())
+ } else {
+ e.marshal(tag, in.Elem())
+ }
+ case reflect.Struct:
+ if in.Type() == timeType {
+ e.timev(tag, in)
+ } else {
+ e.structv(tag, in)
+ }
+ case reflect.Slice, reflect.Array:
+ if in.Type().Elem() == mapItemType {
+ e.itemsv(tag, in)
+ } else {
+ e.slicev(tag, in)
+ }
+ case reflect.String:
+ e.stringv(tag, in)
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ if in.Type() == durationType {
+ e.stringv(tag, reflect.ValueOf(iface.(time.Duration).String()))
+ } else {
+ e.intv(tag, in)
+ }
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ e.uintv(tag, in)
+ case reflect.Float32, reflect.Float64:
+ e.floatv(tag, in)
+ case reflect.Bool:
+ e.boolv(tag, in)
+ default:
+ panic("cannot marshal type: " + in.Type().String())
+ }
+}
+
+func (e *encoder) mapv(tag string, in reflect.Value) {
+ e.mappingv(tag, func() {
+ keys := keyList(in.MapKeys())
+ sort.Sort(keys)
+ for _, k := range keys {
+ e.marshal("", k)
+ e.marshal("", in.MapIndex(k))
+ }
+ })
+}
+
+func (e *encoder) itemsv(tag string, in reflect.Value) {
+ e.mappingv(tag, func() {
+ slice := in.Convert(reflect.TypeOf([]MapItem{})).Interface().([]MapItem)
+ for _, item := range slice {
+ e.marshal("", reflect.ValueOf(item.Key))
+ e.marshal("", reflect.ValueOf(item.Value))
+ }
+ })
+}
+
+func (e *encoder) structv(tag string, in reflect.Value) {
+ sinfo, err := getStructInfo(in.Type())
+ if err != nil {
+ panic(err)
+ }
+ e.mappingv(tag, func() {
+ for _, info := range sinfo.FieldsList {
+ var value reflect.Value
+ if info.Inline == nil {
+ value = in.Field(info.Num)
+ } else {
+ value = in.FieldByIndex(info.Inline)
+ }
+ if info.OmitEmpty && isZero(value) {
+ continue
+ }
+ e.marshal("", reflect.ValueOf(info.Key))
+ e.flow = info.Flow
+ e.marshal("", value)
+ }
+ if sinfo.InlineMap >= 0 {
+ m := in.Field(sinfo.InlineMap)
+ if m.Len() > 0 {
+ e.flow = false
+ keys := keyList(m.MapKeys())
+ sort.Sort(keys)
+ for _, k := range keys {
+ if _, found := sinfo.FieldsMap[k.String()]; found {
+ panic(fmt.Sprintf("Can't have key %q in inlined map; conflicts with struct field", k.String()))
+ }
+ e.marshal("", k)
+ e.flow = false
+ e.marshal("", m.MapIndex(k))
+ }
+ }
+ }
+ })
+}
+
+func (e *encoder) mappingv(tag string, f func()) {
+ implicit := tag == ""
+ style := yaml_BLOCK_MAPPING_STYLE
+ if e.flow {
+ e.flow = false
+ style = yaml_FLOW_MAPPING_STYLE
+ }
+ yaml_mapping_start_event_initialize(&e.event, nil, []byte(tag), implicit, style)
+ e.emit()
+ f()
+ yaml_mapping_end_event_initialize(&e.event)
+ e.emit()
+}
+
+func (e *encoder) slicev(tag string, in reflect.Value) {
+ implicit := tag == ""
+ style := yaml_BLOCK_SEQUENCE_STYLE
+ if e.flow {
+ e.flow = false
+ style = yaml_FLOW_SEQUENCE_STYLE
+ }
+ e.must(yaml_sequence_start_event_initialize(&e.event, nil, []byte(tag), implicit, style))
+ e.emit()
+ n := in.Len()
+ for i := 0; i < n; i++ {
+ e.marshal("", in.Index(i))
+ }
+ e.must(yaml_sequence_end_event_initialize(&e.event))
+ e.emit()
+}
+
+// isBase60 returns whether s is in base 60 notation as defined in YAML 1.1.
+//
+// The base 60 float notation in YAML 1.1 is a terrible idea and is unsupported
+// in YAML 1.2 and by this package, but these should be marshalled quoted for
+// the time being for compatibility with other parsers.
+func isBase60Float(s string) (result bool) {
+ // Fast path.
+ if s == "" {
+ return false
+ }
+ c := s[0]
+ if !(c == '+' || c == '-' || c >= '0' && c <= '9') || strings.IndexByte(s, ':') < 0 {
+ return false
+ }
+ // Do the full match.
+ return base60float.MatchString(s)
+}
+
+// From http://yaml.org/type/float.html, except the regular expression there
+// is bogus. In practice parsers do not enforce the "\.[0-9_]*" suffix.
+var base60float = regexp.MustCompile(`^[-+]?[0-9][0-9_]*(?::[0-5]?[0-9])+(?:\.[0-9_]*)?$`)
+
+func (e *encoder) stringv(tag string, in reflect.Value) {
+ var style yaml_scalar_style_t
+ s := in.String()
+ canUsePlain := true
+ switch {
+ case !utf8.ValidString(s):
+ if tag == yaml_BINARY_TAG {
+ failf("explicitly tagged !!binary data must be base64-encoded")
+ }
+ if tag != "" {
+ failf("cannot marshal invalid UTF-8 data as %s", shortTag(tag))
+ }
+ // It can't be encoded directly as YAML so use a binary tag
+ // and encode it as base64.
+ tag = yaml_BINARY_TAG
+ s = encodeBase64(s)
+ case tag == "":
+ // Check to see if it would resolve to a specific
+ // tag when encoded unquoted. If it doesn't,
+ // there's no need to quote it.
+ rtag, _ := resolve("", s)
+ canUsePlain = rtag == yaml_STR_TAG && !isBase60Float(s)
+ }
+ // Note: it's possible for user code to emit invalid YAML
+ // if they explicitly specify a tag and a string containing
+ // text that's incompatible with that tag.
+ switch {
+ case strings.Contains(s, "\n"):
+ style = yaml_LITERAL_SCALAR_STYLE
+ case canUsePlain:
+ style = yaml_PLAIN_SCALAR_STYLE
+ default:
+ style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
+ }
+ e.emitScalar(s, "", tag, style)
+}
+
+func (e *encoder) boolv(tag string, in reflect.Value) {
+ var s string
+ if in.Bool() {
+ s = "true"
+ } else {
+ s = "false"
+ }
+ e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE)
+}
+
+func (e *encoder) intv(tag string, in reflect.Value) {
+ s := strconv.FormatInt(in.Int(), 10)
+ e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE)
+}
+
+func (e *encoder) uintv(tag string, in reflect.Value) {
+ s := strconv.FormatUint(in.Uint(), 10)
+ e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE)
+}
+
+func (e *encoder) timev(tag string, in reflect.Value) {
+ t := in.Interface().(time.Time)
+ s := t.Format(time.RFC3339Nano)
+ e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE)
+}
+
+func (e *encoder) floatv(tag string, in reflect.Value) {
+ // Issue #352: When formatting, use the precision of the underlying value
+ precision := 64
+ if in.Kind() == reflect.Float32 {
+ precision = 32
+ }
+
+ s := strconv.FormatFloat(in.Float(), 'g', -1, precision)
+ switch s {
+ case "+Inf":
+ s = ".inf"
+ case "-Inf":
+ s = "-.inf"
+ case "NaN":
+ s = ".nan"
+ }
+ e.emitScalar(s, "", tag, yaml_PLAIN_SCALAR_STYLE)
+}
+
+func (e *encoder) nilv() {
+ e.emitScalar("null", "", "", yaml_PLAIN_SCALAR_STYLE)
+}
+
+func (e *encoder) emitScalar(value, anchor, tag string, style yaml_scalar_style_t) {
+ implicit := tag == ""
+ e.must(yaml_scalar_event_initialize(&e.event, []byte(anchor), []byte(tag), []byte(value), implicit, implicit, style))
+ e.emit()
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/parserc.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/parserc.go
new file mode 100644
index 000000000..81d05dfe5
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/parserc.go
@@ -0,0 +1,1095 @@
+package yaml
+
+import (
+ "bytes"
+)
+
+// The parser implements the following grammar:
+//
+// stream ::= STREAM-START implicit_document? explicit_document* STREAM-END
+// implicit_document ::= block_node DOCUMENT-END*
+// explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
+// block_node_or_indentless_sequence ::=
+// ALIAS
+// | properties (block_content | indentless_block_sequence)?
+// | block_content
+// | indentless_block_sequence
+// block_node ::= ALIAS
+// | properties block_content?
+// | block_content
+// flow_node ::= ALIAS
+// | properties flow_content?
+// | flow_content
+// properties ::= TAG ANCHOR? | ANCHOR TAG?
+// block_content ::= block_collection | flow_collection | SCALAR
+// flow_content ::= flow_collection | SCALAR
+// block_collection ::= block_sequence | block_mapping
+// flow_collection ::= flow_sequence | flow_mapping
+// block_sequence ::= BLOCK-SEQUENCE-START (BLOCK-ENTRY block_node?)* BLOCK-END
+// indentless_sequence ::= (BLOCK-ENTRY block_node?)+
+// block_mapping ::= BLOCK-MAPPING_START
+// ((KEY block_node_or_indentless_sequence?)?
+// (VALUE block_node_or_indentless_sequence?)?)*
+// BLOCK-END
+// flow_sequence ::= FLOW-SEQUENCE-START
+// (flow_sequence_entry FLOW-ENTRY)*
+// flow_sequence_entry?
+// FLOW-SEQUENCE-END
+// flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+// flow_mapping ::= FLOW-MAPPING-START
+// (flow_mapping_entry FLOW-ENTRY)*
+// flow_mapping_entry?
+// FLOW-MAPPING-END
+// flow_mapping_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+
+// Peek the next token in the token queue.
+func peek_token(parser *yaml_parser_t) *yaml_token_t {
+ if parser.token_available || yaml_parser_fetch_more_tokens(parser) {
+ return &parser.tokens[parser.tokens_head]
+ }
+ return nil
+}
+
+// Remove the next token from the queue (must be called after peek_token).
+func skip_token(parser *yaml_parser_t) {
+ parser.token_available = false
+ parser.tokens_parsed++
+ parser.stream_end_produced = parser.tokens[parser.tokens_head].typ == yaml_STREAM_END_TOKEN
+ parser.tokens_head++
+}
+
+// Get the next event.
+func yaml_parser_parse(parser *yaml_parser_t, event *yaml_event_t) bool {
+ // Erase the event object.
+ *event = yaml_event_t{}
+
+ // No events after the end of the stream or error.
+ if parser.stream_end_produced || parser.error != yaml_NO_ERROR || parser.state == yaml_PARSE_END_STATE {
+ return true
+ }
+
+ // Generate the next event.
+ return yaml_parser_state_machine(parser, event)
+}
+
+// Set parser error.
+func yaml_parser_set_parser_error(parser *yaml_parser_t, problem string, problem_mark yaml_mark_t) bool {
+ parser.error = yaml_PARSER_ERROR
+ parser.problem = problem
+ parser.problem_mark = problem_mark
+ return false
+}
+
+func yaml_parser_set_parser_error_context(parser *yaml_parser_t, context string, context_mark yaml_mark_t, problem string, problem_mark yaml_mark_t) bool {
+ parser.error = yaml_PARSER_ERROR
+ parser.context = context
+ parser.context_mark = context_mark
+ parser.problem = problem
+ parser.problem_mark = problem_mark
+ return false
+}
+
+// State dispatcher.
+func yaml_parser_state_machine(parser *yaml_parser_t, event *yaml_event_t) bool {
+ //trace("yaml_parser_state_machine", "state:", parser.state.String())
+
+ switch parser.state {
+ case yaml_PARSE_STREAM_START_STATE:
+ return yaml_parser_parse_stream_start(parser, event)
+
+ case yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE:
+ return yaml_parser_parse_document_start(parser, event, true)
+
+ case yaml_PARSE_DOCUMENT_START_STATE:
+ return yaml_parser_parse_document_start(parser, event, false)
+
+ case yaml_PARSE_DOCUMENT_CONTENT_STATE:
+ return yaml_parser_parse_document_content(parser, event)
+
+ case yaml_PARSE_DOCUMENT_END_STATE:
+ return yaml_parser_parse_document_end(parser, event)
+
+ case yaml_PARSE_BLOCK_NODE_STATE:
+ return yaml_parser_parse_node(parser, event, true, false)
+
+ case yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE:
+ return yaml_parser_parse_node(parser, event, true, true)
+
+ case yaml_PARSE_FLOW_NODE_STATE:
+ return yaml_parser_parse_node(parser, event, false, false)
+
+ case yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE:
+ return yaml_parser_parse_block_sequence_entry(parser, event, true)
+
+ case yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE:
+ return yaml_parser_parse_block_sequence_entry(parser, event, false)
+
+ case yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE:
+ return yaml_parser_parse_indentless_sequence_entry(parser, event)
+
+ case yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE:
+ return yaml_parser_parse_block_mapping_key(parser, event, true)
+
+ case yaml_PARSE_BLOCK_MAPPING_KEY_STATE:
+ return yaml_parser_parse_block_mapping_key(parser, event, false)
+
+ case yaml_PARSE_BLOCK_MAPPING_VALUE_STATE:
+ return yaml_parser_parse_block_mapping_value(parser, event)
+
+ case yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE:
+ return yaml_parser_parse_flow_sequence_entry(parser, event, true)
+
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE:
+ return yaml_parser_parse_flow_sequence_entry(parser, event, false)
+
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE:
+ return yaml_parser_parse_flow_sequence_entry_mapping_key(parser, event)
+
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE:
+ return yaml_parser_parse_flow_sequence_entry_mapping_value(parser, event)
+
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE:
+ return yaml_parser_parse_flow_sequence_entry_mapping_end(parser, event)
+
+ case yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE:
+ return yaml_parser_parse_flow_mapping_key(parser, event, true)
+
+ case yaml_PARSE_FLOW_MAPPING_KEY_STATE:
+ return yaml_parser_parse_flow_mapping_key(parser, event, false)
+
+ case yaml_PARSE_FLOW_MAPPING_VALUE_STATE:
+ return yaml_parser_parse_flow_mapping_value(parser, event, false)
+
+ case yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE:
+ return yaml_parser_parse_flow_mapping_value(parser, event, true)
+
+ default:
+ panic("invalid parser state")
+ }
+}
+
+// Parse the production:
+// stream ::= STREAM-START implicit_document? explicit_document* STREAM-END
+// ************
+func yaml_parser_parse_stream_start(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_STREAM_START_TOKEN {
+ return yaml_parser_set_parser_error(parser, "did not find expected <stream-start>", token.start_mark)
+ }
+ parser.state = yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE
+ *event = yaml_event_t{
+ typ: yaml_STREAM_START_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ encoding: token.encoding,
+ }
+ skip_token(parser)
+ return true
+}
+
+// Parse the productions:
+// implicit_document ::= block_node DOCUMENT-END*
+// *
+// explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
+// *************************
+func yaml_parser_parse_document_start(parser *yaml_parser_t, event *yaml_event_t, implicit bool) bool {
+
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ // Parse extra document end indicators.
+ if !implicit {
+ for token.typ == yaml_DOCUMENT_END_TOKEN {
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ }
+ }
+
+ if implicit && token.typ != yaml_VERSION_DIRECTIVE_TOKEN &&
+ token.typ != yaml_TAG_DIRECTIVE_TOKEN &&
+ token.typ != yaml_DOCUMENT_START_TOKEN &&
+ token.typ != yaml_STREAM_END_TOKEN {
+ // Parse an implicit document.
+ if !yaml_parser_process_directives(parser, nil, nil) {
+ return false
+ }
+ parser.states = append(parser.states, yaml_PARSE_DOCUMENT_END_STATE)
+ parser.state = yaml_PARSE_BLOCK_NODE_STATE
+
+ *event = yaml_event_t{
+ typ: yaml_DOCUMENT_START_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ }
+
+ } else if token.typ != yaml_STREAM_END_TOKEN {
+ // Parse an explicit document.
+ var version_directive *yaml_version_directive_t
+ var tag_directives []yaml_tag_directive_t
+ start_mark := token.start_mark
+ if !yaml_parser_process_directives(parser, &version_directive, &tag_directives) {
+ return false
+ }
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_DOCUMENT_START_TOKEN {
+ yaml_parser_set_parser_error(parser,
+ "did not find expected <document start>", token.start_mark)
+ return false
+ }
+ parser.states = append(parser.states, yaml_PARSE_DOCUMENT_END_STATE)
+ parser.state = yaml_PARSE_DOCUMENT_CONTENT_STATE
+ end_mark := token.end_mark
+
+ *event = yaml_event_t{
+ typ: yaml_DOCUMENT_START_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ version_directive: version_directive,
+ tag_directives: tag_directives,
+ implicit: false,
+ }
+ skip_token(parser)
+
+ } else {
+ // Parse the stream end.
+ parser.state = yaml_PARSE_END_STATE
+ *event = yaml_event_t{
+ typ: yaml_STREAM_END_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ }
+ skip_token(parser)
+ }
+
+ return true
+}
+
+// Parse the productions:
+// explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
+// ***********
+//
+func yaml_parser_parse_document_content(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ == yaml_VERSION_DIRECTIVE_TOKEN ||
+ token.typ == yaml_TAG_DIRECTIVE_TOKEN ||
+ token.typ == yaml_DOCUMENT_START_TOKEN ||
+ token.typ == yaml_DOCUMENT_END_TOKEN ||
+ token.typ == yaml_STREAM_END_TOKEN {
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+ return yaml_parser_process_empty_scalar(parser, event,
+ token.start_mark)
+ }
+ return yaml_parser_parse_node(parser, event, true, false)
+}
+
+// Parse the productions:
+// implicit_document ::= block_node DOCUMENT-END*
+// *************
+// explicit_document ::= DIRECTIVE* DOCUMENT-START block_node? DOCUMENT-END*
+//
+func yaml_parser_parse_document_end(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ start_mark := token.start_mark
+ end_mark := token.start_mark
+
+ implicit := true
+ if token.typ == yaml_DOCUMENT_END_TOKEN {
+ end_mark = token.end_mark
+ skip_token(parser)
+ implicit = false
+ }
+
+ parser.tag_directives = parser.tag_directives[:0]
+
+ parser.state = yaml_PARSE_DOCUMENT_START_STATE
+ *event = yaml_event_t{
+ typ: yaml_DOCUMENT_END_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ implicit: implicit,
+ }
+ return true
+}
+
+// Parse the productions:
+// block_node_or_indentless_sequence ::=
+// ALIAS
+// *****
+// | properties (block_content | indentless_block_sequence)?
+// ********** *
+// | block_content | indentless_block_sequence
+// *
+// block_node ::= ALIAS
+// *****
+// | properties block_content?
+// ********** *
+// | block_content
+// *
+// flow_node ::= ALIAS
+// *****
+// | properties flow_content?
+// ********** *
+// | flow_content
+// *
+// properties ::= TAG ANCHOR? | ANCHOR TAG?
+// *************************
+// block_content ::= block_collection | flow_collection | SCALAR
+// ******
+// flow_content ::= flow_collection | SCALAR
+// ******
+func yaml_parser_parse_node(parser *yaml_parser_t, event *yaml_event_t, block, indentless_sequence bool) bool {
+ //defer trace("yaml_parser_parse_node", "block:", block, "indentless_sequence:", indentless_sequence)()
+
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ if token.typ == yaml_ALIAS_TOKEN {
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+ *event = yaml_event_t{
+ typ: yaml_ALIAS_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ anchor: token.value,
+ }
+ skip_token(parser)
+ return true
+ }
+
+ start_mark := token.start_mark
+ end_mark := token.start_mark
+
+ var tag_token bool
+ var tag_handle, tag_suffix, anchor []byte
+ var tag_mark yaml_mark_t
+ if token.typ == yaml_ANCHOR_TOKEN {
+ anchor = token.value
+ start_mark = token.start_mark
+ end_mark = token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ == yaml_TAG_TOKEN {
+ tag_token = true
+ tag_handle = token.value
+ tag_suffix = token.suffix
+ tag_mark = token.start_mark
+ end_mark = token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ }
+ } else if token.typ == yaml_TAG_TOKEN {
+ tag_token = true
+ tag_handle = token.value
+ tag_suffix = token.suffix
+ start_mark = token.start_mark
+ tag_mark = token.start_mark
+ end_mark = token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ == yaml_ANCHOR_TOKEN {
+ anchor = token.value
+ end_mark = token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ }
+ }
+
+ var tag []byte
+ if tag_token {
+ if len(tag_handle) == 0 {
+ tag = tag_suffix
+ tag_suffix = nil
+ } else {
+ for i := range parser.tag_directives {
+ if bytes.Equal(parser.tag_directives[i].handle, tag_handle) {
+ tag = append([]byte(nil), parser.tag_directives[i].prefix...)
+ tag = append(tag, tag_suffix...)
+ break
+ }
+ }
+ if len(tag) == 0 {
+ yaml_parser_set_parser_error_context(parser,
+ "while parsing a node", start_mark,
+ "found undefined tag handle", tag_mark)
+ return false
+ }
+ }
+ }
+
+ implicit := len(tag) == 0
+ if indentless_sequence && token.typ == yaml_BLOCK_ENTRY_TOKEN {
+ end_mark = token.end_mark
+ parser.state = yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_START_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ style: yaml_style_t(yaml_BLOCK_SEQUENCE_STYLE),
+ }
+ return true
+ }
+ if token.typ == yaml_SCALAR_TOKEN {
+ var plain_implicit, quoted_implicit bool
+ end_mark = token.end_mark
+ if (len(tag) == 0 && token.style == yaml_PLAIN_SCALAR_STYLE) || (len(tag) == 1 && tag[0] == '!') {
+ plain_implicit = true
+ } else if len(tag) == 0 {
+ quoted_implicit = true
+ }
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+
+ *event = yaml_event_t{
+ typ: yaml_SCALAR_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ anchor: anchor,
+ tag: tag,
+ value: token.value,
+ implicit: plain_implicit,
+ quoted_implicit: quoted_implicit,
+ style: yaml_style_t(token.style),
+ }
+ skip_token(parser)
+ return true
+ }
+ if token.typ == yaml_FLOW_SEQUENCE_START_TOKEN {
+ // [Go] Some of the events below can be merged as they differ only on style.
+ end_mark = token.end_mark
+ parser.state = yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_START_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ style: yaml_style_t(yaml_FLOW_SEQUENCE_STYLE),
+ }
+ return true
+ }
+ if token.typ == yaml_FLOW_MAPPING_START_TOKEN {
+ end_mark = token.end_mark
+ parser.state = yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_START_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ style: yaml_style_t(yaml_FLOW_MAPPING_STYLE),
+ }
+ return true
+ }
+ if block && token.typ == yaml_BLOCK_SEQUENCE_START_TOKEN {
+ end_mark = token.end_mark
+ parser.state = yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_START_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ style: yaml_style_t(yaml_BLOCK_SEQUENCE_STYLE),
+ }
+ return true
+ }
+ if block && token.typ == yaml_BLOCK_MAPPING_START_TOKEN {
+ end_mark = token.end_mark
+ parser.state = yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_START_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ style: yaml_style_t(yaml_BLOCK_MAPPING_STYLE),
+ }
+ return true
+ }
+ if len(anchor) > 0 || len(tag) > 0 {
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+
+ *event = yaml_event_t{
+ typ: yaml_SCALAR_EVENT,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ anchor: anchor,
+ tag: tag,
+ implicit: implicit,
+ quoted_implicit: false,
+ style: yaml_style_t(yaml_PLAIN_SCALAR_STYLE),
+ }
+ return true
+ }
+
+ context := "while parsing a flow node"
+ if block {
+ context = "while parsing a block node"
+ }
+ yaml_parser_set_parser_error_context(parser, context, start_mark,
+ "did not find expected node content", token.start_mark)
+ return false
+}
+
+// Parse the productions:
+// block_sequence ::= BLOCK-SEQUENCE-START (BLOCK-ENTRY block_node?)* BLOCK-END
+// ******************** *********** * *********
+//
+func yaml_parser_parse_block_sequence_entry(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
+ if first {
+ token := peek_token(parser)
+ parser.marks = append(parser.marks, token.start_mark)
+ skip_token(parser)
+ }
+
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ if token.typ == yaml_BLOCK_ENTRY_TOKEN {
+ mark := token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_BLOCK_ENTRY_TOKEN && token.typ != yaml_BLOCK_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE)
+ return yaml_parser_parse_node(parser, event, true, false)
+ } else {
+ parser.state = yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE
+ return yaml_parser_process_empty_scalar(parser, event, mark)
+ }
+ }
+ if token.typ == yaml_BLOCK_END_TOKEN {
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_END_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ }
+
+ skip_token(parser)
+ return true
+ }
+
+ context_mark := parser.marks[len(parser.marks)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+ return yaml_parser_set_parser_error_context(parser,
+ "while parsing a block collection", context_mark,
+ "did not find expected '-' indicator", token.start_mark)
+}
+
+// Parse the productions:
+// indentless_sequence ::= (BLOCK-ENTRY block_node?)+
+// *********** *
+func yaml_parser_parse_indentless_sequence_entry(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ if token.typ == yaml_BLOCK_ENTRY_TOKEN {
+ mark := token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_BLOCK_ENTRY_TOKEN &&
+ token.typ != yaml_KEY_TOKEN &&
+ token.typ != yaml_VALUE_TOKEN &&
+ token.typ != yaml_BLOCK_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE)
+ return yaml_parser_parse_node(parser, event, true, false)
+ }
+ parser.state = yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE
+ return yaml_parser_process_empty_scalar(parser, event, mark)
+ }
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_END_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.start_mark, // [Go] Shouldn't this be token.end_mark?
+ }
+ return true
+}
+
+// Parse the productions:
+// block_mapping ::= BLOCK-MAPPING_START
+// *******************
+// ((KEY block_node_or_indentless_sequence?)?
+// *** *
+// (VALUE block_node_or_indentless_sequence?)?)*
+//
+// BLOCK-END
+// *********
+//
+func yaml_parser_parse_block_mapping_key(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
+ if first {
+ token := peek_token(parser)
+ parser.marks = append(parser.marks, token.start_mark)
+ skip_token(parser)
+ }
+
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ if token.typ == yaml_KEY_TOKEN {
+ mark := token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_KEY_TOKEN &&
+ token.typ != yaml_VALUE_TOKEN &&
+ token.typ != yaml_BLOCK_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_BLOCK_MAPPING_VALUE_STATE)
+ return yaml_parser_parse_node(parser, event, true, true)
+ } else {
+ parser.state = yaml_PARSE_BLOCK_MAPPING_VALUE_STATE
+ return yaml_parser_process_empty_scalar(parser, event, mark)
+ }
+ } else if token.typ == yaml_BLOCK_END_TOKEN {
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_END_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ }
+ skip_token(parser)
+ return true
+ }
+
+ context_mark := parser.marks[len(parser.marks)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+ return yaml_parser_set_parser_error_context(parser,
+ "while parsing a block mapping", context_mark,
+ "did not find expected key", token.start_mark)
+}
+
+// Parse the productions:
+// block_mapping ::= BLOCK-MAPPING_START
+//
+// ((KEY block_node_or_indentless_sequence?)?
+//
+// (VALUE block_node_or_indentless_sequence?)?)*
+// ***** *
+// BLOCK-END
+//
+//
+func yaml_parser_parse_block_mapping_value(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ == yaml_VALUE_TOKEN {
+ mark := token.end_mark
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_KEY_TOKEN &&
+ token.typ != yaml_VALUE_TOKEN &&
+ token.typ != yaml_BLOCK_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_BLOCK_MAPPING_KEY_STATE)
+ return yaml_parser_parse_node(parser, event, true, true)
+ }
+ parser.state = yaml_PARSE_BLOCK_MAPPING_KEY_STATE
+ return yaml_parser_process_empty_scalar(parser, event, mark)
+ }
+ parser.state = yaml_PARSE_BLOCK_MAPPING_KEY_STATE
+ return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
+}
+
+// Parse the productions:
+// flow_sequence ::= FLOW-SEQUENCE-START
+// *******************
+// (flow_sequence_entry FLOW-ENTRY)*
+// * **********
+// flow_sequence_entry?
+// *
+// FLOW-SEQUENCE-END
+// *****************
+// flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+// *
+//
+func yaml_parser_parse_flow_sequence_entry(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
+ if first {
+ token := peek_token(parser)
+ parser.marks = append(parser.marks, token.start_mark)
+ skip_token(parser)
+ }
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
+ if !first {
+ if token.typ == yaml_FLOW_ENTRY_TOKEN {
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ } else {
+ context_mark := parser.marks[len(parser.marks)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+ return yaml_parser_set_parser_error_context(parser,
+ "while parsing a flow sequence", context_mark,
+ "did not find expected ',' or ']'", token.start_mark)
+ }
+ }
+
+ if token.typ == yaml_KEY_TOKEN {
+ parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_START_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ implicit: true,
+ style: yaml_style_t(yaml_FLOW_MAPPING_STYLE),
+ }
+ skip_token(parser)
+ return true
+ } else if token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE)
+ return yaml_parser_parse_node(parser, event, false, false)
+ }
+ }
+
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+
+ *event = yaml_event_t{
+ typ: yaml_SEQUENCE_END_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ }
+
+ skip_token(parser)
+ return true
+}
+
+//
+// Parse the productions:
+// flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+// *** *
+//
+func yaml_parser_parse_flow_sequence_entry_mapping_key(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_VALUE_TOKEN &&
+ token.typ != yaml_FLOW_ENTRY_TOKEN &&
+ token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE)
+ return yaml_parser_parse_node(parser, event, false, false)
+ }
+ mark := token.end_mark
+ skip_token(parser)
+ parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE
+ return yaml_parser_process_empty_scalar(parser, event, mark)
+}
+
+// Parse the productions:
+// flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+// ***** *
+//
+func yaml_parser_parse_flow_sequence_entry_mapping_value(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ == yaml_VALUE_TOKEN {
+ skip_token(parser)
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_FLOW_ENTRY_TOKEN && token.typ != yaml_FLOW_SEQUENCE_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE)
+ return yaml_parser_parse_node(parser, event, false, false)
+ }
+ }
+ parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE
+ return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
+}
+
+// Parse the productions:
+// flow_sequence_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+// *
+//
+func yaml_parser_parse_flow_sequence_entry_mapping_end(parser *yaml_parser_t, event *yaml_event_t) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ parser.state = yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_END_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.start_mark, // [Go] Shouldn't this be end_mark?
+ }
+ return true
+}
+
+// Parse the productions:
+// flow_mapping ::= FLOW-MAPPING-START
+// ******************
+// (flow_mapping_entry FLOW-ENTRY)*
+// * **********
+// flow_mapping_entry?
+// ******************
+// FLOW-MAPPING-END
+// ****************
+// flow_mapping_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+// * *** *
+//
+func yaml_parser_parse_flow_mapping_key(parser *yaml_parser_t, event *yaml_event_t, first bool) bool {
+ if first {
+ token := peek_token(parser)
+ parser.marks = append(parser.marks, token.start_mark)
+ skip_token(parser)
+ }
+
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ if token.typ != yaml_FLOW_MAPPING_END_TOKEN {
+ if !first {
+ if token.typ == yaml_FLOW_ENTRY_TOKEN {
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ } else {
+ context_mark := parser.marks[len(parser.marks)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+ return yaml_parser_set_parser_error_context(parser,
+ "while parsing a flow mapping", context_mark,
+ "did not find expected ',' or '}'", token.start_mark)
+ }
+ }
+
+ if token.typ == yaml_KEY_TOKEN {
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_VALUE_TOKEN &&
+ token.typ != yaml_FLOW_ENTRY_TOKEN &&
+ token.typ != yaml_FLOW_MAPPING_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_FLOW_MAPPING_VALUE_STATE)
+ return yaml_parser_parse_node(parser, event, false, false)
+ } else {
+ parser.state = yaml_PARSE_FLOW_MAPPING_VALUE_STATE
+ return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
+ }
+ } else if token.typ != yaml_FLOW_MAPPING_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE)
+ return yaml_parser_parse_node(parser, event, false, false)
+ }
+ }
+
+ parser.state = parser.states[len(parser.states)-1]
+ parser.states = parser.states[:len(parser.states)-1]
+ parser.marks = parser.marks[:len(parser.marks)-1]
+ *event = yaml_event_t{
+ typ: yaml_MAPPING_END_EVENT,
+ start_mark: token.start_mark,
+ end_mark: token.end_mark,
+ }
+ skip_token(parser)
+ return true
+}
+
+// Parse the productions:
+// flow_mapping_entry ::= flow_node | KEY flow_node? (VALUE flow_node?)?
+// * ***** *
+//
+func yaml_parser_parse_flow_mapping_value(parser *yaml_parser_t, event *yaml_event_t, empty bool) bool {
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if empty {
+ parser.state = yaml_PARSE_FLOW_MAPPING_KEY_STATE
+ return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
+ }
+ if token.typ == yaml_VALUE_TOKEN {
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ if token.typ != yaml_FLOW_ENTRY_TOKEN && token.typ != yaml_FLOW_MAPPING_END_TOKEN {
+ parser.states = append(parser.states, yaml_PARSE_FLOW_MAPPING_KEY_STATE)
+ return yaml_parser_parse_node(parser, event, false, false)
+ }
+ }
+ parser.state = yaml_PARSE_FLOW_MAPPING_KEY_STATE
+ return yaml_parser_process_empty_scalar(parser, event, token.start_mark)
+}
+
+// Generate an empty scalar event.
+func yaml_parser_process_empty_scalar(parser *yaml_parser_t, event *yaml_event_t, mark yaml_mark_t) bool {
+ *event = yaml_event_t{
+ typ: yaml_SCALAR_EVENT,
+ start_mark: mark,
+ end_mark: mark,
+ value: nil, // Empty
+ implicit: true,
+ style: yaml_style_t(yaml_PLAIN_SCALAR_STYLE),
+ }
+ return true
+}
+
+var default_tag_directives = []yaml_tag_directive_t{
+ {[]byte("!"), []byte("!")},
+ {[]byte("!!"), []byte("tag:yaml.org,2002:")},
+}
+
+// Parse directives.
+func yaml_parser_process_directives(parser *yaml_parser_t,
+ version_directive_ref **yaml_version_directive_t,
+ tag_directives_ref *[]yaml_tag_directive_t) bool {
+
+ var version_directive *yaml_version_directive_t
+ var tag_directives []yaml_tag_directive_t
+
+ token := peek_token(parser)
+ if token == nil {
+ return false
+ }
+
+ for token.typ == yaml_VERSION_DIRECTIVE_TOKEN || token.typ == yaml_TAG_DIRECTIVE_TOKEN {
+ if token.typ == yaml_VERSION_DIRECTIVE_TOKEN {
+ if version_directive != nil {
+ yaml_parser_set_parser_error(parser,
+ "found duplicate %YAML directive", token.start_mark)
+ return false
+ }
+ if token.major != 1 || token.minor != 1 {
+ yaml_parser_set_parser_error(parser,
+ "found incompatible YAML document", token.start_mark)
+ return false
+ }
+ version_directive = &yaml_version_directive_t{
+ major: token.major,
+ minor: token.minor,
+ }
+ } else if token.typ == yaml_TAG_DIRECTIVE_TOKEN {
+ value := yaml_tag_directive_t{
+ handle: token.value,
+ prefix: token.prefix,
+ }
+ if !yaml_parser_append_tag_directive(parser, value, false, token.start_mark) {
+ return false
+ }
+ tag_directives = append(tag_directives, value)
+ }
+
+ skip_token(parser)
+ token = peek_token(parser)
+ if token == nil {
+ return false
+ }
+ }
+
+ for i := range default_tag_directives {
+ if !yaml_parser_append_tag_directive(parser, default_tag_directives[i], true, token.start_mark) {
+ return false
+ }
+ }
+
+ if version_directive_ref != nil {
+ *version_directive_ref = version_directive
+ }
+ if tag_directives_ref != nil {
+ *tag_directives_ref = tag_directives
+ }
+ return true
+}
+
+// Append a tag directive to the directives stack.
+func yaml_parser_append_tag_directive(parser *yaml_parser_t, value yaml_tag_directive_t, allow_duplicates bool, mark yaml_mark_t) bool {
+ for i := range parser.tag_directives {
+ if bytes.Equal(value.handle, parser.tag_directives[i].handle) {
+ if allow_duplicates {
+ return true
+ }
+ return yaml_parser_set_parser_error(parser, "found duplicate %TAG directive", mark)
+ }
+ }
+
+ // [Go] I suspect the copy is unnecessary. This was likely done
+ // because there was no way to track ownership of the data.
+ value_copy := yaml_tag_directive_t{
+ handle: make([]byte, len(value.handle)),
+ prefix: make([]byte, len(value.prefix)),
+ }
+ copy(value_copy.handle, value.handle)
+ copy(value_copy.prefix, value.prefix)
+ parser.tag_directives = append(parser.tag_directives, value_copy)
+ return true
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/readerc.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/readerc.go
new file mode 100644
index 000000000..7c1f5fac3
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/readerc.go
@@ -0,0 +1,412 @@
+package yaml
+
+import (
+ "io"
+)
+
+// Set the reader error and return 0.
+func yaml_parser_set_reader_error(parser *yaml_parser_t, problem string, offset int, value int) bool {
+ parser.error = yaml_READER_ERROR
+ parser.problem = problem
+ parser.problem_offset = offset
+ parser.problem_value = value
+ return false
+}
+
+// Byte order marks.
+const (
+ bom_UTF8 = "\xef\xbb\xbf"
+ bom_UTF16LE = "\xff\xfe"
+ bom_UTF16BE = "\xfe\xff"
+)
+
+// Determine the input stream encoding by checking the BOM symbol. If no BOM is
+// found, the UTF-8 encoding is assumed. Return 1 on success, 0 on failure.
+func yaml_parser_determine_encoding(parser *yaml_parser_t) bool {
+ // Ensure that we had enough bytes in the raw buffer.
+ for !parser.eof && len(parser.raw_buffer)-parser.raw_buffer_pos < 3 {
+ if !yaml_parser_update_raw_buffer(parser) {
+ return false
+ }
+ }
+
+ // Determine the encoding.
+ buf := parser.raw_buffer
+ pos := parser.raw_buffer_pos
+ avail := len(buf) - pos
+ if avail >= 2 && buf[pos] == bom_UTF16LE[0] && buf[pos+1] == bom_UTF16LE[1] {
+ parser.encoding = yaml_UTF16LE_ENCODING
+ parser.raw_buffer_pos += 2
+ parser.offset += 2
+ } else if avail >= 2 && buf[pos] == bom_UTF16BE[0] && buf[pos+1] == bom_UTF16BE[1] {
+ parser.encoding = yaml_UTF16BE_ENCODING
+ parser.raw_buffer_pos += 2
+ parser.offset += 2
+ } else if avail >= 3 && buf[pos] == bom_UTF8[0] && buf[pos+1] == bom_UTF8[1] && buf[pos+2] == bom_UTF8[2] {
+ parser.encoding = yaml_UTF8_ENCODING
+ parser.raw_buffer_pos += 3
+ parser.offset += 3
+ } else {
+ parser.encoding = yaml_UTF8_ENCODING
+ }
+ return true
+}
+
+// Update the raw buffer.
+func yaml_parser_update_raw_buffer(parser *yaml_parser_t) bool {
+ size_read := 0
+
+ // Return if the raw buffer is full.
+ if parser.raw_buffer_pos == 0 && len(parser.raw_buffer) == cap(parser.raw_buffer) {
+ return true
+ }
+
+ // Return on EOF.
+ if parser.eof {
+ return true
+ }
+
+ // Move the remaining bytes in the raw buffer to the beginning.
+ if parser.raw_buffer_pos > 0 && parser.raw_buffer_pos < len(parser.raw_buffer) {
+ copy(parser.raw_buffer, parser.raw_buffer[parser.raw_buffer_pos:])
+ }
+ parser.raw_buffer = parser.raw_buffer[:len(parser.raw_buffer)-parser.raw_buffer_pos]
+ parser.raw_buffer_pos = 0
+
+ // Call the read handler to fill the buffer.
+ size_read, err := parser.read_handler(parser, parser.raw_buffer[len(parser.raw_buffer):cap(parser.raw_buffer)])
+ parser.raw_buffer = parser.raw_buffer[:len(parser.raw_buffer)+size_read]
+ if err == io.EOF {
+ parser.eof = true
+ } else if err != nil {
+ return yaml_parser_set_reader_error(parser, "input error: "+err.Error(), parser.offset, -1)
+ }
+ return true
+}
+
+// Ensure that the buffer contains at least `length` characters.
+// Return true on success, false on failure.
+//
+// The length is supposed to be significantly less that the buffer size.
+func yaml_parser_update_buffer(parser *yaml_parser_t, length int) bool {
+ if parser.read_handler == nil {
+ panic("read handler must be set")
+ }
+
+ // [Go] This function was changed to guarantee the requested length size at EOF.
+ // The fact we need to do this is pretty awful, but the description above implies
+ // for that to be the case, and there are tests
+
+ // If the EOF flag is set and the raw buffer is empty, do nothing.
+ if parser.eof && parser.raw_buffer_pos == len(parser.raw_buffer) {
+ // [Go] ACTUALLY! Read the documentation of this function above.
+ // This is just broken. To return true, we need to have the
+ // given length in the buffer. Not doing that means every single
+ // check that calls this function to make sure the buffer has a
+ // given length is Go) panicking; or C) accessing invalid memory.
+ //return true
+ }
+
+ // Return if the buffer contains enough characters.
+ if parser.unread >= length {
+ return true
+ }
+
+ // Determine the input encoding if it is not known yet.
+ if parser.encoding == yaml_ANY_ENCODING {
+ if !yaml_parser_determine_encoding(parser) {
+ return false
+ }
+ }
+
+ // Move the unread characters to the beginning of the buffer.
+ buffer_len := len(parser.buffer)
+ if parser.buffer_pos > 0 && parser.buffer_pos < buffer_len {
+ copy(parser.buffer, parser.buffer[parser.buffer_pos:])
+ buffer_len -= parser.buffer_pos
+ parser.buffer_pos = 0
+ } else if parser.buffer_pos == buffer_len {
+ buffer_len = 0
+ parser.buffer_pos = 0
+ }
+
+ // Open the whole buffer for writing, and cut it before returning.
+ parser.buffer = parser.buffer[:cap(parser.buffer)]
+
+ // Fill the buffer until it has enough characters.
+ first := true
+ for parser.unread < length {
+
+ // Fill the raw buffer if necessary.
+ if !first || parser.raw_buffer_pos == len(parser.raw_buffer) {
+ if !yaml_parser_update_raw_buffer(parser) {
+ parser.buffer = parser.buffer[:buffer_len]
+ return false
+ }
+ }
+ first = false
+
+ // Decode the raw buffer.
+ inner:
+ for parser.raw_buffer_pos != len(parser.raw_buffer) {
+ var value rune
+ var width int
+
+ raw_unread := len(parser.raw_buffer) - parser.raw_buffer_pos
+
+ // Decode the next character.
+ switch parser.encoding {
+ case yaml_UTF8_ENCODING:
+ // Decode a UTF-8 character. Check RFC 3629
+ // (http://www.ietf.org/rfc/rfc3629.txt) for more details.
+ //
+ // The following table (taken from the RFC) is used for
+ // decoding.
+ //
+ // Char. number range | UTF-8 octet sequence
+ // (hexadecimal) | (binary)
+ // --------------------+------------------------------------
+ // 0000 0000-0000 007F | 0xxxxxxx
+ // 0000 0080-0000 07FF | 110xxxxx 10xxxxxx
+ // 0000 0800-0000 FFFF | 1110xxxx 10xxxxxx 10xxxxxx
+ // 0001 0000-0010 FFFF | 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+ //
+ // Additionally, the characters in the range 0xD800-0xDFFF
+ // are prohibited as they are reserved for use with UTF-16
+ // surrogate pairs.
+
+ // Determine the length of the UTF-8 sequence.
+ octet := parser.raw_buffer[parser.raw_buffer_pos]
+ switch {
+ case octet&0x80 == 0x00:
+ width = 1
+ case octet&0xE0 == 0xC0:
+ width = 2
+ case octet&0xF0 == 0xE0:
+ width = 3
+ case octet&0xF8 == 0xF0:
+ width = 4
+ default:
+ // The leading octet is invalid.
+ return yaml_parser_set_reader_error(parser,
+ "invalid leading UTF-8 octet",
+ parser.offset, int(octet))
+ }
+
+ // Check if the raw buffer contains an incomplete character.
+ if width > raw_unread {
+ if parser.eof {
+ return yaml_parser_set_reader_error(parser,
+ "incomplete UTF-8 octet sequence",
+ parser.offset, -1)
+ }
+ break inner
+ }
+
+ // Decode the leading octet.
+ switch {
+ case octet&0x80 == 0x00:
+ value = rune(octet & 0x7F)
+ case octet&0xE0 == 0xC0:
+ value = rune(octet & 0x1F)
+ case octet&0xF0 == 0xE0:
+ value = rune(octet & 0x0F)
+ case octet&0xF8 == 0xF0:
+ value = rune(octet & 0x07)
+ default:
+ value = 0
+ }
+
+ // Check and decode the trailing octets.
+ for k := 1; k < width; k++ {
+ octet = parser.raw_buffer[parser.raw_buffer_pos+k]
+
+ // Check if the octet is valid.
+ if (octet & 0xC0) != 0x80 {
+ return yaml_parser_set_reader_error(parser,
+ "invalid trailing UTF-8 octet",
+ parser.offset+k, int(octet))
+ }
+
+ // Decode the octet.
+ value = (value << 6) + rune(octet&0x3F)
+ }
+
+ // Check the length of the sequence against the value.
+ switch {
+ case width == 1:
+ case width == 2 && value >= 0x80:
+ case width == 3 && value >= 0x800:
+ case width == 4 && value >= 0x10000:
+ default:
+ return yaml_parser_set_reader_error(parser,
+ "invalid length of a UTF-8 sequence",
+ parser.offset, -1)
+ }
+
+ // Check the range of the value.
+ if value >= 0xD800 && value <= 0xDFFF || value > 0x10FFFF {
+ return yaml_parser_set_reader_error(parser,
+ "invalid Unicode character",
+ parser.offset, int(value))
+ }
+
+ case yaml_UTF16LE_ENCODING, yaml_UTF16BE_ENCODING:
+ var low, high int
+ if parser.encoding == yaml_UTF16LE_ENCODING {
+ low, high = 0, 1
+ } else {
+ low, high = 1, 0
+ }
+
+ // The UTF-16 encoding is not as simple as one might
+ // naively think. Check RFC 2781
+ // (http://www.ietf.org/rfc/rfc2781.txt).
+ //
+ // Normally, two subsequent bytes describe a Unicode
+ // character. However a special technique (called a
+ // surrogate pair) is used for specifying character
+ // values larger than 0xFFFF.
+ //
+ // A surrogate pair consists of two pseudo-characters:
+ // high surrogate area (0xD800-0xDBFF)
+ // low surrogate area (0xDC00-0xDFFF)
+ //
+ // The following formulas are used for decoding
+ // and encoding characters using surrogate pairs:
+ //
+ // U = U' + 0x10000 (0x01 00 00 <= U <= 0x10 FF FF)
+ // U' = yyyyyyyyyyxxxxxxxxxx (0 <= U' <= 0x0F FF FF)
+ // W1 = 110110yyyyyyyyyy
+ // W2 = 110111xxxxxxxxxx
+ //
+ // where U is the character value, W1 is the high surrogate
+ // area, W2 is the low surrogate area.
+
+ // Check for incomplete UTF-16 character.
+ if raw_unread < 2 {
+ if parser.eof {
+ return yaml_parser_set_reader_error(parser,
+ "incomplete UTF-16 character",
+ parser.offset, -1)
+ }
+ break inner
+ }
+
+ // Get the character.
+ value = rune(parser.raw_buffer[parser.raw_buffer_pos+low]) +
+ (rune(parser.raw_buffer[parser.raw_buffer_pos+high]) << 8)
+
+ // Check for unexpected low surrogate area.
+ if value&0xFC00 == 0xDC00 {
+ return yaml_parser_set_reader_error(parser,
+ "unexpected low surrogate area",
+ parser.offset, int(value))
+ }
+
+ // Check for a high surrogate area.
+ if value&0xFC00 == 0xD800 {
+ width = 4
+
+ // Check for incomplete surrogate pair.
+ if raw_unread < 4 {
+ if parser.eof {
+ return yaml_parser_set_reader_error(parser,
+ "incomplete UTF-16 surrogate pair",
+ parser.offset, -1)
+ }
+ break inner
+ }
+
+ // Get the next character.
+ value2 := rune(parser.raw_buffer[parser.raw_buffer_pos+low+2]) +
+ (rune(parser.raw_buffer[parser.raw_buffer_pos+high+2]) << 8)
+
+ // Check for a low surrogate area.
+ if value2&0xFC00 != 0xDC00 {
+ return yaml_parser_set_reader_error(parser,
+ "expected low surrogate area",
+ parser.offset+2, int(value2))
+ }
+
+ // Generate the value of the surrogate pair.
+ value = 0x10000 + ((value & 0x3FF) << 10) + (value2 & 0x3FF)
+ } else {
+ width = 2
+ }
+
+ default:
+ panic("impossible")
+ }
+
+ // Check if the character is in the allowed range:
+ // #x9 | #xA | #xD | [#x20-#x7E] (8 bit)
+ // | #x85 | [#xA0-#xD7FF] | [#xE000-#xFFFD] (16 bit)
+ // | [#x10000-#x10FFFF] (32 bit)
+ switch {
+ case value == 0x09:
+ case value == 0x0A:
+ case value == 0x0D:
+ case value >= 0x20 && value <= 0x7E:
+ case value == 0x85:
+ case value >= 0xA0 && value <= 0xD7FF:
+ case value >= 0xE000 && value <= 0xFFFD:
+ case value >= 0x10000 && value <= 0x10FFFF:
+ default:
+ return yaml_parser_set_reader_error(parser,
+ "control characters are not allowed",
+ parser.offset, int(value))
+ }
+
+ // Move the raw pointers.
+ parser.raw_buffer_pos += width
+ parser.offset += width
+
+ // Finally put the character into the buffer.
+ if value <= 0x7F {
+ // 0000 0000-0000 007F . 0xxxxxxx
+ parser.buffer[buffer_len+0] = byte(value)
+ buffer_len += 1
+ } else if value <= 0x7FF {
+ // 0000 0080-0000 07FF . 110xxxxx 10xxxxxx
+ parser.buffer[buffer_len+0] = byte(0xC0 + (value >> 6))
+ parser.buffer[buffer_len+1] = byte(0x80 + (value & 0x3F))
+ buffer_len += 2
+ } else if value <= 0xFFFF {
+ // 0000 0800-0000 FFFF . 1110xxxx 10xxxxxx 10xxxxxx
+ parser.buffer[buffer_len+0] = byte(0xE0 + (value >> 12))
+ parser.buffer[buffer_len+1] = byte(0x80 + ((value >> 6) & 0x3F))
+ parser.buffer[buffer_len+2] = byte(0x80 + (value & 0x3F))
+ buffer_len += 3
+ } else {
+ // 0001 0000-0010 FFFF . 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
+ parser.buffer[buffer_len+0] = byte(0xF0 + (value >> 18))
+ parser.buffer[buffer_len+1] = byte(0x80 + ((value >> 12) & 0x3F))
+ parser.buffer[buffer_len+2] = byte(0x80 + ((value >> 6) & 0x3F))
+ parser.buffer[buffer_len+3] = byte(0x80 + (value & 0x3F))
+ buffer_len += 4
+ }
+
+ parser.unread++
+ }
+
+ // On EOF, put NUL into the buffer and return.
+ if parser.eof {
+ parser.buffer[buffer_len] = 0
+ buffer_len++
+ parser.unread++
+ break
+ }
+ }
+ // [Go] Read the documentation of this function above. To return true,
+ // we need to have the given length in the buffer. Not doing that means
+ // every single check that calls this function to make sure the buffer
+ // has a given length is Go) panicking; or C) accessing invalid memory.
+ // This happens here due to the EOF above breaking early.
+ for buffer_len < length {
+ parser.buffer[buffer_len] = 0
+ buffer_len++
+ }
+ parser.buffer = parser.buffer[:buffer_len]
+ return true
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/resolve.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/resolve.go
new file mode 100644
index 000000000..4120e0c91
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/resolve.go
@@ -0,0 +1,258 @@
+package yaml
+
+import (
+ "encoding/base64"
+ "math"
+ "regexp"
+ "strconv"
+ "strings"
+ "time"
+)
+
+type resolveMapItem struct {
+ value interface{}
+ tag string
+}
+
+var resolveTable = make([]byte, 256)
+var resolveMap = make(map[string]resolveMapItem)
+
+func init() {
+ t := resolveTable
+ t[int('+')] = 'S' // Sign
+ t[int('-')] = 'S'
+ for _, c := range "0123456789" {
+ t[int(c)] = 'D' // Digit
+ }
+ for _, c := range "yYnNtTfFoO~" {
+ t[int(c)] = 'M' // In map
+ }
+ t[int('.')] = '.' // Float (potentially in map)
+
+ var resolveMapList = []struct {
+ v interface{}
+ tag string
+ l []string
+ }{
+ {true, yaml_BOOL_TAG, []string{"y", "Y", "yes", "Yes", "YES"}},
+ {true, yaml_BOOL_TAG, []string{"true", "True", "TRUE"}},
+ {true, yaml_BOOL_TAG, []string{"on", "On", "ON"}},
+ {false, yaml_BOOL_TAG, []string{"n", "N", "no", "No", "NO"}},
+ {false, yaml_BOOL_TAG, []string{"false", "False", "FALSE"}},
+ {false, yaml_BOOL_TAG, []string{"off", "Off", "OFF"}},
+ {nil, yaml_NULL_TAG, []string{"", "~", "null", "Null", "NULL"}},
+ {math.NaN(), yaml_FLOAT_TAG, []string{".nan", ".NaN", ".NAN"}},
+ {math.Inf(+1), yaml_FLOAT_TAG, []string{".inf", ".Inf", ".INF"}},
+ {math.Inf(+1), yaml_FLOAT_TAG, []string{"+.inf", "+.Inf", "+.INF"}},
+ {math.Inf(-1), yaml_FLOAT_TAG, []string{"-.inf", "-.Inf", "-.INF"}},
+ {"<<", yaml_MERGE_TAG, []string{"<<"}},
+ }
+
+ m := resolveMap
+ for _, item := range resolveMapList {
+ for _, s := range item.l {
+ m[s] = resolveMapItem{item.v, item.tag}
+ }
+ }
+}
+
+const longTagPrefix = "tag:yaml.org,2002:"
+
+func shortTag(tag string) string {
+ // TODO This can easily be made faster and produce less garbage.
+ if strings.HasPrefix(tag, longTagPrefix) {
+ return "!!" + tag[len(longTagPrefix):]
+ }
+ return tag
+}
+
+func longTag(tag string) string {
+ if strings.HasPrefix(tag, "!!") {
+ return longTagPrefix + tag[2:]
+ }
+ return tag
+}
+
+func resolvableTag(tag string) bool {
+ switch tag {
+ case "", yaml_STR_TAG, yaml_BOOL_TAG, yaml_INT_TAG, yaml_FLOAT_TAG, yaml_NULL_TAG, yaml_TIMESTAMP_TAG:
+ return true
+ }
+ return false
+}
+
+var yamlStyleFloat = regexp.MustCompile(`^[-+]?(\.[0-9]+|[0-9]+(\.[0-9]*)?)([eE][-+]?[0-9]+)?$`)
+
+func resolve(tag string, in string) (rtag string, out interface{}) {
+ if !resolvableTag(tag) {
+ return tag, in
+ }
+
+ defer func() {
+ switch tag {
+ case "", rtag, yaml_STR_TAG, yaml_BINARY_TAG:
+ return
+ case yaml_FLOAT_TAG:
+ if rtag == yaml_INT_TAG {
+ switch v := out.(type) {
+ case int64:
+ rtag = yaml_FLOAT_TAG
+ out = float64(v)
+ return
+ case int:
+ rtag = yaml_FLOAT_TAG
+ out = float64(v)
+ return
+ }
+ }
+ }
+ failf("cannot decode %s `%s` as a %s", shortTag(rtag), in, shortTag(tag))
+ }()
+
+ // Any data is accepted as a !!str or !!binary.
+ // Otherwise, the prefix is enough of a hint about what it might be.
+ hint := byte('N')
+ if in != "" {
+ hint = resolveTable[in[0]]
+ }
+ if hint != 0 && tag != yaml_STR_TAG && tag != yaml_BINARY_TAG {
+ // Handle things we can lookup in a map.
+ if item, ok := resolveMap[in]; ok {
+ return item.tag, item.value
+ }
+
+ // Base 60 floats are a bad idea, were dropped in YAML 1.2, and
+ // are purposefully unsupported here. They're still quoted on
+ // the way out for compatibility with other parser, though.
+
+ switch hint {
+ case 'M':
+ // We've already checked the map above.
+
+ case '.':
+ // Not in the map, so maybe a normal float.
+ floatv, err := strconv.ParseFloat(in, 64)
+ if err == nil {
+ return yaml_FLOAT_TAG, floatv
+ }
+
+ case 'D', 'S':
+ // Int, float, or timestamp.
+ // Only try values as a timestamp if the value is unquoted or there's an explicit
+ // !!timestamp tag.
+ if tag == "" || tag == yaml_TIMESTAMP_TAG {
+ t, ok := parseTimestamp(in)
+ if ok {
+ return yaml_TIMESTAMP_TAG, t
+ }
+ }
+
+ plain := strings.Replace(in, "_", "", -1)
+ intv, err := strconv.ParseInt(plain, 0, 64)
+ if err == nil {
+ if intv == int64(int(intv)) {
+ return yaml_INT_TAG, int(intv)
+ } else {
+ return yaml_INT_TAG, intv
+ }
+ }
+ uintv, err := strconv.ParseUint(plain, 0, 64)
+ if err == nil {
+ return yaml_INT_TAG, uintv
+ }
+ if yamlStyleFloat.MatchString(plain) {
+ floatv, err := strconv.ParseFloat(plain, 64)
+ if err == nil {
+ return yaml_FLOAT_TAG, floatv
+ }
+ }
+ if strings.HasPrefix(plain, "0b") {
+ intv, err := strconv.ParseInt(plain[2:], 2, 64)
+ if err == nil {
+ if intv == int64(int(intv)) {
+ return yaml_INT_TAG, int(intv)
+ } else {
+ return yaml_INT_TAG, intv
+ }
+ }
+ uintv, err := strconv.ParseUint(plain[2:], 2, 64)
+ if err == nil {
+ return yaml_INT_TAG, uintv
+ }
+ } else if strings.HasPrefix(plain, "-0b") {
+ intv, err := strconv.ParseInt("-" + plain[3:], 2, 64)
+ if err == nil {
+ if true || intv == int64(int(intv)) {
+ return yaml_INT_TAG, int(intv)
+ } else {
+ return yaml_INT_TAG, intv
+ }
+ }
+ }
+ default:
+ panic("resolveTable item not yet handled: " + string(rune(hint)) + " (with " + in + ")")
+ }
+ }
+ return yaml_STR_TAG, in
+}
+
+// encodeBase64 encodes s as base64 that is broken up into multiple lines
+// as appropriate for the resulting length.
+func encodeBase64(s string) string {
+ const lineLen = 70
+ encLen := base64.StdEncoding.EncodedLen(len(s))
+ lines := encLen/lineLen + 1
+ buf := make([]byte, encLen*2+lines)
+ in := buf[0:encLen]
+ out := buf[encLen:]
+ base64.StdEncoding.Encode(in, []byte(s))
+ k := 0
+ for i := 0; i < len(in); i += lineLen {
+ j := i + lineLen
+ if j > len(in) {
+ j = len(in)
+ }
+ k += copy(out[k:], in[i:j])
+ if lines > 1 {
+ out[k] = '\n'
+ k++
+ }
+ }
+ return string(out[:k])
+}
+
+// This is a subset of the formats allowed by the regular expression
+// defined at http://yaml.org/type/timestamp.html.
+var allowedTimestampFormats = []string{
+ "2006-1-2T15:4:5.999999999Z07:00", // RCF3339Nano with short date fields.
+ "2006-1-2t15:4:5.999999999Z07:00", // RFC3339Nano with short date fields and lower-case "t".
+ "2006-1-2 15:4:5.999999999", // space separated with no time zone
+ "2006-1-2", // date only
+ // Notable exception: time.Parse cannot handle: "2001-12-14 21:59:43.10 -5"
+ // from the set of examples.
+}
+
+// parseTimestamp parses s as a timestamp string and
+// returns the timestamp and reports whether it succeeded.
+// Timestamp formats are defined at http://yaml.org/type/timestamp.html
+func parseTimestamp(s string) (time.Time, bool) {
+ // TODO write code to check all the formats supported by
+ // http://yaml.org/type/timestamp.html instead of using time.Parse.
+
+ // Quick check: all date formats start with YYYY-.
+ i := 0
+ for ; i < len(s); i++ {
+ if c := s[i]; c < '0' || c > '9' {
+ break
+ }
+ }
+ if i != 4 || i == len(s) || s[i] != '-' {
+ return time.Time{}, false
+ }
+ for _, format := range allowedTimestampFormats {
+ if t, err := time.Parse(format, s); err == nil {
+ return t, true
+ }
+ }
+ return time.Time{}, false
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/scannerc.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/scannerc.go
new file mode 100644
index 000000000..0b9bb6030
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/scannerc.go
@@ -0,0 +1,2711 @@
+package yaml
+
+import (
+ "bytes"
+ "fmt"
+)
+
+// Introduction
+// ************
+//
+// The following notes assume that you are familiar with the YAML specification
+// (http://yaml.org/spec/1.2/spec.html). We mostly follow it, although in
+// some cases we are less restrictive that it requires.
+//
+// The process of transforming a YAML stream into a sequence of events is
+// divided on two steps: Scanning and Parsing.
+//
+// The Scanner transforms the input stream into a sequence of tokens, while the
+// parser transform the sequence of tokens produced by the Scanner into a
+// sequence of parsing events.
+//
+// The Scanner is rather clever and complicated. The Parser, on the contrary,
+// is a straightforward implementation of a recursive-descendant parser (or,
+// LL(1) parser, as it is usually called).
+//
+// Actually there are two issues of Scanning that might be called "clever", the
+// rest is quite straightforward. The issues are "block collection start" and
+// "simple keys". Both issues are explained below in details.
+//
+// Here the Scanning step is explained and implemented. We start with the list
+// of all the tokens produced by the Scanner together with short descriptions.
+//
+// Now, tokens:
+//
+// STREAM-START(encoding) # The stream start.
+// STREAM-END # The stream end.
+// VERSION-DIRECTIVE(major,minor) # The '%YAML' directive.
+// TAG-DIRECTIVE(handle,prefix) # The '%TAG' directive.
+// DOCUMENT-START # '---'
+// DOCUMENT-END # '...'
+// BLOCK-SEQUENCE-START # Indentation increase denoting a block
+// BLOCK-MAPPING-START # sequence or a block mapping.
+// BLOCK-END # Indentation decrease.
+// FLOW-SEQUENCE-START # '['
+// FLOW-SEQUENCE-END # ']'
+// BLOCK-SEQUENCE-START # '{'
+// BLOCK-SEQUENCE-END # '}'
+// BLOCK-ENTRY # '-'
+// FLOW-ENTRY # ','
+// KEY # '?' or nothing (simple keys).
+// VALUE # ':'
+// ALIAS(anchor) # '*anchor'
+// ANCHOR(anchor) # '&anchor'
+// TAG(handle,suffix) # '!handle!suffix'
+// SCALAR(value,style) # A scalar.
+//
+// The following two tokens are "virtual" tokens denoting the beginning and the
+// end of the stream:
+//
+// STREAM-START(encoding)
+// STREAM-END
+//
+// We pass the information about the input stream encoding with the
+// STREAM-START token.
+//
+// The next two tokens are responsible for tags:
+//
+// VERSION-DIRECTIVE(major,minor)
+// TAG-DIRECTIVE(handle,prefix)
+//
+// Example:
+//
+// %YAML 1.1
+// %TAG ! !foo
+// %TAG !yaml! tag:yaml.org,2002:
+// ---
+//
+// The correspoding sequence of tokens:
+//
+// STREAM-START(utf-8)
+// VERSION-DIRECTIVE(1,1)
+// TAG-DIRECTIVE("!","!foo")
+// TAG-DIRECTIVE("!yaml","tag:yaml.org,2002:")
+// DOCUMENT-START
+// STREAM-END
+//
+// Note that the VERSION-DIRECTIVE and TAG-DIRECTIVE tokens occupy a whole
+// line.
+//
+// The document start and end indicators are represented by:
+//
+// DOCUMENT-START
+// DOCUMENT-END
+//
+// Note that if a YAML stream contains an implicit document (without '---'
+// and '...' indicators), no DOCUMENT-START and DOCUMENT-END tokens will be
+// produced.
+//
+// In the following examples, we present whole documents together with the
+// produced tokens.
+//
+// 1. An implicit document:
+//
+// 'a scalar'
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// SCALAR("a scalar",single-quoted)
+// STREAM-END
+//
+// 2. An explicit document:
+//
+// ---
+// 'a scalar'
+// ...
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// DOCUMENT-START
+// SCALAR("a scalar",single-quoted)
+// DOCUMENT-END
+// STREAM-END
+//
+// 3. Several documents in a stream:
+//
+// 'a scalar'
+// ---
+// 'another scalar'
+// ---
+// 'yet another scalar'
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// SCALAR("a scalar",single-quoted)
+// DOCUMENT-START
+// SCALAR("another scalar",single-quoted)
+// DOCUMENT-START
+// SCALAR("yet another scalar",single-quoted)
+// STREAM-END
+//
+// We have already introduced the SCALAR token above. The following tokens are
+// used to describe aliases, anchors, tag, and scalars:
+//
+// ALIAS(anchor)
+// ANCHOR(anchor)
+// TAG(handle,suffix)
+// SCALAR(value,style)
+//
+// The following series of examples illustrate the usage of these tokens:
+//
+// 1. A recursive sequence:
+//
+// &A [ *A ]
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// ANCHOR("A")
+// FLOW-SEQUENCE-START
+// ALIAS("A")
+// FLOW-SEQUENCE-END
+// STREAM-END
+//
+// 2. A tagged scalar:
+//
+// !!float "3.14" # A good approximation.
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// TAG("!!","float")
+// SCALAR("3.14",double-quoted)
+// STREAM-END
+//
+// 3. Various scalar styles:
+//
+// --- # Implicit empty plain scalars do not produce tokens.
+// --- a plain scalar
+// --- 'a single-quoted scalar'
+// --- "a double-quoted scalar"
+// --- |-
+// a literal scalar
+// --- >-
+// a folded
+// scalar
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// DOCUMENT-START
+// DOCUMENT-START
+// SCALAR("a plain scalar",plain)
+// DOCUMENT-START
+// SCALAR("a single-quoted scalar",single-quoted)
+// DOCUMENT-START
+// SCALAR("a double-quoted scalar",double-quoted)
+// DOCUMENT-START
+// SCALAR("a literal scalar",literal)
+// DOCUMENT-START
+// SCALAR("a folded scalar",folded)
+// STREAM-END
+//
+// Now it's time to review collection-related tokens. We will start with
+// flow collections:
+//
+// FLOW-SEQUENCE-START
+// FLOW-SEQUENCE-END
+// FLOW-MAPPING-START
+// FLOW-MAPPING-END
+// FLOW-ENTRY
+// KEY
+// VALUE
+//
+// The tokens FLOW-SEQUENCE-START, FLOW-SEQUENCE-END, FLOW-MAPPING-START, and
+// FLOW-MAPPING-END represent the indicators '[', ']', '{', and '}'
+// correspondingly. FLOW-ENTRY represent the ',' indicator. Finally the
+// indicators '?' and ':', which are used for denoting mapping keys and values,
+// are represented by the KEY and VALUE tokens.
+//
+// The following examples show flow collections:
+//
+// 1. A flow sequence:
+//
+// [item 1, item 2, item 3]
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// FLOW-SEQUENCE-START
+// SCALAR("item 1",plain)
+// FLOW-ENTRY
+// SCALAR("item 2",plain)
+// FLOW-ENTRY
+// SCALAR("item 3",plain)
+// FLOW-SEQUENCE-END
+// STREAM-END
+//
+// 2. A flow mapping:
+//
+// {
+// a simple key: a value, # Note that the KEY token is produced.
+// ? a complex key: another value,
+// }
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// FLOW-MAPPING-START
+// KEY
+// SCALAR("a simple key",plain)
+// VALUE
+// SCALAR("a value",plain)
+// FLOW-ENTRY
+// KEY
+// SCALAR("a complex key",plain)
+// VALUE
+// SCALAR("another value",plain)
+// FLOW-ENTRY
+// FLOW-MAPPING-END
+// STREAM-END
+//
+// A simple key is a key which is not denoted by the '?' indicator. Note that
+// the Scanner still produce the KEY token whenever it encounters a simple key.
+//
+// For scanning block collections, the following tokens are used (note that we
+// repeat KEY and VALUE here):
+//
+// BLOCK-SEQUENCE-START
+// BLOCK-MAPPING-START
+// BLOCK-END
+// BLOCK-ENTRY
+// KEY
+// VALUE
+//
+// The tokens BLOCK-SEQUENCE-START and BLOCK-MAPPING-START denote indentation
+// increase that precedes a block collection (cf. the INDENT token in Python).
+// The token BLOCK-END denote indentation decrease that ends a block collection
+// (cf. the DEDENT token in Python). However YAML has some syntax pecularities
+// that makes detections of these tokens more complex.
+//
+// The tokens BLOCK-ENTRY, KEY, and VALUE are used to represent the indicators
+// '-', '?', and ':' correspondingly.
+//
+// The following examples show how the tokens BLOCK-SEQUENCE-START,
+// BLOCK-MAPPING-START, and BLOCK-END are emitted by the Scanner:
+//
+// 1. Block sequences:
+//
+// - item 1
+// - item 2
+// -
+// - item 3.1
+// - item 3.2
+// -
+// key 1: value 1
+// key 2: value 2
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// BLOCK-SEQUENCE-START
+// BLOCK-ENTRY
+// SCALAR("item 1",plain)
+// BLOCK-ENTRY
+// SCALAR("item 2",plain)
+// BLOCK-ENTRY
+// BLOCK-SEQUENCE-START
+// BLOCK-ENTRY
+// SCALAR("item 3.1",plain)
+// BLOCK-ENTRY
+// SCALAR("item 3.2",plain)
+// BLOCK-END
+// BLOCK-ENTRY
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("key 1",plain)
+// VALUE
+// SCALAR("value 1",plain)
+// KEY
+// SCALAR("key 2",plain)
+// VALUE
+// SCALAR("value 2",plain)
+// BLOCK-END
+// BLOCK-END
+// STREAM-END
+//
+// 2. Block mappings:
+//
+// a simple key: a value # The KEY token is produced here.
+// ? a complex key
+// : another value
+// a mapping:
+// key 1: value 1
+// key 2: value 2
+// a sequence:
+// - item 1
+// - item 2
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("a simple key",plain)
+// VALUE
+// SCALAR("a value",plain)
+// KEY
+// SCALAR("a complex key",plain)
+// VALUE
+// SCALAR("another value",plain)
+// KEY
+// SCALAR("a mapping",plain)
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("key 1",plain)
+// VALUE
+// SCALAR("value 1",plain)
+// KEY
+// SCALAR("key 2",plain)
+// VALUE
+// SCALAR("value 2",plain)
+// BLOCK-END
+// KEY
+// SCALAR("a sequence",plain)
+// VALUE
+// BLOCK-SEQUENCE-START
+// BLOCK-ENTRY
+// SCALAR("item 1",plain)
+// BLOCK-ENTRY
+// SCALAR("item 2",plain)
+// BLOCK-END
+// BLOCK-END
+// STREAM-END
+//
+// YAML does not always require to start a new block collection from a new
+// line. If the current line contains only '-', '?', and ':' indicators, a new
+// block collection may start at the current line. The following examples
+// illustrate this case:
+//
+// 1. Collections in a sequence:
+//
+// - - item 1
+// - item 2
+// - key 1: value 1
+// key 2: value 2
+// - ? complex key
+// : complex value
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// BLOCK-SEQUENCE-START
+// BLOCK-ENTRY
+// BLOCK-SEQUENCE-START
+// BLOCK-ENTRY
+// SCALAR("item 1",plain)
+// BLOCK-ENTRY
+// SCALAR("item 2",plain)
+// BLOCK-END
+// BLOCK-ENTRY
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("key 1",plain)
+// VALUE
+// SCALAR("value 1",plain)
+// KEY
+// SCALAR("key 2",plain)
+// VALUE
+// SCALAR("value 2",plain)
+// BLOCK-END
+// BLOCK-ENTRY
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("complex key")
+// VALUE
+// SCALAR("complex value")
+// BLOCK-END
+// BLOCK-END
+// STREAM-END
+//
+// 2. Collections in a mapping:
+//
+// ? a sequence
+// : - item 1
+// - item 2
+// ? a mapping
+// : key 1: value 1
+// key 2: value 2
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("a sequence",plain)
+// VALUE
+// BLOCK-SEQUENCE-START
+// BLOCK-ENTRY
+// SCALAR("item 1",plain)
+// BLOCK-ENTRY
+// SCALAR("item 2",plain)
+// BLOCK-END
+// KEY
+// SCALAR("a mapping",plain)
+// VALUE
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("key 1",plain)
+// VALUE
+// SCALAR("value 1",plain)
+// KEY
+// SCALAR("key 2",plain)
+// VALUE
+// SCALAR("value 2",plain)
+// BLOCK-END
+// BLOCK-END
+// STREAM-END
+//
+// YAML also permits non-indented sequences if they are included into a block
+// mapping. In this case, the token BLOCK-SEQUENCE-START is not produced:
+//
+// key:
+// - item 1 # BLOCK-SEQUENCE-START is NOT produced here.
+// - item 2
+//
+// Tokens:
+//
+// STREAM-START(utf-8)
+// BLOCK-MAPPING-START
+// KEY
+// SCALAR("key",plain)
+// VALUE
+// BLOCK-ENTRY
+// SCALAR("item 1",plain)
+// BLOCK-ENTRY
+// SCALAR("item 2",plain)
+// BLOCK-END
+//
+
+// Ensure that the buffer contains the required number of characters.
+// Return true on success, false on failure (reader error or memory error).
+func cache(parser *yaml_parser_t, length int) bool {
+ // [Go] This was inlined: !cache(A, B) -> unread < B && !update(A, B)
+ return parser.unread >= length || yaml_parser_update_buffer(parser, length)
+}
+
+// Advance the buffer pointer.
+func skip(parser *yaml_parser_t) {
+ parser.mark.index++
+ parser.mark.column++
+ parser.unread--
+ parser.buffer_pos += width(parser.buffer[parser.buffer_pos])
+}
+
+func skip_line(parser *yaml_parser_t) {
+ if is_crlf(parser.buffer, parser.buffer_pos) {
+ parser.mark.index += 2
+ parser.mark.column = 0
+ parser.mark.line++
+ parser.unread -= 2
+ parser.buffer_pos += 2
+ } else if is_break(parser.buffer, parser.buffer_pos) {
+ parser.mark.index++
+ parser.mark.column = 0
+ parser.mark.line++
+ parser.unread--
+ parser.buffer_pos += width(parser.buffer[parser.buffer_pos])
+ }
+}
+
+// Copy a character to a string buffer and advance pointers.
+func read(parser *yaml_parser_t, s []byte) []byte {
+ w := width(parser.buffer[parser.buffer_pos])
+ if w == 0 {
+ panic("invalid character sequence")
+ }
+ if len(s) == 0 {
+ s = make([]byte, 0, 32)
+ }
+ if w == 1 && len(s)+w <= cap(s) {
+ s = s[:len(s)+1]
+ s[len(s)-1] = parser.buffer[parser.buffer_pos]
+ parser.buffer_pos++
+ } else {
+ s = append(s, parser.buffer[parser.buffer_pos:parser.buffer_pos+w]...)
+ parser.buffer_pos += w
+ }
+ parser.mark.index++
+ parser.mark.column++
+ parser.unread--
+ return s
+}
+
+// Copy a line break character to a string buffer and advance pointers.
+func read_line(parser *yaml_parser_t, s []byte) []byte {
+ buf := parser.buffer
+ pos := parser.buffer_pos
+ switch {
+ case buf[pos] == '\r' && buf[pos+1] == '\n':
+ // CR LF . LF
+ s = append(s, '\n')
+ parser.buffer_pos += 2
+ parser.mark.index++
+ parser.unread--
+ case buf[pos] == '\r' || buf[pos] == '\n':
+ // CR|LF . LF
+ s = append(s, '\n')
+ parser.buffer_pos += 1
+ case buf[pos] == '\xC2' && buf[pos+1] == '\x85':
+ // NEL . LF
+ s = append(s, '\n')
+ parser.buffer_pos += 2
+ case buf[pos] == '\xE2' && buf[pos+1] == '\x80' && (buf[pos+2] == '\xA8' || buf[pos+2] == '\xA9'):
+ // LS|PS . LS|PS
+ s = append(s, buf[parser.buffer_pos:pos+3]...)
+ parser.buffer_pos += 3
+ default:
+ return s
+ }
+ parser.mark.index++
+ parser.mark.column = 0
+ parser.mark.line++
+ parser.unread--
+ return s
+}
+
+// Get the next token.
+func yaml_parser_scan(parser *yaml_parser_t, token *yaml_token_t) bool {
+ // Erase the token object.
+ *token = yaml_token_t{} // [Go] Is this necessary?
+
+ // No tokens after STREAM-END or error.
+ if parser.stream_end_produced || parser.error != yaml_NO_ERROR {
+ return true
+ }
+
+ // Ensure that the tokens queue contains enough tokens.
+ if !parser.token_available {
+ if !yaml_parser_fetch_more_tokens(parser) {
+ return false
+ }
+ }
+
+ // Fetch the next token from the queue.
+ *token = parser.tokens[parser.tokens_head]
+ parser.tokens_head++
+ parser.tokens_parsed++
+ parser.token_available = false
+
+ if token.typ == yaml_STREAM_END_TOKEN {
+ parser.stream_end_produced = true
+ }
+ return true
+}
+
+// Set the scanner error and return false.
+func yaml_parser_set_scanner_error(parser *yaml_parser_t, context string, context_mark yaml_mark_t, problem string) bool {
+ parser.error = yaml_SCANNER_ERROR
+ parser.context = context
+ parser.context_mark = context_mark
+ parser.problem = problem
+ parser.problem_mark = parser.mark
+ return false
+}
+
+func yaml_parser_set_scanner_tag_error(parser *yaml_parser_t, directive bool, context_mark yaml_mark_t, problem string) bool {
+ context := "while parsing a tag"
+ if directive {
+ context = "while parsing a %TAG directive"
+ }
+ return yaml_parser_set_scanner_error(parser, context, context_mark, problem)
+}
+
+func trace(args ...interface{}) func() {
+ pargs := append([]interface{}{"+++"}, args...)
+ fmt.Println(pargs...)
+ pargs = append([]interface{}{"---"}, args...)
+ return func() { fmt.Println(pargs...) }
+}
+
+// Ensure that the tokens queue contains at least one token which can be
+// returned to the Parser.
+func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool {
+ // While we need more tokens to fetch, do it.
+ for {
+ if parser.tokens_head != len(parser.tokens) {
+ // If queue is non-empty, check if any potential simple key may
+ // occupy the head position.
+ head_tok_idx, ok := parser.simple_keys_by_tok[parser.tokens_parsed]
+ if !ok {
+ break
+ } else if valid, ok := yaml_simple_key_is_valid(parser, &parser.simple_keys[head_tok_idx]); !ok {
+ return false
+ } else if !valid {
+ break
+ }
+ }
+ // Fetch the next token.
+ if !yaml_parser_fetch_next_token(parser) {
+ return false
+ }
+ }
+
+ parser.token_available = true
+ return true
+}
+
+// The dispatcher for token fetchers.
+func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool {
+ // Ensure that the buffer is initialized.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ // Check if we just started scanning. Fetch STREAM-START then.
+ if !parser.stream_start_produced {
+ return yaml_parser_fetch_stream_start(parser)
+ }
+
+ // Eat whitespaces and comments until we reach the next token.
+ if !yaml_parser_scan_to_next_token(parser) {
+ return false
+ }
+
+ // Check the indentation level against the current column.
+ if !yaml_parser_unroll_indent(parser, parser.mark.column) {
+ return false
+ }
+
+ // Ensure that the buffer contains at least 4 characters. 4 is the length
+ // of the longest indicators ('--- ' and '... ').
+ if parser.unread < 4 && !yaml_parser_update_buffer(parser, 4) {
+ return false
+ }
+
+ // Is it the end of the stream?
+ if is_z(parser.buffer, parser.buffer_pos) {
+ return yaml_parser_fetch_stream_end(parser)
+ }
+
+ // Is it a directive?
+ if parser.mark.column == 0 && parser.buffer[parser.buffer_pos] == '%' {
+ return yaml_parser_fetch_directive(parser)
+ }
+
+ buf := parser.buffer
+ pos := parser.buffer_pos
+
+ // Is it the document start indicator?
+ if parser.mark.column == 0 && buf[pos] == '-' && buf[pos+1] == '-' && buf[pos+2] == '-' && is_blankz(buf, pos+3) {
+ return yaml_parser_fetch_document_indicator(parser, yaml_DOCUMENT_START_TOKEN)
+ }
+
+ // Is it the document end indicator?
+ if parser.mark.column == 0 && buf[pos] == '.' && buf[pos+1] == '.' && buf[pos+2] == '.' && is_blankz(buf, pos+3) {
+ return yaml_parser_fetch_document_indicator(parser, yaml_DOCUMENT_END_TOKEN)
+ }
+
+ // Is it the flow sequence start indicator?
+ if buf[pos] == '[' {
+ return yaml_parser_fetch_flow_collection_start(parser, yaml_FLOW_SEQUENCE_START_TOKEN)
+ }
+
+ // Is it the flow mapping start indicator?
+ if parser.buffer[parser.buffer_pos] == '{' {
+ return yaml_parser_fetch_flow_collection_start(parser, yaml_FLOW_MAPPING_START_TOKEN)
+ }
+
+ // Is it the flow sequence end indicator?
+ if parser.buffer[parser.buffer_pos] == ']' {
+ return yaml_parser_fetch_flow_collection_end(parser,
+ yaml_FLOW_SEQUENCE_END_TOKEN)
+ }
+
+ // Is it the flow mapping end indicator?
+ if parser.buffer[parser.buffer_pos] == '}' {
+ return yaml_parser_fetch_flow_collection_end(parser,
+ yaml_FLOW_MAPPING_END_TOKEN)
+ }
+
+ // Is it the flow entry indicator?
+ if parser.buffer[parser.buffer_pos] == ',' {
+ return yaml_parser_fetch_flow_entry(parser)
+ }
+
+ // Is it the block entry indicator?
+ if parser.buffer[parser.buffer_pos] == '-' && is_blankz(parser.buffer, parser.buffer_pos+1) {
+ return yaml_parser_fetch_block_entry(parser)
+ }
+
+ // Is it the key indicator?
+ if parser.buffer[parser.buffer_pos] == '?' && (parser.flow_level > 0 || is_blankz(parser.buffer, parser.buffer_pos+1)) {
+ return yaml_parser_fetch_key(parser)
+ }
+
+ // Is it the value indicator?
+ if parser.buffer[parser.buffer_pos] == ':' && (parser.flow_level > 0 || is_blankz(parser.buffer, parser.buffer_pos+1)) {
+ return yaml_parser_fetch_value(parser)
+ }
+
+ // Is it an alias?
+ if parser.buffer[parser.buffer_pos] == '*' {
+ return yaml_parser_fetch_anchor(parser, yaml_ALIAS_TOKEN)
+ }
+
+ // Is it an anchor?
+ if parser.buffer[parser.buffer_pos] == '&' {
+ return yaml_parser_fetch_anchor(parser, yaml_ANCHOR_TOKEN)
+ }
+
+ // Is it a tag?
+ if parser.buffer[parser.buffer_pos] == '!' {
+ return yaml_parser_fetch_tag(parser)
+ }
+
+ // Is it a literal scalar?
+ if parser.buffer[parser.buffer_pos] == '|' && parser.flow_level == 0 {
+ return yaml_parser_fetch_block_scalar(parser, true)
+ }
+
+ // Is it a folded scalar?
+ if parser.buffer[parser.buffer_pos] == '>' && parser.flow_level == 0 {
+ return yaml_parser_fetch_block_scalar(parser, false)
+ }
+
+ // Is it a single-quoted scalar?
+ if parser.buffer[parser.buffer_pos] == '\'' {
+ return yaml_parser_fetch_flow_scalar(parser, true)
+ }
+
+ // Is it a double-quoted scalar?
+ if parser.buffer[parser.buffer_pos] == '"' {
+ return yaml_parser_fetch_flow_scalar(parser, false)
+ }
+
+ // Is it a plain scalar?
+ //
+ // A plain scalar may start with any non-blank characters except
+ //
+ // '-', '?', ':', ',', '[', ']', '{', '}',
+ // '#', '&', '*', '!', '|', '>', '\'', '\"',
+ // '%', '@', '`'.
+ //
+ // In the block context (and, for the '-' indicator, in the flow context
+ // too), it may also start with the characters
+ //
+ // '-', '?', ':'
+ //
+ // if it is followed by a non-space character.
+ //
+ // The last rule is more restrictive than the specification requires.
+ // [Go] Make this logic more reasonable.
+ //switch parser.buffer[parser.buffer_pos] {
+ //case '-', '?', ':', ',', '?', '-', ',', ':', ']', '[', '}', '{', '&', '#', '!', '*', '>', '|', '"', '\'', '@', '%', '-', '`':
+ //}
+ if !(is_blankz(parser.buffer, parser.buffer_pos) || parser.buffer[parser.buffer_pos] == '-' ||
+ parser.buffer[parser.buffer_pos] == '?' || parser.buffer[parser.buffer_pos] == ':' ||
+ parser.buffer[parser.buffer_pos] == ',' || parser.buffer[parser.buffer_pos] == '[' ||
+ parser.buffer[parser.buffer_pos] == ']' || parser.buffer[parser.buffer_pos] == '{' ||
+ parser.buffer[parser.buffer_pos] == '}' || parser.buffer[parser.buffer_pos] == '#' ||
+ parser.buffer[parser.buffer_pos] == '&' || parser.buffer[parser.buffer_pos] == '*' ||
+ parser.buffer[parser.buffer_pos] == '!' || parser.buffer[parser.buffer_pos] == '|' ||
+ parser.buffer[parser.buffer_pos] == '>' || parser.buffer[parser.buffer_pos] == '\'' ||
+ parser.buffer[parser.buffer_pos] == '"' || parser.buffer[parser.buffer_pos] == '%' ||
+ parser.buffer[parser.buffer_pos] == '@' || parser.buffer[parser.buffer_pos] == '`') ||
+ (parser.buffer[parser.buffer_pos] == '-' && !is_blank(parser.buffer, parser.buffer_pos+1)) ||
+ (parser.flow_level == 0 &&
+ (parser.buffer[parser.buffer_pos] == '?' || parser.buffer[parser.buffer_pos] == ':') &&
+ !is_blankz(parser.buffer, parser.buffer_pos+1)) {
+ return yaml_parser_fetch_plain_scalar(parser)
+ }
+
+ // If we don't determine the token type so far, it is an error.
+ return yaml_parser_set_scanner_error(parser,
+ "while scanning for the next token", parser.mark,
+ "found character that cannot start any token")
+}
+
+func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) {
+ if !simple_key.possible {
+ return false, true
+ }
+
+ // The 1.2 specification says:
+ //
+ // "If the ? indicator is omitted, parsing needs to see past the
+ // implicit key to recognize it as such. To limit the amount of
+ // lookahead required, the “:” indicator must appear at most 1024
+ // Unicode characters beyond the start of the key. In addition, the key
+ // is restricted to a single line."
+ //
+ if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index {
+ // Check if the potential simple key to be removed is required.
+ if simple_key.required {
+ return false, yaml_parser_set_scanner_error(parser,
+ "while scanning a simple key", simple_key.mark,
+ "could not find expected ':'")
+ }
+ simple_key.possible = false
+ return false, true
+ }
+ return true, true
+}
+
+// Check if a simple key may start at the current position and add it if
+// needed.
+func yaml_parser_save_simple_key(parser *yaml_parser_t) bool {
+ // A simple key is required at the current position if the scanner is in
+ // the block context and the current column coincides with the indentation
+ // level.
+
+ required := parser.flow_level == 0 && parser.indent == parser.mark.column
+
+ //
+ // If the current position may start a simple key, save it.
+ //
+ if parser.simple_key_allowed {
+ simple_key := yaml_simple_key_t{
+ possible: true,
+ required: required,
+ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head),
+ mark: parser.mark,
+ }
+
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+ parser.simple_keys[len(parser.simple_keys)-1] = simple_key
+ parser.simple_keys_by_tok[simple_key.token_number] = len(parser.simple_keys) - 1
+ }
+ return true
+}
+
+// Remove a potential simple key at the current flow level.
+func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool {
+ i := len(parser.simple_keys) - 1
+ if parser.simple_keys[i].possible {
+ // If the key is required, it is an error.
+ if parser.simple_keys[i].required {
+ return yaml_parser_set_scanner_error(parser,
+ "while scanning a simple key", parser.simple_keys[i].mark,
+ "could not find expected ':'")
+ }
+ // Remove the key from the stack.
+ parser.simple_keys[i].possible = false
+ delete(parser.simple_keys_by_tok, parser.simple_keys[i].token_number)
+ }
+ return true
+}
+
+// max_flow_level limits the flow_level
+const max_flow_level = 10000
+
+// Increase the flow level and resize the simple key list if needed.
+func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool {
+ // Reset the simple key on the next level.
+ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{
+ possible: false,
+ required: false,
+ token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head),
+ mark: parser.mark,
+ })
+
+ // Increase the flow level.
+ parser.flow_level++
+ if parser.flow_level > max_flow_level {
+ return yaml_parser_set_scanner_error(parser,
+ "while increasing flow level", parser.simple_keys[len(parser.simple_keys)-1].mark,
+ fmt.Sprintf("exceeded max depth of %d", max_flow_level))
+ }
+ return true
+}
+
+// Decrease the flow level.
+func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool {
+ if parser.flow_level > 0 {
+ parser.flow_level--
+ last := len(parser.simple_keys) - 1
+ delete(parser.simple_keys_by_tok, parser.simple_keys[last].token_number)
+ parser.simple_keys = parser.simple_keys[:last]
+ }
+ return true
+}
+
+// max_indents limits the indents stack size
+const max_indents = 10000
+
+// Push the current indentation level to the stack and set the new level
+// the current column is greater than the indentation level. In this case,
+// append or insert the specified token into the token queue.
+func yaml_parser_roll_indent(parser *yaml_parser_t, column, number int, typ yaml_token_type_t, mark yaml_mark_t) bool {
+ // In the flow context, do nothing.
+ if parser.flow_level > 0 {
+ return true
+ }
+
+ if parser.indent < column {
+ // Push the current indentation level to the stack and set the new
+ // indentation level.
+ parser.indents = append(parser.indents, parser.indent)
+ parser.indent = column
+ if len(parser.indents) > max_indents {
+ return yaml_parser_set_scanner_error(parser,
+ "while increasing indent level", parser.simple_keys[len(parser.simple_keys)-1].mark,
+ fmt.Sprintf("exceeded max depth of %d", max_indents))
+ }
+
+ // Create a token and insert it into the queue.
+ token := yaml_token_t{
+ typ: typ,
+ start_mark: mark,
+ end_mark: mark,
+ }
+ if number > -1 {
+ number -= parser.tokens_parsed
+ }
+ yaml_insert_token(parser, number, &token)
+ }
+ return true
+}
+
+// Pop indentation levels from the indents stack until the current level
+// becomes less or equal to the column. For each indentation level, append
+// the BLOCK-END token.
+func yaml_parser_unroll_indent(parser *yaml_parser_t, column int) bool {
+ // In the flow context, do nothing.
+ if parser.flow_level > 0 {
+ return true
+ }
+
+ // Loop through the indentation levels in the stack.
+ for parser.indent > column {
+ // Create a token and append it to the queue.
+ token := yaml_token_t{
+ typ: yaml_BLOCK_END_TOKEN,
+ start_mark: parser.mark,
+ end_mark: parser.mark,
+ }
+ yaml_insert_token(parser, -1, &token)
+
+ // Pop the indentation level.
+ parser.indent = parser.indents[len(parser.indents)-1]
+ parser.indents = parser.indents[:len(parser.indents)-1]
+ }
+ return true
+}
+
+// Initialize the scanner and produce the STREAM-START token.
+func yaml_parser_fetch_stream_start(parser *yaml_parser_t) bool {
+
+ // Set the initial indentation.
+ parser.indent = -1
+
+ // Initialize the simple key stack.
+ parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{})
+
+ parser.simple_keys_by_tok = make(map[int]int)
+
+ // A simple key is allowed at the beginning of the stream.
+ parser.simple_key_allowed = true
+
+ // We have started.
+ parser.stream_start_produced = true
+
+ // Create the STREAM-START token and append it to the queue.
+ token := yaml_token_t{
+ typ: yaml_STREAM_START_TOKEN,
+ start_mark: parser.mark,
+ end_mark: parser.mark,
+ encoding: parser.encoding,
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the STREAM-END token and shut down the scanner.
+func yaml_parser_fetch_stream_end(parser *yaml_parser_t) bool {
+
+ // Force new line.
+ if parser.mark.column != 0 {
+ parser.mark.column = 0
+ parser.mark.line++
+ }
+
+ // Reset the indentation level.
+ if !yaml_parser_unroll_indent(parser, -1) {
+ return false
+ }
+
+ // Reset simple keys.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ parser.simple_key_allowed = false
+
+ // Create the STREAM-END token and append it to the queue.
+ token := yaml_token_t{
+ typ: yaml_STREAM_END_TOKEN,
+ start_mark: parser.mark,
+ end_mark: parser.mark,
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce a VERSION-DIRECTIVE or TAG-DIRECTIVE token.
+func yaml_parser_fetch_directive(parser *yaml_parser_t) bool {
+ // Reset the indentation level.
+ if !yaml_parser_unroll_indent(parser, -1) {
+ return false
+ }
+
+ // Reset simple keys.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ parser.simple_key_allowed = false
+
+ // Create the YAML-DIRECTIVE or TAG-DIRECTIVE token.
+ token := yaml_token_t{}
+ if !yaml_parser_scan_directive(parser, &token) {
+ return false
+ }
+ // Append the token to the queue.
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the DOCUMENT-START or DOCUMENT-END token.
+func yaml_parser_fetch_document_indicator(parser *yaml_parser_t, typ yaml_token_type_t) bool {
+ // Reset the indentation level.
+ if !yaml_parser_unroll_indent(parser, -1) {
+ return false
+ }
+
+ // Reset simple keys.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ parser.simple_key_allowed = false
+
+ // Consume the token.
+ start_mark := parser.mark
+
+ skip(parser)
+ skip(parser)
+ skip(parser)
+
+ end_mark := parser.mark
+
+ // Create the DOCUMENT-START or DOCUMENT-END token.
+ token := yaml_token_t{
+ typ: typ,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ }
+ // Append the token to the queue.
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the FLOW-SEQUENCE-START or FLOW-MAPPING-START token.
+func yaml_parser_fetch_flow_collection_start(parser *yaml_parser_t, typ yaml_token_type_t) bool {
+ // The indicators '[' and '{' may start a simple key.
+ if !yaml_parser_save_simple_key(parser) {
+ return false
+ }
+
+ // Increase the flow level.
+ if !yaml_parser_increase_flow_level(parser) {
+ return false
+ }
+
+ // A simple key may follow the indicators '[' and '{'.
+ parser.simple_key_allowed = true
+
+ // Consume the token.
+ start_mark := parser.mark
+ skip(parser)
+ end_mark := parser.mark
+
+ // Create the FLOW-SEQUENCE-START of FLOW-MAPPING-START token.
+ token := yaml_token_t{
+ typ: typ,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ }
+ // Append the token to the queue.
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the FLOW-SEQUENCE-END or FLOW-MAPPING-END token.
+func yaml_parser_fetch_flow_collection_end(parser *yaml_parser_t, typ yaml_token_type_t) bool {
+ // Reset any potential simple key on the current flow level.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ // Decrease the flow level.
+ if !yaml_parser_decrease_flow_level(parser) {
+ return false
+ }
+
+ // No simple keys after the indicators ']' and '}'.
+ parser.simple_key_allowed = false
+
+ // Consume the token.
+
+ start_mark := parser.mark
+ skip(parser)
+ end_mark := parser.mark
+
+ // Create the FLOW-SEQUENCE-END of FLOW-MAPPING-END token.
+ token := yaml_token_t{
+ typ: typ,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ }
+ // Append the token to the queue.
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the FLOW-ENTRY token.
+func yaml_parser_fetch_flow_entry(parser *yaml_parser_t) bool {
+ // Reset any potential simple keys on the current flow level.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ // Simple keys are allowed after ','.
+ parser.simple_key_allowed = true
+
+ // Consume the token.
+ start_mark := parser.mark
+ skip(parser)
+ end_mark := parser.mark
+
+ // Create the FLOW-ENTRY token and append it to the queue.
+ token := yaml_token_t{
+ typ: yaml_FLOW_ENTRY_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the BLOCK-ENTRY token.
+func yaml_parser_fetch_block_entry(parser *yaml_parser_t) bool {
+ // Check if the scanner is in the block context.
+ if parser.flow_level == 0 {
+ // Check if we are allowed to start a new entry.
+ if !parser.simple_key_allowed {
+ return yaml_parser_set_scanner_error(parser, "", parser.mark,
+ "block sequence entries are not allowed in this context")
+ }
+ // Add the BLOCK-SEQUENCE-START token if needed.
+ if !yaml_parser_roll_indent(parser, parser.mark.column, -1, yaml_BLOCK_SEQUENCE_START_TOKEN, parser.mark) {
+ return false
+ }
+ } else {
+ // It is an error for the '-' indicator to occur in the flow context,
+ // but we let the Parser detect and report about it because the Parser
+ // is able to point to the context.
+ }
+
+ // Reset any potential simple keys on the current flow level.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ // Simple keys are allowed after '-'.
+ parser.simple_key_allowed = true
+
+ // Consume the token.
+ start_mark := parser.mark
+ skip(parser)
+ end_mark := parser.mark
+
+ // Create the BLOCK-ENTRY token and append it to the queue.
+ token := yaml_token_t{
+ typ: yaml_BLOCK_ENTRY_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the KEY token.
+func yaml_parser_fetch_key(parser *yaml_parser_t) bool {
+
+ // In the block context, additional checks are required.
+ if parser.flow_level == 0 {
+ // Check if we are allowed to start a new key (not nessesary simple).
+ if !parser.simple_key_allowed {
+ return yaml_parser_set_scanner_error(parser, "", parser.mark,
+ "mapping keys are not allowed in this context")
+ }
+ // Add the BLOCK-MAPPING-START token if needed.
+ if !yaml_parser_roll_indent(parser, parser.mark.column, -1, yaml_BLOCK_MAPPING_START_TOKEN, parser.mark) {
+ return false
+ }
+ }
+
+ // Reset any potential simple keys on the current flow level.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ // Simple keys are allowed after '?' in the block context.
+ parser.simple_key_allowed = parser.flow_level == 0
+
+ // Consume the token.
+ start_mark := parser.mark
+ skip(parser)
+ end_mark := parser.mark
+
+ // Create the KEY token and append it to the queue.
+ token := yaml_token_t{
+ typ: yaml_KEY_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the VALUE token.
+func yaml_parser_fetch_value(parser *yaml_parser_t) bool {
+
+ simple_key := &parser.simple_keys[len(parser.simple_keys)-1]
+
+ // Have we found a simple key?
+ if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok {
+ return false
+
+ } else if valid {
+
+ // Create the KEY token and insert it into the queue.
+ token := yaml_token_t{
+ typ: yaml_KEY_TOKEN,
+ start_mark: simple_key.mark,
+ end_mark: simple_key.mark,
+ }
+ yaml_insert_token(parser, simple_key.token_number-parser.tokens_parsed, &token)
+
+ // In the block context, we may need to add the BLOCK-MAPPING-START token.
+ if !yaml_parser_roll_indent(parser, simple_key.mark.column,
+ simple_key.token_number,
+ yaml_BLOCK_MAPPING_START_TOKEN, simple_key.mark) {
+ return false
+ }
+
+ // Remove the simple key.
+ simple_key.possible = false
+ delete(parser.simple_keys_by_tok, simple_key.token_number)
+
+ // A simple key cannot follow another simple key.
+ parser.simple_key_allowed = false
+
+ } else {
+ // The ':' indicator follows a complex key.
+
+ // In the block context, extra checks are required.
+ if parser.flow_level == 0 {
+
+ // Check if we are allowed to start a complex value.
+ if !parser.simple_key_allowed {
+ return yaml_parser_set_scanner_error(parser, "", parser.mark,
+ "mapping values are not allowed in this context")
+ }
+
+ // Add the BLOCK-MAPPING-START token if needed.
+ if !yaml_parser_roll_indent(parser, parser.mark.column, -1, yaml_BLOCK_MAPPING_START_TOKEN, parser.mark) {
+ return false
+ }
+ }
+
+ // Simple keys after ':' are allowed in the block context.
+ parser.simple_key_allowed = parser.flow_level == 0
+ }
+
+ // Consume the token.
+ start_mark := parser.mark
+ skip(parser)
+ end_mark := parser.mark
+
+ // Create the VALUE token and append it to the queue.
+ token := yaml_token_t{
+ typ: yaml_VALUE_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the ALIAS or ANCHOR token.
+func yaml_parser_fetch_anchor(parser *yaml_parser_t, typ yaml_token_type_t) bool {
+ // An anchor or an alias could be a simple key.
+ if !yaml_parser_save_simple_key(parser) {
+ return false
+ }
+
+ // A simple key cannot follow an anchor or an alias.
+ parser.simple_key_allowed = false
+
+ // Create the ALIAS or ANCHOR token and append it to the queue.
+ var token yaml_token_t
+ if !yaml_parser_scan_anchor(parser, &token, typ) {
+ return false
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the TAG token.
+func yaml_parser_fetch_tag(parser *yaml_parser_t) bool {
+ // A tag could be a simple key.
+ if !yaml_parser_save_simple_key(parser) {
+ return false
+ }
+
+ // A simple key cannot follow a tag.
+ parser.simple_key_allowed = false
+
+ // Create the TAG token and append it to the queue.
+ var token yaml_token_t
+ if !yaml_parser_scan_tag(parser, &token) {
+ return false
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the SCALAR(...,literal) or SCALAR(...,folded) tokens.
+func yaml_parser_fetch_block_scalar(parser *yaml_parser_t, literal bool) bool {
+ // Remove any potential simple keys.
+ if !yaml_parser_remove_simple_key(parser) {
+ return false
+ }
+
+ // A simple key may follow a block scalar.
+ parser.simple_key_allowed = true
+
+ // Create the SCALAR token and append it to the queue.
+ var token yaml_token_t
+ if !yaml_parser_scan_block_scalar(parser, &token, literal) {
+ return false
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the SCALAR(...,single-quoted) or SCALAR(...,double-quoted) tokens.
+func yaml_parser_fetch_flow_scalar(parser *yaml_parser_t, single bool) bool {
+ // A plain scalar could be a simple key.
+ if !yaml_parser_save_simple_key(parser) {
+ return false
+ }
+
+ // A simple key cannot follow a flow scalar.
+ parser.simple_key_allowed = false
+
+ // Create the SCALAR token and append it to the queue.
+ var token yaml_token_t
+ if !yaml_parser_scan_flow_scalar(parser, &token, single) {
+ return false
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Produce the SCALAR(...,plain) token.
+func yaml_parser_fetch_plain_scalar(parser *yaml_parser_t) bool {
+ // A plain scalar could be a simple key.
+ if !yaml_parser_save_simple_key(parser) {
+ return false
+ }
+
+ // A simple key cannot follow a flow scalar.
+ parser.simple_key_allowed = false
+
+ // Create the SCALAR token and append it to the queue.
+ var token yaml_token_t
+ if !yaml_parser_scan_plain_scalar(parser, &token) {
+ return false
+ }
+ yaml_insert_token(parser, -1, &token)
+ return true
+}
+
+// Eat whitespaces and comments until the next token is found.
+func yaml_parser_scan_to_next_token(parser *yaml_parser_t) bool {
+
+ // Until the next token is not found.
+ for {
+ // Allow the BOM mark to start a line.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ if parser.mark.column == 0 && is_bom(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ }
+
+ // Eat whitespaces.
+ // Tabs are allowed:
+ // - in the flow context
+ // - in the block context, but not at the beginning of the line or
+ // after '-', '?', or ':' (complex value).
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ for parser.buffer[parser.buffer_pos] == ' ' || ((parser.flow_level > 0 || !parser.simple_key_allowed) && parser.buffer[parser.buffer_pos] == '\t') {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Eat a comment until a line break.
+ if parser.buffer[parser.buffer_pos] == '#' {
+ for !is_breakz(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+ }
+
+ // If it is a line break, eat it.
+ if is_break(parser.buffer, parser.buffer_pos) {
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+ skip_line(parser)
+
+ // In the block context, a new line may start a simple key.
+ if parser.flow_level == 0 {
+ parser.simple_key_allowed = true
+ }
+ } else {
+ break // We have found a token.
+ }
+ }
+
+ return true
+}
+
+// Scan a YAML-DIRECTIVE or TAG-DIRECTIVE token.
+//
+// Scope:
+// %YAML 1.1 # a comment \n
+// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+// %TAG !yaml! tag:yaml.org,2002: \n
+// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+//
+func yaml_parser_scan_directive(parser *yaml_parser_t, token *yaml_token_t) bool {
+ // Eat '%'.
+ start_mark := parser.mark
+ skip(parser)
+
+ // Scan the directive name.
+ var name []byte
+ if !yaml_parser_scan_directive_name(parser, start_mark, &name) {
+ return false
+ }
+
+ // Is it a YAML directive?
+ if bytes.Equal(name, []byte("YAML")) {
+ // Scan the VERSION directive value.
+ var major, minor int8
+ if !yaml_parser_scan_version_directive_value(parser, start_mark, &major, &minor) {
+ return false
+ }
+ end_mark := parser.mark
+
+ // Create a VERSION-DIRECTIVE token.
+ *token = yaml_token_t{
+ typ: yaml_VERSION_DIRECTIVE_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ major: major,
+ minor: minor,
+ }
+
+ // Is it a TAG directive?
+ } else if bytes.Equal(name, []byte("TAG")) {
+ // Scan the TAG directive value.
+ var handle, prefix []byte
+ if !yaml_parser_scan_tag_directive_value(parser, start_mark, &handle, &prefix) {
+ return false
+ }
+ end_mark := parser.mark
+
+ // Create a TAG-DIRECTIVE token.
+ *token = yaml_token_t{
+ typ: yaml_TAG_DIRECTIVE_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ value: handle,
+ prefix: prefix,
+ }
+
+ // Unknown directive.
+ } else {
+ yaml_parser_set_scanner_error(parser, "while scanning a directive",
+ start_mark, "found unknown directive name")
+ return false
+ }
+
+ // Eat the rest of the line including any comments.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ for is_blank(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ if parser.buffer[parser.buffer_pos] == '#' {
+ for !is_breakz(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+ }
+
+ // Check if we are at the end of the line.
+ if !is_breakz(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a directive",
+ start_mark, "did not find expected comment or line break")
+ return false
+ }
+
+ // Eat a line break.
+ if is_break(parser.buffer, parser.buffer_pos) {
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+ skip_line(parser)
+ }
+
+ return true
+}
+
+// Scan the directive name.
+//
+// Scope:
+// %YAML 1.1 # a comment \n
+// ^^^^
+// %TAG !yaml! tag:yaml.org,2002: \n
+// ^^^
+//
+func yaml_parser_scan_directive_name(parser *yaml_parser_t, start_mark yaml_mark_t, name *[]byte) bool {
+ // Consume the directive name.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ var s []byte
+ for is_alpha(parser.buffer, parser.buffer_pos) {
+ s = read(parser, s)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Check if the name is empty.
+ if len(s) == 0 {
+ yaml_parser_set_scanner_error(parser, "while scanning a directive",
+ start_mark, "could not find expected directive name")
+ return false
+ }
+
+ // Check for an blank character after the name.
+ if !is_blankz(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a directive",
+ start_mark, "found unexpected non-alphabetical character")
+ return false
+ }
+ *name = s
+ return true
+}
+
+// Scan the value of VERSION-DIRECTIVE.
+//
+// Scope:
+// %YAML 1.1 # a comment \n
+// ^^^^^^
+func yaml_parser_scan_version_directive_value(parser *yaml_parser_t, start_mark yaml_mark_t, major, minor *int8) bool {
+ // Eat whitespaces.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ for is_blank(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Consume the major version number.
+ if !yaml_parser_scan_version_directive_number(parser, start_mark, major) {
+ return false
+ }
+
+ // Eat '.'.
+ if parser.buffer[parser.buffer_pos] != '.' {
+ return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive",
+ start_mark, "did not find expected digit or '.' character")
+ }
+
+ skip(parser)
+
+ // Consume the minor version number.
+ if !yaml_parser_scan_version_directive_number(parser, start_mark, minor) {
+ return false
+ }
+ return true
+}
+
+const max_number_length = 2
+
+// Scan the version number of VERSION-DIRECTIVE.
+//
+// Scope:
+// %YAML 1.1 # a comment \n
+// ^
+// %YAML 1.1 # a comment \n
+// ^
+func yaml_parser_scan_version_directive_number(parser *yaml_parser_t, start_mark yaml_mark_t, number *int8) bool {
+
+ // Repeat while the next character is digit.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ var value, length int8
+ for is_digit(parser.buffer, parser.buffer_pos) {
+ // Check if the number is too long.
+ length++
+ if length > max_number_length {
+ return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive",
+ start_mark, "found extremely long version number")
+ }
+ value = value*10 + int8(as_digit(parser.buffer, parser.buffer_pos))
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Check if the number was present.
+ if length == 0 {
+ return yaml_parser_set_scanner_error(parser, "while scanning a %YAML directive",
+ start_mark, "did not find expected version number")
+ }
+ *number = value
+ return true
+}
+
+// Scan the value of a TAG-DIRECTIVE token.
+//
+// Scope:
+// %TAG !yaml! tag:yaml.org,2002: \n
+// ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+//
+func yaml_parser_scan_tag_directive_value(parser *yaml_parser_t, start_mark yaml_mark_t, handle, prefix *[]byte) bool {
+ var handle_value, prefix_value []byte
+
+ // Eat whitespaces.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ for is_blank(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Scan a handle.
+ if !yaml_parser_scan_tag_handle(parser, true, start_mark, &handle_value) {
+ return false
+ }
+
+ // Expect a whitespace.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ if !is_blank(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a %TAG directive",
+ start_mark, "did not find expected whitespace")
+ return false
+ }
+
+ // Eat whitespaces.
+ for is_blank(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Scan a prefix.
+ if !yaml_parser_scan_tag_uri(parser, true, nil, start_mark, &prefix_value) {
+ return false
+ }
+
+ // Expect a whitespace or line break.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ if !is_blankz(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a %TAG directive",
+ start_mark, "did not find expected whitespace or line break")
+ return false
+ }
+
+ *handle = handle_value
+ *prefix = prefix_value
+ return true
+}
+
+func yaml_parser_scan_anchor(parser *yaml_parser_t, token *yaml_token_t, typ yaml_token_type_t) bool {
+ var s []byte
+
+ // Eat the indicator character.
+ start_mark := parser.mark
+ skip(parser)
+
+ // Consume the value.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ for is_alpha(parser.buffer, parser.buffer_pos) {
+ s = read(parser, s)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ end_mark := parser.mark
+
+ /*
+ * Check if length of the anchor is greater than 0 and it is followed by
+ * a whitespace character or one of the indicators:
+ *
+ * '?', ':', ',', ']', '}', '%', '@', '`'.
+ */
+
+ if len(s) == 0 ||
+ !(is_blankz(parser.buffer, parser.buffer_pos) || parser.buffer[parser.buffer_pos] == '?' ||
+ parser.buffer[parser.buffer_pos] == ':' || parser.buffer[parser.buffer_pos] == ',' ||
+ parser.buffer[parser.buffer_pos] == ']' || parser.buffer[parser.buffer_pos] == '}' ||
+ parser.buffer[parser.buffer_pos] == '%' || parser.buffer[parser.buffer_pos] == '@' ||
+ parser.buffer[parser.buffer_pos] == '`') {
+ context := "while scanning an alias"
+ if typ == yaml_ANCHOR_TOKEN {
+ context = "while scanning an anchor"
+ }
+ yaml_parser_set_scanner_error(parser, context, start_mark,
+ "did not find expected alphabetic or numeric character")
+ return false
+ }
+
+ // Create a token.
+ *token = yaml_token_t{
+ typ: typ,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ value: s,
+ }
+
+ return true
+}
+
+/*
+ * Scan a TAG token.
+ */
+
+func yaml_parser_scan_tag(parser *yaml_parser_t, token *yaml_token_t) bool {
+ var handle, suffix []byte
+
+ start_mark := parser.mark
+
+ // Check if the tag is in the canonical form.
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+
+ if parser.buffer[parser.buffer_pos+1] == '<' {
+ // Keep the handle as ''
+
+ // Eat '!<'
+ skip(parser)
+ skip(parser)
+
+ // Consume the tag value.
+ if !yaml_parser_scan_tag_uri(parser, false, nil, start_mark, &suffix) {
+ return false
+ }
+
+ // Check for '>' and eat it.
+ if parser.buffer[parser.buffer_pos] != '>' {
+ yaml_parser_set_scanner_error(parser, "while scanning a tag",
+ start_mark, "did not find the expected '>'")
+ return false
+ }
+
+ skip(parser)
+ } else {
+ // The tag has either the '!suffix' or the '!handle!suffix' form.
+
+ // First, try to scan a handle.
+ if !yaml_parser_scan_tag_handle(parser, false, start_mark, &handle) {
+ return false
+ }
+
+ // Check if it is, indeed, handle.
+ if handle[0] == '!' && len(handle) > 1 && handle[len(handle)-1] == '!' {
+ // Scan the suffix now.
+ if !yaml_parser_scan_tag_uri(parser, false, nil, start_mark, &suffix) {
+ return false
+ }
+ } else {
+ // It wasn't a handle after all. Scan the rest of the tag.
+ if !yaml_parser_scan_tag_uri(parser, false, handle, start_mark, &suffix) {
+ return false
+ }
+
+ // Set the handle to '!'.
+ handle = []byte{'!'}
+
+ // A special case: the '!' tag. Set the handle to '' and the
+ // suffix to '!'.
+ if len(suffix) == 0 {
+ handle, suffix = suffix, handle
+ }
+ }
+ }
+
+ // Check the character which ends the tag.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ if !is_blankz(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a tag",
+ start_mark, "did not find expected whitespace or line break")
+ return false
+ }
+
+ end_mark := parser.mark
+
+ // Create a token.
+ *token = yaml_token_t{
+ typ: yaml_TAG_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ value: handle,
+ suffix: suffix,
+ }
+ return true
+}
+
+// Scan a tag handle.
+func yaml_parser_scan_tag_handle(parser *yaml_parser_t, directive bool, start_mark yaml_mark_t, handle *[]byte) bool {
+ // Check the initial '!' character.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ if parser.buffer[parser.buffer_pos] != '!' {
+ yaml_parser_set_scanner_tag_error(parser, directive,
+ start_mark, "did not find expected '!'")
+ return false
+ }
+
+ var s []byte
+
+ // Copy the '!' character.
+ s = read(parser, s)
+
+ // Copy all subsequent alphabetical and numerical characters.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ for is_alpha(parser.buffer, parser.buffer_pos) {
+ s = read(parser, s)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Check if the trailing character is '!' and copy it.
+ if parser.buffer[parser.buffer_pos] == '!' {
+ s = read(parser, s)
+ } else {
+ // It's either the '!' tag or not really a tag handle. If it's a %TAG
+ // directive, it's an error. If it's a tag token, it must be a part of URI.
+ if directive && string(s) != "!" {
+ yaml_parser_set_scanner_tag_error(parser, directive,
+ start_mark, "did not find expected '!'")
+ return false
+ }
+ }
+
+ *handle = s
+ return true
+}
+
+// Scan a tag.
+func yaml_parser_scan_tag_uri(parser *yaml_parser_t, directive bool, head []byte, start_mark yaml_mark_t, uri *[]byte) bool {
+ //size_t length = head ? strlen((char *)head) : 0
+ var s []byte
+ hasTag := len(head) > 0
+
+ // Copy the head if needed.
+ //
+ // Note that we don't copy the leading '!' character.
+ if len(head) > 1 {
+ s = append(s, head[1:]...)
+ }
+
+ // Scan the tag.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ // The set of characters that may appear in URI is as follows:
+ //
+ // '0'-'9', 'A'-'Z', 'a'-'z', '_', '-', ';', '/', '?', ':', '@', '&',
+ // '=', '+', '$', ',', '.', '!', '~', '*', '\'', '(', ')', '[', ']',
+ // '%'.
+ // [Go] Convert this into more reasonable logic.
+ for is_alpha(parser.buffer, parser.buffer_pos) || parser.buffer[parser.buffer_pos] == ';' ||
+ parser.buffer[parser.buffer_pos] == '/' || parser.buffer[parser.buffer_pos] == '?' ||
+ parser.buffer[parser.buffer_pos] == ':' || parser.buffer[parser.buffer_pos] == '@' ||
+ parser.buffer[parser.buffer_pos] == '&' || parser.buffer[parser.buffer_pos] == '=' ||
+ parser.buffer[parser.buffer_pos] == '+' || parser.buffer[parser.buffer_pos] == '$' ||
+ parser.buffer[parser.buffer_pos] == ',' || parser.buffer[parser.buffer_pos] == '.' ||
+ parser.buffer[parser.buffer_pos] == '!' || parser.buffer[parser.buffer_pos] == '~' ||
+ parser.buffer[parser.buffer_pos] == '*' || parser.buffer[parser.buffer_pos] == '\'' ||
+ parser.buffer[parser.buffer_pos] == '(' || parser.buffer[parser.buffer_pos] == ')' ||
+ parser.buffer[parser.buffer_pos] == '[' || parser.buffer[parser.buffer_pos] == ']' ||
+ parser.buffer[parser.buffer_pos] == '%' {
+ // Check if it is a URI-escape sequence.
+ if parser.buffer[parser.buffer_pos] == '%' {
+ if !yaml_parser_scan_uri_escapes(parser, directive, start_mark, &s) {
+ return false
+ }
+ } else {
+ s = read(parser, s)
+ }
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ hasTag = true
+ }
+
+ if !hasTag {
+ yaml_parser_set_scanner_tag_error(parser, directive,
+ start_mark, "did not find expected tag URI")
+ return false
+ }
+ *uri = s
+ return true
+}
+
+// Decode an URI-escape sequence corresponding to a single UTF-8 character.
+func yaml_parser_scan_uri_escapes(parser *yaml_parser_t, directive bool, start_mark yaml_mark_t, s *[]byte) bool {
+
+ // Decode the required number of characters.
+ w := 1024
+ for w > 0 {
+ // Check for a URI-escaped octet.
+ if parser.unread < 3 && !yaml_parser_update_buffer(parser, 3) {
+ return false
+ }
+
+ if !(parser.buffer[parser.buffer_pos] == '%' &&
+ is_hex(parser.buffer, parser.buffer_pos+1) &&
+ is_hex(parser.buffer, parser.buffer_pos+2)) {
+ return yaml_parser_set_scanner_tag_error(parser, directive,
+ start_mark, "did not find URI escaped octet")
+ }
+
+ // Get the octet.
+ octet := byte((as_hex(parser.buffer, parser.buffer_pos+1) << 4) + as_hex(parser.buffer, parser.buffer_pos+2))
+
+ // If it is the leading octet, determine the length of the UTF-8 sequence.
+ if w == 1024 {
+ w = width(octet)
+ if w == 0 {
+ return yaml_parser_set_scanner_tag_error(parser, directive,
+ start_mark, "found an incorrect leading UTF-8 octet")
+ }
+ } else {
+ // Check if the trailing octet is correct.
+ if octet&0xC0 != 0x80 {
+ return yaml_parser_set_scanner_tag_error(parser, directive,
+ start_mark, "found an incorrect trailing UTF-8 octet")
+ }
+ }
+
+ // Copy the octet and move the pointers.
+ *s = append(*s, octet)
+ skip(parser)
+ skip(parser)
+ skip(parser)
+ w--
+ }
+ return true
+}
+
+// Scan a block scalar.
+func yaml_parser_scan_block_scalar(parser *yaml_parser_t, token *yaml_token_t, literal bool) bool {
+ // Eat the indicator '|' or '>'.
+ start_mark := parser.mark
+ skip(parser)
+
+ // Scan the additional block scalar indicators.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ // Check for a chomping indicator.
+ var chomping, increment int
+ if parser.buffer[parser.buffer_pos] == '+' || parser.buffer[parser.buffer_pos] == '-' {
+ // Set the chomping method and eat the indicator.
+ if parser.buffer[parser.buffer_pos] == '+' {
+ chomping = +1
+ } else {
+ chomping = -1
+ }
+ skip(parser)
+
+ // Check for an indentation indicator.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ if is_digit(parser.buffer, parser.buffer_pos) {
+ // Check that the indentation is greater than 0.
+ if parser.buffer[parser.buffer_pos] == '0' {
+ yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
+ start_mark, "found an indentation indicator equal to 0")
+ return false
+ }
+
+ // Get the indentation level and eat the indicator.
+ increment = as_digit(parser.buffer, parser.buffer_pos)
+ skip(parser)
+ }
+
+ } else if is_digit(parser.buffer, parser.buffer_pos) {
+ // Do the same as above, but in the opposite order.
+
+ if parser.buffer[parser.buffer_pos] == '0' {
+ yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
+ start_mark, "found an indentation indicator equal to 0")
+ return false
+ }
+ increment = as_digit(parser.buffer, parser.buffer_pos)
+ skip(parser)
+
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ if parser.buffer[parser.buffer_pos] == '+' || parser.buffer[parser.buffer_pos] == '-' {
+ if parser.buffer[parser.buffer_pos] == '+' {
+ chomping = +1
+ } else {
+ chomping = -1
+ }
+ skip(parser)
+ }
+ }
+
+ // Eat whitespaces and comments to the end of the line.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ for is_blank(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+ if parser.buffer[parser.buffer_pos] == '#' {
+ for !is_breakz(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+ }
+
+ // Check if we are at the end of the line.
+ if !is_breakz(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
+ start_mark, "did not find expected comment or line break")
+ return false
+ }
+
+ // Eat a line break.
+ if is_break(parser.buffer, parser.buffer_pos) {
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+ skip_line(parser)
+ }
+
+ end_mark := parser.mark
+
+ // Set the indentation level if it was specified.
+ var indent int
+ if increment > 0 {
+ if parser.indent >= 0 {
+ indent = parser.indent + increment
+ } else {
+ indent = increment
+ }
+ }
+
+ // Scan the leading line breaks and determine the indentation level if needed.
+ var s, leading_break, trailing_breaks []byte
+ if !yaml_parser_scan_block_scalar_breaks(parser, &indent, &trailing_breaks, start_mark, &end_mark) {
+ return false
+ }
+
+ // Scan the block scalar content.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ var leading_blank, trailing_blank bool
+ for parser.mark.column == indent && !is_z(parser.buffer, parser.buffer_pos) {
+ // We are at the beginning of a non-empty line.
+
+ // Is it a trailing whitespace?
+ trailing_blank = is_blank(parser.buffer, parser.buffer_pos)
+
+ // Check if we need to fold the leading line break.
+ if !literal && !leading_blank && !trailing_blank && len(leading_break) > 0 && leading_break[0] == '\n' {
+ // Do we need to join the lines by space?
+ if len(trailing_breaks) == 0 {
+ s = append(s, ' ')
+ }
+ } else {
+ s = append(s, leading_break...)
+ }
+ leading_break = leading_break[:0]
+
+ // Append the remaining line breaks.
+ s = append(s, trailing_breaks...)
+ trailing_breaks = trailing_breaks[:0]
+
+ // Is it a leading whitespace?
+ leading_blank = is_blank(parser.buffer, parser.buffer_pos)
+
+ // Consume the current line.
+ for !is_breakz(parser.buffer, parser.buffer_pos) {
+ s = read(parser, s)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Consume the line break.
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+
+ leading_break = read_line(parser, leading_break)
+
+ // Eat the following indentation spaces and line breaks.
+ if !yaml_parser_scan_block_scalar_breaks(parser, &indent, &trailing_breaks, start_mark, &end_mark) {
+ return false
+ }
+ }
+
+ // Chomp the tail.
+ if chomping != -1 {
+ s = append(s, leading_break...)
+ }
+ if chomping == 1 {
+ s = append(s, trailing_breaks...)
+ }
+
+ // Create a token.
+ *token = yaml_token_t{
+ typ: yaml_SCALAR_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ value: s,
+ style: yaml_LITERAL_SCALAR_STYLE,
+ }
+ if !literal {
+ token.style = yaml_FOLDED_SCALAR_STYLE
+ }
+ return true
+}
+
+// Scan indentation spaces and line breaks for a block scalar. Determine the
+// indentation level if needed.
+func yaml_parser_scan_block_scalar_breaks(parser *yaml_parser_t, indent *int, breaks *[]byte, start_mark yaml_mark_t, end_mark *yaml_mark_t) bool {
+ *end_mark = parser.mark
+
+ // Eat the indentation spaces and line breaks.
+ max_indent := 0
+ for {
+ // Eat the indentation spaces.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ for (*indent == 0 || parser.mark.column < *indent) && is_space(parser.buffer, parser.buffer_pos) {
+ skip(parser)
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+ if parser.mark.column > max_indent {
+ max_indent = parser.mark.column
+ }
+
+ // Check for a tab character messing the indentation.
+ if (*indent == 0 || parser.mark.column < *indent) && is_tab(parser.buffer, parser.buffer_pos) {
+ return yaml_parser_set_scanner_error(parser, "while scanning a block scalar",
+ start_mark, "found a tab character where an indentation space is expected")
+ }
+
+ // Have we found a non-empty line?
+ if !is_break(parser.buffer, parser.buffer_pos) {
+ break
+ }
+
+ // Consume the line break.
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+ // [Go] Should really be returning breaks instead.
+ *breaks = read_line(parser, *breaks)
+ *end_mark = parser.mark
+ }
+
+ // Determine the indentation level if needed.
+ if *indent == 0 {
+ *indent = max_indent
+ if *indent < parser.indent+1 {
+ *indent = parser.indent + 1
+ }
+ if *indent < 1 {
+ *indent = 1
+ }
+ }
+ return true
+}
+
+// Scan a quoted scalar.
+func yaml_parser_scan_flow_scalar(parser *yaml_parser_t, token *yaml_token_t, single bool) bool {
+ // Eat the left quote.
+ start_mark := parser.mark
+ skip(parser)
+
+ // Consume the content of the quoted scalar.
+ var s, leading_break, trailing_breaks, whitespaces []byte
+ for {
+ // Check that there are no document indicators at the beginning of the line.
+ if parser.unread < 4 && !yaml_parser_update_buffer(parser, 4) {
+ return false
+ }
+
+ if parser.mark.column == 0 &&
+ ((parser.buffer[parser.buffer_pos+0] == '-' &&
+ parser.buffer[parser.buffer_pos+1] == '-' &&
+ parser.buffer[parser.buffer_pos+2] == '-') ||
+ (parser.buffer[parser.buffer_pos+0] == '.' &&
+ parser.buffer[parser.buffer_pos+1] == '.' &&
+ parser.buffer[parser.buffer_pos+2] == '.')) &&
+ is_blankz(parser.buffer, parser.buffer_pos+3) {
+ yaml_parser_set_scanner_error(parser, "while scanning a quoted scalar",
+ start_mark, "found unexpected document indicator")
+ return false
+ }
+
+ // Check for EOF.
+ if is_z(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a quoted scalar",
+ start_mark, "found unexpected end of stream")
+ return false
+ }
+
+ // Consume non-blank characters.
+ leading_blanks := false
+ for !is_blankz(parser.buffer, parser.buffer_pos) {
+ if single && parser.buffer[parser.buffer_pos] == '\'' && parser.buffer[parser.buffer_pos+1] == '\'' {
+ // Is is an escaped single quote.
+ s = append(s, '\'')
+ skip(parser)
+ skip(parser)
+
+ } else if single && parser.buffer[parser.buffer_pos] == '\'' {
+ // It is a right single quote.
+ break
+ } else if !single && parser.buffer[parser.buffer_pos] == '"' {
+ // It is a right double quote.
+ break
+
+ } else if !single && parser.buffer[parser.buffer_pos] == '\\' && is_break(parser.buffer, parser.buffer_pos+1) {
+ // It is an escaped line break.
+ if parser.unread < 3 && !yaml_parser_update_buffer(parser, 3) {
+ return false
+ }
+ skip(parser)
+ skip_line(parser)
+ leading_blanks = true
+ break
+
+ } else if !single && parser.buffer[parser.buffer_pos] == '\\' {
+ // It is an escape sequence.
+ code_length := 0
+
+ // Check the escape character.
+ switch parser.buffer[parser.buffer_pos+1] {
+ case '0':
+ s = append(s, 0)
+ case 'a':
+ s = append(s, '\x07')
+ case 'b':
+ s = append(s, '\x08')
+ case 't', '\t':
+ s = append(s, '\x09')
+ case 'n':
+ s = append(s, '\x0A')
+ case 'v':
+ s = append(s, '\x0B')
+ case 'f':
+ s = append(s, '\x0C')
+ case 'r':
+ s = append(s, '\x0D')
+ case 'e':
+ s = append(s, '\x1B')
+ case ' ':
+ s = append(s, '\x20')
+ case '"':
+ s = append(s, '"')
+ case '\'':
+ s = append(s, '\'')
+ case '\\':
+ s = append(s, '\\')
+ case 'N': // NEL (#x85)
+ s = append(s, '\xC2')
+ s = append(s, '\x85')
+ case '_': // #xA0
+ s = append(s, '\xC2')
+ s = append(s, '\xA0')
+ case 'L': // LS (#x2028)
+ s = append(s, '\xE2')
+ s = append(s, '\x80')
+ s = append(s, '\xA8')
+ case 'P': // PS (#x2029)
+ s = append(s, '\xE2')
+ s = append(s, '\x80')
+ s = append(s, '\xA9')
+ case 'x':
+ code_length = 2
+ case 'u':
+ code_length = 4
+ case 'U':
+ code_length = 8
+ default:
+ yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar",
+ start_mark, "found unknown escape character")
+ return false
+ }
+
+ skip(parser)
+ skip(parser)
+
+ // Consume an arbitrary escape code.
+ if code_length > 0 {
+ var value int
+
+ // Scan the character value.
+ if parser.unread < code_length && !yaml_parser_update_buffer(parser, code_length) {
+ return false
+ }
+ for k := 0; k < code_length; k++ {
+ if !is_hex(parser.buffer, parser.buffer_pos+k) {
+ yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar",
+ start_mark, "did not find expected hexdecimal number")
+ return false
+ }
+ value = (value << 4) + as_hex(parser.buffer, parser.buffer_pos+k)
+ }
+
+ // Check the value and write the character.
+ if (value >= 0xD800 && value <= 0xDFFF) || value > 0x10FFFF {
+ yaml_parser_set_scanner_error(parser, "while parsing a quoted scalar",
+ start_mark, "found invalid Unicode character escape code")
+ return false
+ }
+ if value <= 0x7F {
+ s = append(s, byte(value))
+ } else if value <= 0x7FF {
+ s = append(s, byte(0xC0+(value>>6)))
+ s = append(s, byte(0x80+(value&0x3F)))
+ } else if value <= 0xFFFF {
+ s = append(s, byte(0xE0+(value>>12)))
+ s = append(s, byte(0x80+((value>>6)&0x3F)))
+ s = append(s, byte(0x80+(value&0x3F)))
+ } else {
+ s = append(s, byte(0xF0+(value>>18)))
+ s = append(s, byte(0x80+((value>>12)&0x3F)))
+ s = append(s, byte(0x80+((value>>6)&0x3F)))
+ s = append(s, byte(0x80+(value&0x3F)))
+ }
+
+ // Advance the pointer.
+ for k := 0; k < code_length; k++ {
+ skip(parser)
+ }
+ }
+ } else {
+ // It is a non-escaped non-blank character.
+ s = read(parser, s)
+ }
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+ }
+
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ // Check if we are at the end of the scalar.
+ if single {
+ if parser.buffer[parser.buffer_pos] == '\'' {
+ break
+ }
+ } else {
+ if parser.buffer[parser.buffer_pos] == '"' {
+ break
+ }
+ }
+
+ // Consume blank characters.
+ for is_blank(parser.buffer, parser.buffer_pos) || is_break(parser.buffer, parser.buffer_pos) {
+ if is_blank(parser.buffer, parser.buffer_pos) {
+ // Consume a space or a tab character.
+ if !leading_blanks {
+ whitespaces = read(parser, whitespaces)
+ } else {
+ skip(parser)
+ }
+ } else {
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+
+ // Check if it is a first line break.
+ if !leading_blanks {
+ whitespaces = whitespaces[:0]
+ leading_break = read_line(parser, leading_break)
+ leading_blanks = true
+ } else {
+ trailing_breaks = read_line(parser, trailing_breaks)
+ }
+ }
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Join the whitespaces or fold line breaks.
+ if leading_blanks {
+ // Do we need to fold line breaks?
+ if len(leading_break) > 0 && leading_break[0] == '\n' {
+ if len(trailing_breaks) == 0 {
+ s = append(s, ' ')
+ } else {
+ s = append(s, trailing_breaks...)
+ }
+ } else {
+ s = append(s, leading_break...)
+ s = append(s, trailing_breaks...)
+ }
+ trailing_breaks = trailing_breaks[:0]
+ leading_break = leading_break[:0]
+ } else {
+ s = append(s, whitespaces...)
+ whitespaces = whitespaces[:0]
+ }
+ }
+
+ // Eat the right quote.
+ skip(parser)
+ end_mark := parser.mark
+
+ // Create a token.
+ *token = yaml_token_t{
+ typ: yaml_SCALAR_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ value: s,
+ style: yaml_SINGLE_QUOTED_SCALAR_STYLE,
+ }
+ if !single {
+ token.style = yaml_DOUBLE_QUOTED_SCALAR_STYLE
+ }
+ return true
+}
+
+// Scan a plain scalar.
+func yaml_parser_scan_plain_scalar(parser *yaml_parser_t, token *yaml_token_t) bool {
+
+ var s, leading_break, trailing_breaks, whitespaces []byte
+ var leading_blanks bool
+ var indent = parser.indent + 1
+
+ start_mark := parser.mark
+ end_mark := parser.mark
+
+ // Consume the content of the plain scalar.
+ for {
+ // Check for a document indicator.
+ if parser.unread < 4 && !yaml_parser_update_buffer(parser, 4) {
+ return false
+ }
+ if parser.mark.column == 0 &&
+ ((parser.buffer[parser.buffer_pos+0] == '-' &&
+ parser.buffer[parser.buffer_pos+1] == '-' &&
+ parser.buffer[parser.buffer_pos+2] == '-') ||
+ (parser.buffer[parser.buffer_pos+0] == '.' &&
+ parser.buffer[parser.buffer_pos+1] == '.' &&
+ parser.buffer[parser.buffer_pos+2] == '.')) &&
+ is_blankz(parser.buffer, parser.buffer_pos+3) {
+ break
+ }
+
+ // Check for a comment.
+ if parser.buffer[parser.buffer_pos] == '#' {
+ break
+ }
+
+ // Consume non-blank characters.
+ for !is_blankz(parser.buffer, parser.buffer_pos) {
+
+ // Check for indicators that may end a plain scalar.
+ if (parser.buffer[parser.buffer_pos] == ':' && is_blankz(parser.buffer, parser.buffer_pos+1)) ||
+ (parser.flow_level > 0 &&
+ (parser.buffer[parser.buffer_pos] == ',' ||
+ parser.buffer[parser.buffer_pos] == '?' || parser.buffer[parser.buffer_pos] == '[' ||
+ parser.buffer[parser.buffer_pos] == ']' || parser.buffer[parser.buffer_pos] == '{' ||
+ parser.buffer[parser.buffer_pos] == '}')) {
+ break
+ }
+
+ // Check if we need to join whitespaces and breaks.
+ if leading_blanks || len(whitespaces) > 0 {
+ if leading_blanks {
+ // Do we need to fold line breaks?
+ if leading_break[0] == '\n' {
+ if len(trailing_breaks) == 0 {
+ s = append(s, ' ')
+ } else {
+ s = append(s, trailing_breaks...)
+ }
+ } else {
+ s = append(s, leading_break...)
+ s = append(s, trailing_breaks...)
+ }
+ trailing_breaks = trailing_breaks[:0]
+ leading_break = leading_break[:0]
+ leading_blanks = false
+ } else {
+ s = append(s, whitespaces...)
+ whitespaces = whitespaces[:0]
+ }
+ }
+
+ // Copy the character.
+ s = read(parser, s)
+
+ end_mark = parser.mark
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+ }
+
+ // Is it the end?
+ if !(is_blank(parser.buffer, parser.buffer_pos) || is_break(parser.buffer, parser.buffer_pos)) {
+ break
+ }
+
+ // Consume blank characters.
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+
+ for is_blank(parser.buffer, parser.buffer_pos) || is_break(parser.buffer, parser.buffer_pos) {
+ if is_blank(parser.buffer, parser.buffer_pos) {
+
+ // Check for tab characters that abuse indentation.
+ if leading_blanks && parser.mark.column < indent && is_tab(parser.buffer, parser.buffer_pos) {
+ yaml_parser_set_scanner_error(parser, "while scanning a plain scalar",
+ start_mark, "found a tab character that violates indentation")
+ return false
+ }
+
+ // Consume a space or a tab character.
+ if !leading_blanks {
+ whitespaces = read(parser, whitespaces)
+ } else {
+ skip(parser)
+ }
+ } else {
+ if parser.unread < 2 && !yaml_parser_update_buffer(parser, 2) {
+ return false
+ }
+
+ // Check if it is a first line break.
+ if !leading_blanks {
+ whitespaces = whitespaces[:0]
+ leading_break = read_line(parser, leading_break)
+ leading_blanks = true
+ } else {
+ trailing_breaks = read_line(parser, trailing_breaks)
+ }
+ }
+ if parser.unread < 1 && !yaml_parser_update_buffer(parser, 1) {
+ return false
+ }
+ }
+
+ // Check indentation level.
+ if parser.flow_level == 0 && parser.mark.column < indent {
+ break
+ }
+ }
+
+ // Create a token.
+ *token = yaml_token_t{
+ typ: yaml_SCALAR_TOKEN,
+ start_mark: start_mark,
+ end_mark: end_mark,
+ value: s,
+ style: yaml_PLAIN_SCALAR_STYLE,
+ }
+
+ // Note that we change the 'simple_key_allowed' flag.
+ if leading_blanks {
+ parser.simple_key_allowed = true
+ }
+ return true
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/sorter.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/sorter.go
new file mode 100644
index 000000000..4c45e660a
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/sorter.go
@@ -0,0 +1,113 @@
+package yaml
+
+import (
+ "reflect"
+ "unicode"
+)
+
+type keyList []reflect.Value
+
+func (l keyList) Len() int { return len(l) }
+func (l keyList) Swap(i, j int) { l[i], l[j] = l[j], l[i] }
+func (l keyList) Less(i, j int) bool {
+ a := l[i]
+ b := l[j]
+ ak := a.Kind()
+ bk := b.Kind()
+ for (ak == reflect.Interface || ak == reflect.Ptr) && !a.IsNil() {
+ a = a.Elem()
+ ak = a.Kind()
+ }
+ for (bk == reflect.Interface || bk == reflect.Ptr) && !b.IsNil() {
+ b = b.Elem()
+ bk = b.Kind()
+ }
+ af, aok := keyFloat(a)
+ bf, bok := keyFloat(b)
+ if aok && bok {
+ if af != bf {
+ return af < bf
+ }
+ if ak != bk {
+ return ak < bk
+ }
+ return numLess(a, b)
+ }
+ if ak != reflect.String || bk != reflect.String {
+ return ak < bk
+ }
+ ar, br := []rune(a.String()), []rune(b.String())
+ for i := 0; i < len(ar) && i < len(br); i++ {
+ if ar[i] == br[i] {
+ continue
+ }
+ al := unicode.IsLetter(ar[i])
+ bl := unicode.IsLetter(br[i])
+ if al && bl {
+ return ar[i] < br[i]
+ }
+ if al || bl {
+ return bl
+ }
+ var ai, bi int
+ var an, bn int64
+ if ar[i] == '0' || br[i] == '0' {
+ for j := i-1; j >= 0 && unicode.IsDigit(ar[j]); j-- {
+ if ar[j] != '0' {
+ an = 1
+ bn = 1
+ break
+ }
+ }
+ }
+ for ai = i; ai < len(ar) && unicode.IsDigit(ar[ai]); ai++ {
+ an = an*10 + int64(ar[ai]-'0')
+ }
+ for bi = i; bi < len(br) && unicode.IsDigit(br[bi]); bi++ {
+ bn = bn*10 + int64(br[bi]-'0')
+ }
+ if an != bn {
+ return an < bn
+ }
+ if ai != bi {
+ return ai < bi
+ }
+ return ar[i] < br[i]
+ }
+ return len(ar) < len(br)
+}
+
+// keyFloat returns a float value for v if it is a number/bool
+// and whether it is a number/bool or not.
+func keyFloat(v reflect.Value) (f float64, ok bool) {
+ switch v.Kind() {
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ return float64(v.Int()), true
+ case reflect.Float32, reflect.Float64:
+ return v.Float(), true
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ return float64(v.Uint()), true
+ case reflect.Bool:
+ if v.Bool() {
+ return 1, true
+ }
+ return 0, true
+ }
+ return 0, false
+}
+
+// numLess returns whether a < b.
+// a and b must necessarily have the same kind.
+func numLess(a, b reflect.Value) bool {
+ switch a.Kind() {
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ return a.Int() < b.Int()
+ case reflect.Float32, reflect.Float64:
+ return a.Float() < b.Float()
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ return a.Uint() < b.Uint()
+ case reflect.Bool:
+ return !a.Bool() && b.Bool()
+ }
+ panic("not a number")
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/writerc.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/writerc.go
new file mode 100644
index 000000000..a2dde608c
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/writerc.go
@@ -0,0 +1,26 @@
+package yaml
+
+// Set the writer error and return false.
+func yaml_emitter_set_writer_error(emitter *yaml_emitter_t, problem string) bool {
+ emitter.error = yaml_WRITER_ERROR
+ emitter.problem = problem
+ return false
+}
+
+// Flush the output buffer.
+func yaml_emitter_flush(emitter *yaml_emitter_t) bool {
+ if emitter.write_handler == nil {
+ panic("write handler not set")
+ }
+
+ // Check if the buffer is empty.
+ if emitter.buffer_pos == 0 {
+ return true
+ }
+
+ if err := emitter.write_handler(emitter, emitter.buffer[:emitter.buffer_pos]); err != nil {
+ return yaml_emitter_set_writer_error(emitter, "write error: "+err.Error())
+ }
+ emitter.buffer_pos = 0
+ return true
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/yaml.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/yaml.go
new file mode 100644
index 000000000..30813884c
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/yaml.go
@@ -0,0 +1,478 @@
+// Package yaml implements YAML support for the Go language.
+//
+// Source code and other details for the project are available at GitHub:
+//
+// https://github.com/go-yaml/yaml
+//
+package yaml
+
+import (
+ "errors"
+ "fmt"
+ "io"
+ "reflect"
+ "strings"
+ "sync"
+)
+
+// MapSlice encodes and decodes as a YAML map.
+// The order of keys is preserved when encoding and decoding.
+type MapSlice []MapItem
+
+// MapItem is an item in a MapSlice.
+type MapItem struct {
+ Key, Value interface{}
+}
+
+// The Unmarshaler interface may be implemented by types to customize their
+// behavior when being unmarshaled from a YAML document. The UnmarshalYAML
+// method receives a function that may be called to unmarshal the original
+// YAML value into a field or variable. It is safe to call the unmarshal
+// function parameter more than once if necessary.
+type Unmarshaler interface {
+ UnmarshalYAML(unmarshal func(interface{}) error) error
+}
+
+// The Marshaler interface may be implemented by types to customize their
+// behavior when being marshaled into a YAML document. The returned value
+// is marshaled in place of the original value implementing Marshaler.
+//
+// If an error is returned by MarshalYAML, the marshaling procedure stops
+// and returns with the provided error.
+type Marshaler interface {
+ MarshalYAML() (interface{}, error)
+}
+
+// Unmarshal decodes the first document found within the in byte slice
+// and assigns decoded values into the out value.
+//
+// Maps and pointers (to a struct, string, int, etc) are accepted as out
+// values. If an internal pointer within a struct is not initialized,
+// the yaml package will initialize it if necessary for unmarshalling
+// the provided data. The out parameter must not be nil.
+//
+// The type of the decoded values should be compatible with the respective
+// values in out. If one or more values cannot be decoded due to a type
+// mismatches, decoding continues partially until the end of the YAML
+// content, and a *yaml.TypeError is returned with details for all
+// missed values.
+//
+// Struct fields are only unmarshalled if they are exported (have an
+// upper case first letter), and are unmarshalled using the field name
+// lowercased as the default key. Custom keys may be defined via the
+// "yaml" name in the field tag: the content preceding the first comma
+// is used as the key, and the following comma-separated options are
+// used to tweak the marshalling process (see Marshal).
+// Conflicting names result in a runtime error.
+//
+// For example:
+//
+// type T struct {
+// F int `yaml:"a,omitempty"`
+// B int
+// }
+// var t T
+// yaml.Unmarshal([]byte("a: 1\nb: 2"), &t)
+//
+// See the documentation of Marshal for the format of tags and a list of
+// supported tag options.
+//
+func Unmarshal(in []byte, out interface{}) (err error) {
+ return unmarshal(in, out, false)
+}
+
+// UnmarshalStrict is like Unmarshal except that any fields that are found
+// in the data that do not have corresponding struct members, or mapping
+// keys that are duplicates, will result in
+// an error.
+func UnmarshalStrict(in []byte, out interface{}) (err error) {
+ return unmarshal(in, out, true)
+}
+
+// A Decoder reads and decodes YAML values from an input stream.
+type Decoder struct {
+ strict bool
+ parser *parser
+}
+
+// NewDecoder returns a new decoder that reads from r.
+//
+// The decoder introduces its own buffering and may read
+// data from r beyond the YAML values requested.
+func NewDecoder(r io.Reader) *Decoder {
+ return &Decoder{
+ parser: newParserFromReader(r),
+ }
+}
+
+// SetStrict sets whether strict decoding behaviour is enabled when
+// decoding items in the data (see UnmarshalStrict). By default, decoding is not strict.
+func (dec *Decoder) SetStrict(strict bool) {
+ dec.strict = strict
+}
+
+// Decode reads the next YAML-encoded value from its input
+// and stores it in the value pointed to by v.
+//
+// See the documentation for Unmarshal for details about the
+// conversion of YAML into a Go value.
+func (dec *Decoder) Decode(v interface{}) (err error) {
+ d := newDecoder(dec.strict)
+ defer handleErr(&err)
+ node := dec.parser.parse()
+ if node == nil {
+ return io.EOF
+ }
+ out := reflect.ValueOf(v)
+ if out.Kind() == reflect.Ptr && !out.IsNil() {
+ out = out.Elem()
+ }
+ d.unmarshal(node, out)
+ if len(d.terrors) > 0 {
+ return &TypeError{d.terrors}
+ }
+ return nil
+}
+
+func unmarshal(in []byte, out interface{}, strict bool) (err error) {
+ defer handleErr(&err)
+ d := newDecoder(strict)
+ p := newParser(in)
+ defer p.destroy()
+ node := p.parse()
+ if node != nil {
+ v := reflect.ValueOf(out)
+ if v.Kind() == reflect.Ptr && !v.IsNil() {
+ v = v.Elem()
+ }
+ d.unmarshal(node, v)
+ }
+ if len(d.terrors) > 0 {
+ return &TypeError{d.terrors}
+ }
+ return nil
+}
+
+// Marshal serializes the value provided into a YAML document. The structure
+// of the generated document will reflect the structure of the value itself.
+// Maps and pointers (to struct, string, int, etc) are accepted as the in value.
+//
+// Struct fields are only marshalled if they are exported (have an upper case
+// first letter), and are marshalled using the field name lowercased as the
+// default key. Custom keys may be defined via the "yaml" name in the field
+// tag: the content preceding the first comma is used as the key, and the
+// following comma-separated options are used to tweak the marshalling process.
+// Conflicting names result in a runtime error.
+//
+// The field tag format accepted is:
+//
+// `(...) yaml:"[<key>][,<flag1>[,<flag2>]]" (...)`
+//
+// The following flags are currently supported:
+//
+// omitempty Only include the field if it's not set to the zero
+// value for the type or to empty slices or maps.
+// Zero valued structs will be omitted if all their public
+// fields are zero, unless they implement an IsZero
+// method (see the IsZeroer interface type), in which
+// case the field will be excluded if IsZero returns true.
+//
+// flow Marshal using a flow style (useful for structs,
+// sequences and maps).
+//
+// inline Inline the field, which must be a struct or a map,
+// causing all of its fields or keys to be processed as if
+// they were part of the outer struct. For maps, keys must
+// not conflict with the yaml keys of other struct fields.
+//
+// In addition, if the key is "-", the field is ignored.
+//
+// For example:
+//
+// type T struct {
+// F int `yaml:"a,omitempty"`
+// B int
+// }
+// yaml.Marshal(&T{B: 2}) // Returns "b: 2\n"
+// yaml.Marshal(&T{F: 1}} // Returns "a: 1\nb: 0\n"
+//
+func Marshal(in interface{}) (out []byte, err error) {
+ defer handleErr(&err)
+ e := newEncoder()
+ defer e.destroy()
+ e.marshalDoc("", reflect.ValueOf(in))
+ e.finish()
+ out = e.out
+ return
+}
+
+// An Encoder writes YAML values to an output stream.
+type Encoder struct {
+ encoder *encoder
+}
+
+// NewEncoder returns a new encoder that writes to w.
+// The Encoder should be closed after use to flush all data
+// to w.
+func NewEncoder(w io.Writer) *Encoder {
+ return &Encoder{
+ encoder: newEncoderWithWriter(w),
+ }
+}
+
+// Encode writes the YAML encoding of v to the stream.
+// If multiple items are encoded to the stream, the
+// second and subsequent document will be preceded
+// with a "---" document separator, but the first will not.
+//
+// See the documentation for Marshal for details about the conversion of Go
+// values to YAML.
+func (e *Encoder) Encode(v interface{}) (err error) {
+ defer handleErr(&err)
+ e.encoder.marshalDoc("", reflect.ValueOf(v))
+ return nil
+}
+
+// Close closes the encoder by writing any remaining data.
+// It does not write a stream terminating string "...".
+func (e *Encoder) Close() (err error) {
+ defer handleErr(&err)
+ e.encoder.finish()
+ return nil
+}
+
+func handleErr(err *error) {
+ if v := recover(); v != nil {
+ if e, ok := v.(yamlError); ok {
+ *err = e.err
+ } else {
+ panic(v)
+ }
+ }
+}
+
+type yamlError struct {
+ err error
+}
+
+func fail(err error) {
+ panic(yamlError{err})
+}
+
+func failf(format string, args ...interface{}) {
+ panic(yamlError{fmt.Errorf("yaml: "+format, args...)})
+}
+
+// A TypeError is returned by Unmarshal when one or more fields in
+// the YAML document cannot be properly decoded into the requested
+// types. When this error is returned, the value is still
+// unmarshaled partially.
+type TypeError struct {
+ Errors []string
+}
+
+func (e *TypeError) Error() string {
+ return fmt.Sprintf("yaml: unmarshal errors:\n %s", strings.Join(e.Errors, "\n "))
+}
+
+// --------------------------------------------------------------------------
+// Maintain a mapping of keys to structure field indexes
+
+// The code in this section was copied from mgo/bson.
+
+// structInfo holds details for the serialization of fields of
+// a given struct.
+type structInfo struct {
+ FieldsMap map[string]fieldInfo
+ FieldsList []fieldInfo
+
+ // InlineMap is the number of the field in the struct that
+ // contains an ,inline map, or -1 if there's none.
+ InlineMap int
+}
+
+type fieldInfo struct {
+ Key string
+ Num int
+ OmitEmpty bool
+ Flow bool
+ // Id holds the unique field identifier, so we can cheaply
+ // check for field duplicates without maintaining an extra map.
+ Id int
+
+ // Inline holds the field index if the field is part of an inlined struct.
+ Inline []int
+}
+
+var structMap = make(map[reflect.Type]*structInfo)
+var fieldMapMutex sync.RWMutex
+
+func getStructInfo(st reflect.Type) (*structInfo, error) {
+ fieldMapMutex.RLock()
+ sinfo, found := structMap[st]
+ fieldMapMutex.RUnlock()
+ if found {
+ return sinfo, nil
+ }
+
+ n := st.NumField()
+ fieldsMap := make(map[string]fieldInfo)
+ fieldsList := make([]fieldInfo, 0, n)
+ inlineMap := -1
+ for i := 0; i != n; i++ {
+ field := st.Field(i)
+ if field.PkgPath != "" && !field.Anonymous {
+ continue // Private field
+ }
+
+ info := fieldInfo{Num: i}
+
+ tag := field.Tag.Get("yaml")
+ if tag == "" && strings.Index(string(field.Tag), ":") < 0 {
+ tag = string(field.Tag)
+ }
+ if tag == "-" {
+ continue
+ }
+
+ inline := false
+ fields := strings.Split(tag, ",")
+ if len(fields) > 1 {
+ for _, flag := range fields[1:] {
+ switch flag {
+ case "omitempty":
+ info.OmitEmpty = true
+ case "flow":
+ info.Flow = true
+ case "inline":
+ inline = true
+ default:
+ return nil, errors.New(fmt.Sprintf("Unsupported flag %q in tag %q of type %s", flag, tag, st))
+ }
+ }
+ tag = fields[0]
+ }
+
+ if inline {
+ switch field.Type.Kind() {
+ case reflect.Map:
+ if inlineMap >= 0 {
+ return nil, errors.New("Multiple ,inline maps in struct " + st.String())
+ }
+ if field.Type.Key() != reflect.TypeOf("") {
+ return nil, errors.New("Option ,inline needs a map with string keys in struct " + st.String())
+ }
+ inlineMap = info.Num
+ case reflect.Struct:
+ sinfo, err := getStructInfo(field.Type)
+ if err != nil {
+ return nil, err
+ }
+ for _, finfo := range sinfo.FieldsList {
+ if _, found := fieldsMap[finfo.Key]; found {
+ msg := "Duplicated key '" + finfo.Key + "' in struct " + st.String()
+ return nil, errors.New(msg)
+ }
+ if finfo.Inline == nil {
+ finfo.Inline = []int{i, finfo.Num}
+ } else {
+ finfo.Inline = append([]int{i}, finfo.Inline...)
+ }
+ finfo.Id = len(fieldsList)
+ fieldsMap[finfo.Key] = finfo
+ fieldsList = append(fieldsList, finfo)
+ }
+ default:
+ //return nil, errors.New("Option ,inline needs a struct value or map field")
+ return nil, errors.New("Option ,inline needs a struct value field")
+ }
+ continue
+ }
+
+ if tag != "" {
+ info.Key = tag
+ } else {
+ info.Key = strings.ToLower(field.Name)
+ }
+
+ if _, found = fieldsMap[info.Key]; found {
+ msg := "Duplicated key '" + info.Key + "' in struct " + st.String()
+ return nil, errors.New(msg)
+ }
+
+ info.Id = len(fieldsList)
+ fieldsList = append(fieldsList, info)
+ fieldsMap[info.Key] = info
+ }
+
+ sinfo = &structInfo{
+ FieldsMap: fieldsMap,
+ FieldsList: fieldsList,
+ InlineMap: inlineMap,
+ }
+
+ fieldMapMutex.Lock()
+ structMap[st] = sinfo
+ fieldMapMutex.Unlock()
+ return sinfo, nil
+}
+
+// IsZeroer is used to check whether an object is zero to
+// determine whether it should be omitted when marshaling
+// with the omitempty flag. One notable implementation
+// is time.Time.
+type IsZeroer interface {
+ IsZero() bool
+}
+
+func isZero(v reflect.Value) bool {
+ kind := v.Kind()
+ if z, ok := v.Interface().(IsZeroer); ok {
+ if (kind == reflect.Ptr || kind == reflect.Interface) && v.IsNil() {
+ return true
+ }
+ return z.IsZero()
+ }
+ switch kind {
+ case reflect.String:
+ return len(v.String()) == 0
+ case reflect.Interface, reflect.Ptr:
+ return v.IsNil()
+ case reflect.Slice:
+ return v.Len() == 0
+ case reflect.Map:
+ return v.Len() == 0
+ case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
+ return v.Int() == 0
+ case reflect.Float32, reflect.Float64:
+ return v.Float() == 0
+ case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
+ return v.Uint() == 0
+ case reflect.Bool:
+ return !v.Bool()
+ case reflect.Struct:
+ vt := v.Type()
+ for i := v.NumField() - 1; i >= 0; i-- {
+ if vt.Field(i).PkgPath != "" {
+ continue // Private field
+ }
+ if !isZero(v.Field(i)) {
+ return false
+ }
+ }
+ return true
+ }
+ return false
+}
+
+// FutureLineWrap globally disables line wrapping when encoding long strings.
+// This is a temporary and thus deprecated method introduced to faciliate
+// migration towards v3, which offers more control of line lengths on
+// individual encodings, and has a default matching the behavior introduced
+// by this function.
+//
+// The default formatting of v2 was erroneously changed in v2.3.0 and reverted
+// in v2.4.0, at which point this function was introduced to help migration.
+func FutureLineWrap() {
+ disableLineWrapping = true
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/yamlh.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/yamlh.go
new file mode 100644
index 000000000..f6a9c8e34
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/yamlh.go
@@ -0,0 +1,739 @@
+package yaml
+
+import (
+ "fmt"
+ "io"
+)
+
+// The version directive data.
+type yaml_version_directive_t struct {
+ major int8 // The major version number.
+ minor int8 // The minor version number.
+}
+
+// The tag directive data.
+type yaml_tag_directive_t struct {
+ handle []byte // The tag handle.
+ prefix []byte // The tag prefix.
+}
+
+type yaml_encoding_t int
+
+// The stream encoding.
+const (
+ // Let the parser choose the encoding.
+ yaml_ANY_ENCODING yaml_encoding_t = iota
+
+ yaml_UTF8_ENCODING // The default UTF-8 encoding.
+ yaml_UTF16LE_ENCODING // The UTF-16-LE encoding with BOM.
+ yaml_UTF16BE_ENCODING // The UTF-16-BE encoding with BOM.
+)
+
+type yaml_break_t int
+
+// Line break types.
+const (
+ // Let the parser choose the break type.
+ yaml_ANY_BREAK yaml_break_t = iota
+
+ yaml_CR_BREAK // Use CR for line breaks (Mac style).
+ yaml_LN_BREAK // Use LN for line breaks (Unix style).
+ yaml_CRLN_BREAK // Use CR LN for line breaks (DOS style).
+)
+
+type yaml_error_type_t int
+
+// Many bad things could happen with the parser and emitter.
+const (
+ // No error is produced.
+ yaml_NO_ERROR yaml_error_type_t = iota
+
+ yaml_MEMORY_ERROR // Cannot allocate or reallocate a block of memory.
+ yaml_READER_ERROR // Cannot read or decode the input stream.
+ yaml_SCANNER_ERROR // Cannot scan the input stream.
+ yaml_PARSER_ERROR // Cannot parse the input stream.
+ yaml_COMPOSER_ERROR // Cannot compose a YAML document.
+ yaml_WRITER_ERROR // Cannot write to the output stream.
+ yaml_EMITTER_ERROR // Cannot emit a YAML stream.
+)
+
+// The pointer position.
+type yaml_mark_t struct {
+ index int // The position index.
+ line int // The position line.
+ column int // The position column.
+}
+
+// Node Styles
+
+type yaml_style_t int8
+
+type yaml_scalar_style_t yaml_style_t
+
+// Scalar styles.
+const (
+ // Let the emitter choose the style.
+ yaml_ANY_SCALAR_STYLE yaml_scalar_style_t = iota
+
+ yaml_PLAIN_SCALAR_STYLE // The plain scalar style.
+ yaml_SINGLE_QUOTED_SCALAR_STYLE // The single-quoted scalar style.
+ yaml_DOUBLE_QUOTED_SCALAR_STYLE // The double-quoted scalar style.
+ yaml_LITERAL_SCALAR_STYLE // The literal scalar style.
+ yaml_FOLDED_SCALAR_STYLE // The folded scalar style.
+)
+
+type yaml_sequence_style_t yaml_style_t
+
+// Sequence styles.
+const (
+ // Let the emitter choose the style.
+ yaml_ANY_SEQUENCE_STYLE yaml_sequence_style_t = iota
+
+ yaml_BLOCK_SEQUENCE_STYLE // The block sequence style.
+ yaml_FLOW_SEQUENCE_STYLE // The flow sequence style.
+)
+
+type yaml_mapping_style_t yaml_style_t
+
+// Mapping styles.
+const (
+ // Let the emitter choose the style.
+ yaml_ANY_MAPPING_STYLE yaml_mapping_style_t = iota
+
+ yaml_BLOCK_MAPPING_STYLE // The block mapping style.
+ yaml_FLOW_MAPPING_STYLE // The flow mapping style.
+)
+
+// Tokens
+
+type yaml_token_type_t int
+
+// Token types.
+const (
+ // An empty token.
+ yaml_NO_TOKEN yaml_token_type_t = iota
+
+ yaml_STREAM_START_TOKEN // A STREAM-START token.
+ yaml_STREAM_END_TOKEN // A STREAM-END token.
+
+ yaml_VERSION_DIRECTIVE_TOKEN // A VERSION-DIRECTIVE token.
+ yaml_TAG_DIRECTIVE_TOKEN // A TAG-DIRECTIVE token.
+ yaml_DOCUMENT_START_TOKEN // A DOCUMENT-START token.
+ yaml_DOCUMENT_END_TOKEN // A DOCUMENT-END token.
+
+ yaml_BLOCK_SEQUENCE_START_TOKEN // A BLOCK-SEQUENCE-START token.
+ yaml_BLOCK_MAPPING_START_TOKEN // A BLOCK-SEQUENCE-END token.
+ yaml_BLOCK_END_TOKEN // A BLOCK-END token.
+
+ yaml_FLOW_SEQUENCE_START_TOKEN // A FLOW-SEQUENCE-START token.
+ yaml_FLOW_SEQUENCE_END_TOKEN // A FLOW-SEQUENCE-END token.
+ yaml_FLOW_MAPPING_START_TOKEN // A FLOW-MAPPING-START token.
+ yaml_FLOW_MAPPING_END_TOKEN // A FLOW-MAPPING-END token.
+
+ yaml_BLOCK_ENTRY_TOKEN // A BLOCK-ENTRY token.
+ yaml_FLOW_ENTRY_TOKEN // A FLOW-ENTRY token.
+ yaml_KEY_TOKEN // A KEY token.
+ yaml_VALUE_TOKEN // A VALUE token.
+
+ yaml_ALIAS_TOKEN // An ALIAS token.
+ yaml_ANCHOR_TOKEN // An ANCHOR token.
+ yaml_TAG_TOKEN // A TAG token.
+ yaml_SCALAR_TOKEN // A SCALAR token.
+)
+
+func (tt yaml_token_type_t) String() string {
+ switch tt {
+ case yaml_NO_TOKEN:
+ return "yaml_NO_TOKEN"
+ case yaml_STREAM_START_TOKEN:
+ return "yaml_STREAM_START_TOKEN"
+ case yaml_STREAM_END_TOKEN:
+ return "yaml_STREAM_END_TOKEN"
+ case yaml_VERSION_DIRECTIVE_TOKEN:
+ return "yaml_VERSION_DIRECTIVE_TOKEN"
+ case yaml_TAG_DIRECTIVE_TOKEN:
+ return "yaml_TAG_DIRECTIVE_TOKEN"
+ case yaml_DOCUMENT_START_TOKEN:
+ return "yaml_DOCUMENT_START_TOKEN"
+ case yaml_DOCUMENT_END_TOKEN:
+ return "yaml_DOCUMENT_END_TOKEN"
+ case yaml_BLOCK_SEQUENCE_START_TOKEN:
+ return "yaml_BLOCK_SEQUENCE_START_TOKEN"
+ case yaml_BLOCK_MAPPING_START_TOKEN:
+ return "yaml_BLOCK_MAPPING_START_TOKEN"
+ case yaml_BLOCK_END_TOKEN:
+ return "yaml_BLOCK_END_TOKEN"
+ case yaml_FLOW_SEQUENCE_START_TOKEN:
+ return "yaml_FLOW_SEQUENCE_START_TOKEN"
+ case yaml_FLOW_SEQUENCE_END_TOKEN:
+ return "yaml_FLOW_SEQUENCE_END_TOKEN"
+ case yaml_FLOW_MAPPING_START_TOKEN:
+ return "yaml_FLOW_MAPPING_START_TOKEN"
+ case yaml_FLOW_MAPPING_END_TOKEN:
+ return "yaml_FLOW_MAPPING_END_TOKEN"
+ case yaml_BLOCK_ENTRY_TOKEN:
+ return "yaml_BLOCK_ENTRY_TOKEN"
+ case yaml_FLOW_ENTRY_TOKEN:
+ return "yaml_FLOW_ENTRY_TOKEN"
+ case yaml_KEY_TOKEN:
+ return "yaml_KEY_TOKEN"
+ case yaml_VALUE_TOKEN:
+ return "yaml_VALUE_TOKEN"
+ case yaml_ALIAS_TOKEN:
+ return "yaml_ALIAS_TOKEN"
+ case yaml_ANCHOR_TOKEN:
+ return "yaml_ANCHOR_TOKEN"
+ case yaml_TAG_TOKEN:
+ return "yaml_TAG_TOKEN"
+ case yaml_SCALAR_TOKEN:
+ return "yaml_SCALAR_TOKEN"
+ }
+ return "<unknown token>"
+}
+
+// The token structure.
+type yaml_token_t struct {
+ // The token type.
+ typ yaml_token_type_t
+
+ // The start/end of the token.
+ start_mark, end_mark yaml_mark_t
+
+ // The stream encoding (for yaml_STREAM_START_TOKEN).
+ encoding yaml_encoding_t
+
+ // The alias/anchor/scalar value or tag/tag directive handle
+ // (for yaml_ALIAS_TOKEN, yaml_ANCHOR_TOKEN, yaml_SCALAR_TOKEN, yaml_TAG_TOKEN, yaml_TAG_DIRECTIVE_TOKEN).
+ value []byte
+
+ // The tag suffix (for yaml_TAG_TOKEN).
+ suffix []byte
+
+ // The tag directive prefix (for yaml_TAG_DIRECTIVE_TOKEN).
+ prefix []byte
+
+ // The scalar style (for yaml_SCALAR_TOKEN).
+ style yaml_scalar_style_t
+
+ // The version directive major/minor (for yaml_VERSION_DIRECTIVE_TOKEN).
+ major, minor int8
+}
+
+// Events
+
+type yaml_event_type_t int8
+
+// Event types.
+const (
+ // An empty event.
+ yaml_NO_EVENT yaml_event_type_t = iota
+
+ yaml_STREAM_START_EVENT // A STREAM-START event.
+ yaml_STREAM_END_EVENT // A STREAM-END event.
+ yaml_DOCUMENT_START_EVENT // A DOCUMENT-START event.
+ yaml_DOCUMENT_END_EVENT // A DOCUMENT-END event.
+ yaml_ALIAS_EVENT // An ALIAS event.
+ yaml_SCALAR_EVENT // A SCALAR event.
+ yaml_SEQUENCE_START_EVENT // A SEQUENCE-START event.
+ yaml_SEQUENCE_END_EVENT // A SEQUENCE-END event.
+ yaml_MAPPING_START_EVENT // A MAPPING-START event.
+ yaml_MAPPING_END_EVENT // A MAPPING-END event.
+)
+
+var eventStrings = []string{
+ yaml_NO_EVENT: "none",
+ yaml_STREAM_START_EVENT: "stream start",
+ yaml_STREAM_END_EVENT: "stream end",
+ yaml_DOCUMENT_START_EVENT: "document start",
+ yaml_DOCUMENT_END_EVENT: "document end",
+ yaml_ALIAS_EVENT: "alias",
+ yaml_SCALAR_EVENT: "scalar",
+ yaml_SEQUENCE_START_EVENT: "sequence start",
+ yaml_SEQUENCE_END_EVENT: "sequence end",
+ yaml_MAPPING_START_EVENT: "mapping start",
+ yaml_MAPPING_END_EVENT: "mapping end",
+}
+
+func (e yaml_event_type_t) String() string {
+ if e < 0 || int(e) >= len(eventStrings) {
+ return fmt.Sprintf("unknown event %d", e)
+ }
+ return eventStrings[e]
+}
+
+// The event structure.
+type yaml_event_t struct {
+
+ // The event type.
+ typ yaml_event_type_t
+
+ // The start and end of the event.
+ start_mark, end_mark yaml_mark_t
+
+ // The document encoding (for yaml_STREAM_START_EVENT).
+ encoding yaml_encoding_t
+
+ // The version directive (for yaml_DOCUMENT_START_EVENT).
+ version_directive *yaml_version_directive_t
+
+ // The list of tag directives (for yaml_DOCUMENT_START_EVENT).
+ tag_directives []yaml_tag_directive_t
+
+ // The anchor (for yaml_SCALAR_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT, yaml_ALIAS_EVENT).
+ anchor []byte
+
+ // The tag (for yaml_SCALAR_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT).
+ tag []byte
+
+ // The scalar value (for yaml_SCALAR_EVENT).
+ value []byte
+
+ // Is the document start/end indicator implicit, or the tag optional?
+ // (for yaml_DOCUMENT_START_EVENT, yaml_DOCUMENT_END_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT, yaml_SCALAR_EVENT).
+ implicit bool
+
+ // Is the tag optional for any non-plain style? (for yaml_SCALAR_EVENT).
+ quoted_implicit bool
+
+ // The style (for yaml_SCALAR_EVENT, yaml_SEQUENCE_START_EVENT, yaml_MAPPING_START_EVENT).
+ style yaml_style_t
+}
+
+func (e *yaml_event_t) scalar_style() yaml_scalar_style_t { return yaml_scalar_style_t(e.style) }
+func (e *yaml_event_t) sequence_style() yaml_sequence_style_t { return yaml_sequence_style_t(e.style) }
+func (e *yaml_event_t) mapping_style() yaml_mapping_style_t { return yaml_mapping_style_t(e.style) }
+
+// Nodes
+
+const (
+ yaml_NULL_TAG = "tag:yaml.org,2002:null" // The tag !!null with the only possible value: null.
+ yaml_BOOL_TAG = "tag:yaml.org,2002:bool" // The tag !!bool with the values: true and false.
+ yaml_STR_TAG = "tag:yaml.org,2002:str" // The tag !!str for string values.
+ yaml_INT_TAG = "tag:yaml.org,2002:int" // The tag !!int for integer values.
+ yaml_FLOAT_TAG = "tag:yaml.org,2002:float" // The tag !!float for float values.
+ yaml_TIMESTAMP_TAG = "tag:yaml.org,2002:timestamp" // The tag !!timestamp for date and time values.
+
+ yaml_SEQ_TAG = "tag:yaml.org,2002:seq" // The tag !!seq is used to denote sequences.
+ yaml_MAP_TAG = "tag:yaml.org,2002:map" // The tag !!map is used to denote mapping.
+
+ // Not in original libyaml.
+ yaml_BINARY_TAG = "tag:yaml.org,2002:binary"
+ yaml_MERGE_TAG = "tag:yaml.org,2002:merge"
+
+ yaml_DEFAULT_SCALAR_TAG = yaml_STR_TAG // The default scalar tag is !!str.
+ yaml_DEFAULT_SEQUENCE_TAG = yaml_SEQ_TAG // The default sequence tag is !!seq.
+ yaml_DEFAULT_MAPPING_TAG = yaml_MAP_TAG // The default mapping tag is !!map.
+)
+
+type yaml_node_type_t int
+
+// Node types.
+const (
+ // An empty node.
+ yaml_NO_NODE yaml_node_type_t = iota
+
+ yaml_SCALAR_NODE // A scalar node.
+ yaml_SEQUENCE_NODE // A sequence node.
+ yaml_MAPPING_NODE // A mapping node.
+)
+
+// An element of a sequence node.
+type yaml_node_item_t int
+
+// An element of a mapping node.
+type yaml_node_pair_t struct {
+ key int // The key of the element.
+ value int // The value of the element.
+}
+
+// The node structure.
+type yaml_node_t struct {
+ typ yaml_node_type_t // The node type.
+ tag []byte // The node tag.
+
+ // The node data.
+
+ // The scalar parameters (for yaml_SCALAR_NODE).
+ scalar struct {
+ value []byte // The scalar value.
+ length int // The length of the scalar value.
+ style yaml_scalar_style_t // The scalar style.
+ }
+
+ // The sequence parameters (for YAML_SEQUENCE_NODE).
+ sequence struct {
+ items_data []yaml_node_item_t // The stack of sequence items.
+ style yaml_sequence_style_t // The sequence style.
+ }
+
+ // The mapping parameters (for yaml_MAPPING_NODE).
+ mapping struct {
+ pairs_data []yaml_node_pair_t // The stack of mapping pairs (key, value).
+ pairs_start *yaml_node_pair_t // The beginning of the stack.
+ pairs_end *yaml_node_pair_t // The end of the stack.
+ pairs_top *yaml_node_pair_t // The top of the stack.
+ style yaml_mapping_style_t // The mapping style.
+ }
+
+ start_mark yaml_mark_t // The beginning of the node.
+ end_mark yaml_mark_t // The end of the node.
+
+}
+
+// The document structure.
+type yaml_document_t struct {
+
+ // The document nodes.
+ nodes []yaml_node_t
+
+ // The version directive.
+ version_directive *yaml_version_directive_t
+
+ // The list of tag directives.
+ tag_directives_data []yaml_tag_directive_t
+ tag_directives_start int // The beginning of the tag directives list.
+ tag_directives_end int // The end of the tag directives list.
+
+ start_implicit int // Is the document start indicator implicit?
+ end_implicit int // Is the document end indicator implicit?
+
+ // The start/end of the document.
+ start_mark, end_mark yaml_mark_t
+}
+
+// The prototype of a read handler.
+//
+// The read handler is called when the parser needs to read more bytes from the
+// source. The handler should write not more than size bytes to the buffer.
+// The number of written bytes should be set to the size_read variable.
+//
+// [in,out] data A pointer to an application data specified by
+// yaml_parser_set_input().
+// [out] buffer The buffer to write the data from the source.
+// [in] size The size of the buffer.
+// [out] size_read The actual number of bytes read from the source.
+//
+// On success, the handler should return 1. If the handler failed,
+// the returned value should be 0. On EOF, the handler should set the
+// size_read to 0 and return 1.
+type yaml_read_handler_t func(parser *yaml_parser_t, buffer []byte) (n int, err error)
+
+// This structure holds information about a potential simple key.
+type yaml_simple_key_t struct {
+ possible bool // Is a simple key possible?
+ required bool // Is a simple key required?
+ token_number int // The number of the token.
+ mark yaml_mark_t // The position mark.
+}
+
+// The states of the parser.
+type yaml_parser_state_t int
+
+const (
+ yaml_PARSE_STREAM_START_STATE yaml_parser_state_t = iota
+
+ yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE // Expect the beginning of an implicit document.
+ yaml_PARSE_DOCUMENT_START_STATE // Expect DOCUMENT-START.
+ yaml_PARSE_DOCUMENT_CONTENT_STATE // Expect the content of a document.
+ yaml_PARSE_DOCUMENT_END_STATE // Expect DOCUMENT-END.
+ yaml_PARSE_BLOCK_NODE_STATE // Expect a block node.
+ yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE // Expect a block node or indentless sequence.
+ yaml_PARSE_FLOW_NODE_STATE // Expect a flow node.
+ yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE // Expect the first entry of a block sequence.
+ yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE // Expect an entry of a block sequence.
+ yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE // Expect an entry of an indentless sequence.
+ yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE // Expect the first key of a block mapping.
+ yaml_PARSE_BLOCK_MAPPING_KEY_STATE // Expect a block mapping key.
+ yaml_PARSE_BLOCK_MAPPING_VALUE_STATE // Expect a block mapping value.
+ yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE // Expect the first entry of a flow sequence.
+ yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE // Expect an entry of a flow sequence.
+ yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE // Expect a key of an ordered mapping.
+ yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE // Expect a value of an ordered mapping.
+ yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE // Expect the and of an ordered mapping entry.
+ yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE // Expect the first key of a flow mapping.
+ yaml_PARSE_FLOW_MAPPING_KEY_STATE // Expect a key of a flow mapping.
+ yaml_PARSE_FLOW_MAPPING_VALUE_STATE // Expect a value of a flow mapping.
+ yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE // Expect an empty value of a flow mapping.
+ yaml_PARSE_END_STATE // Expect nothing.
+)
+
+func (ps yaml_parser_state_t) String() string {
+ switch ps {
+ case yaml_PARSE_STREAM_START_STATE:
+ return "yaml_PARSE_STREAM_START_STATE"
+ case yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE:
+ return "yaml_PARSE_IMPLICIT_DOCUMENT_START_STATE"
+ case yaml_PARSE_DOCUMENT_START_STATE:
+ return "yaml_PARSE_DOCUMENT_START_STATE"
+ case yaml_PARSE_DOCUMENT_CONTENT_STATE:
+ return "yaml_PARSE_DOCUMENT_CONTENT_STATE"
+ case yaml_PARSE_DOCUMENT_END_STATE:
+ return "yaml_PARSE_DOCUMENT_END_STATE"
+ case yaml_PARSE_BLOCK_NODE_STATE:
+ return "yaml_PARSE_BLOCK_NODE_STATE"
+ case yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE:
+ return "yaml_PARSE_BLOCK_NODE_OR_INDENTLESS_SEQUENCE_STATE"
+ case yaml_PARSE_FLOW_NODE_STATE:
+ return "yaml_PARSE_FLOW_NODE_STATE"
+ case yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE:
+ return "yaml_PARSE_BLOCK_SEQUENCE_FIRST_ENTRY_STATE"
+ case yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE:
+ return "yaml_PARSE_BLOCK_SEQUENCE_ENTRY_STATE"
+ case yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE:
+ return "yaml_PARSE_INDENTLESS_SEQUENCE_ENTRY_STATE"
+ case yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE:
+ return "yaml_PARSE_BLOCK_MAPPING_FIRST_KEY_STATE"
+ case yaml_PARSE_BLOCK_MAPPING_KEY_STATE:
+ return "yaml_PARSE_BLOCK_MAPPING_KEY_STATE"
+ case yaml_PARSE_BLOCK_MAPPING_VALUE_STATE:
+ return "yaml_PARSE_BLOCK_MAPPING_VALUE_STATE"
+ case yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE:
+ return "yaml_PARSE_FLOW_SEQUENCE_FIRST_ENTRY_STATE"
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE:
+ return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_STATE"
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE:
+ return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_KEY_STATE"
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE:
+ return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_VALUE_STATE"
+ case yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE:
+ return "yaml_PARSE_FLOW_SEQUENCE_ENTRY_MAPPING_END_STATE"
+ case yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE:
+ return "yaml_PARSE_FLOW_MAPPING_FIRST_KEY_STATE"
+ case yaml_PARSE_FLOW_MAPPING_KEY_STATE:
+ return "yaml_PARSE_FLOW_MAPPING_KEY_STATE"
+ case yaml_PARSE_FLOW_MAPPING_VALUE_STATE:
+ return "yaml_PARSE_FLOW_MAPPING_VALUE_STATE"
+ case yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE:
+ return "yaml_PARSE_FLOW_MAPPING_EMPTY_VALUE_STATE"
+ case yaml_PARSE_END_STATE:
+ return "yaml_PARSE_END_STATE"
+ }
+ return "<unknown parser state>"
+}
+
+// This structure holds aliases data.
+type yaml_alias_data_t struct {
+ anchor []byte // The anchor.
+ index int // The node id.
+ mark yaml_mark_t // The anchor mark.
+}
+
+// The parser structure.
+//
+// All members are internal. Manage the structure using the
+// yaml_parser_ family of functions.
+type yaml_parser_t struct {
+
+ // Error handling
+
+ error yaml_error_type_t // Error type.
+
+ problem string // Error description.
+
+ // The byte about which the problem occurred.
+ problem_offset int
+ problem_value int
+ problem_mark yaml_mark_t
+
+ // The error context.
+ context string
+ context_mark yaml_mark_t
+
+ // Reader stuff
+
+ read_handler yaml_read_handler_t // Read handler.
+
+ input_reader io.Reader // File input data.
+ input []byte // String input data.
+ input_pos int
+
+ eof bool // EOF flag
+
+ buffer []byte // The working buffer.
+ buffer_pos int // The current position of the buffer.
+
+ unread int // The number of unread characters in the buffer.
+
+ raw_buffer []byte // The raw buffer.
+ raw_buffer_pos int // The current position of the buffer.
+
+ encoding yaml_encoding_t // The input encoding.
+
+ offset int // The offset of the current position (in bytes).
+ mark yaml_mark_t // The mark of the current position.
+
+ // Scanner stuff
+
+ stream_start_produced bool // Have we started to scan the input stream?
+ stream_end_produced bool // Have we reached the end of the input stream?
+
+ flow_level int // The number of unclosed '[' and '{' indicators.
+
+ tokens []yaml_token_t // The tokens queue.
+ tokens_head int // The head of the tokens queue.
+ tokens_parsed int // The number of tokens fetched from the queue.
+ token_available bool // Does the tokens queue contain a token ready for dequeueing.
+
+ indent int // The current indentation level.
+ indents []int // The indentation levels stack.
+
+ simple_key_allowed bool // May a simple key occur at the current position?
+ simple_keys []yaml_simple_key_t // The stack of simple keys.
+ simple_keys_by_tok map[int]int // possible simple_key indexes indexed by token_number
+
+ // Parser stuff
+
+ state yaml_parser_state_t // The current parser state.
+ states []yaml_parser_state_t // The parser states stack.
+ marks []yaml_mark_t // The stack of marks.
+ tag_directives []yaml_tag_directive_t // The list of TAG directives.
+
+ // Dumper stuff
+
+ aliases []yaml_alias_data_t // The alias data.
+
+ document *yaml_document_t // The currently parsed document.
+}
+
+// Emitter Definitions
+
+// The prototype of a write handler.
+//
+// The write handler is called when the emitter needs to flush the accumulated
+// characters to the output. The handler should write @a size bytes of the
+// @a buffer to the output.
+//
+// @param[in,out] data A pointer to an application data specified by
+// yaml_emitter_set_output().
+// @param[in] buffer The buffer with bytes to be written.
+// @param[in] size The size of the buffer.
+//
+// @returns On success, the handler should return @c 1. If the handler failed,
+// the returned value should be @c 0.
+//
+type yaml_write_handler_t func(emitter *yaml_emitter_t, buffer []byte) error
+
+type yaml_emitter_state_t int
+
+// The emitter states.
+const (
+ // Expect STREAM-START.
+ yaml_EMIT_STREAM_START_STATE yaml_emitter_state_t = iota
+
+ yaml_EMIT_FIRST_DOCUMENT_START_STATE // Expect the first DOCUMENT-START or STREAM-END.
+ yaml_EMIT_DOCUMENT_START_STATE // Expect DOCUMENT-START or STREAM-END.
+ yaml_EMIT_DOCUMENT_CONTENT_STATE // Expect the content of a document.
+ yaml_EMIT_DOCUMENT_END_STATE // Expect DOCUMENT-END.
+ yaml_EMIT_FLOW_SEQUENCE_FIRST_ITEM_STATE // Expect the first item of a flow sequence.
+ yaml_EMIT_FLOW_SEQUENCE_ITEM_STATE // Expect an item of a flow sequence.
+ yaml_EMIT_FLOW_MAPPING_FIRST_KEY_STATE // Expect the first key of a flow mapping.
+ yaml_EMIT_FLOW_MAPPING_KEY_STATE // Expect a key of a flow mapping.
+ yaml_EMIT_FLOW_MAPPING_SIMPLE_VALUE_STATE // Expect a value for a simple key of a flow mapping.
+ yaml_EMIT_FLOW_MAPPING_VALUE_STATE // Expect a value of a flow mapping.
+ yaml_EMIT_BLOCK_SEQUENCE_FIRST_ITEM_STATE // Expect the first item of a block sequence.
+ yaml_EMIT_BLOCK_SEQUENCE_ITEM_STATE // Expect an item of a block sequence.
+ yaml_EMIT_BLOCK_MAPPING_FIRST_KEY_STATE // Expect the first key of a block mapping.
+ yaml_EMIT_BLOCK_MAPPING_KEY_STATE // Expect the key of a block mapping.
+ yaml_EMIT_BLOCK_MAPPING_SIMPLE_VALUE_STATE // Expect a value for a simple key of a block mapping.
+ yaml_EMIT_BLOCK_MAPPING_VALUE_STATE // Expect a value of a block mapping.
+ yaml_EMIT_END_STATE // Expect nothing.
+)
+
+// The emitter structure.
+//
+// All members are internal. Manage the structure using the @c yaml_emitter_
+// family of functions.
+type yaml_emitter_t struct {
+
+ // Error handling
+
+ error yaml_error_type_t // Error type.
+ problem string // Error description.
+
+ // Writer stuff
+
+ write_handler yaml_write_handler_t // Write handler.
+
+ output_buffer *[]byte // String output data.
+ output_writer io.Writer // File output data.
+
+ buffer []byte // The working buffer.
+ buffer_pos int // The current position of the buffer.
+
+ raw_buffer []byte // The raw buffer.
+ raw_buffer_pos int // The current position of the buffer.
+
+ encoding yaml_encoding_t // The stream encoding.
+
+ // Emitter stuff
+
+ canonical bool // If the output is in the canonical style?
+ best_indent int // The number of indentation spaces.
+ best_width int // The preferred width of the output lines.
+ unicode bool // Allow unescaped non-ASCII characters?
+ line_break yaml_break_t // The preferred line break.
+
+ state yaml_emitter_state_t // The current emitter state.
+ states []yaml_emitter_state_t // The stack of states.
+
+ events []yaml_event_t // The event queue.
+ events_head int // The head of the event queue.
+
+ indents []int // The stack of indentation levels.
+
+ tag_directives []yaml_tag_directive_t // The list of tag directives.
+
+ indent int // The current indentation level.
+
+ flow_level int // The current flow level.
+
+ root_context bool // Is it the document root context?
+ sequence_context bool // Is it a sequence context?
+ mapping_context bool // Is it a mapping context?
+ simple_key_context bool // Is it a simple mapping key context?
+
+ line int // The current line.
+ column int // The current column.
+ whitespace bool // If the last character was a whitespace?
+ indention bool // If the last character was an indentation character (' ', '-', '?', ':')?
+ open_ended bool // If an explicit document end is required?
+
+ // Anchor analysis.
+ anchor_data struct {
+ anchor []byte // The anchor value.
+ alias bool // Is it an alias?
+ }
+
+ // Tag analysis.
+ tag_data struct {
+ handle []byte // The tag handle.
+ suffix []byte // The tag suffix.
+ }
+
+ // Scalar analysis.
+ scalar_data struct {
+ value []byte // The scalar value.
+ multiline bool // Does the scalar contain line breaks?
+ flow_plain_allowed bool // Can the scalar be expessed in the flow plain style?
+ block_plain_allowed bool // Can the scalar be expressed in the block plain style?
+ single_quoted_allowed bool // Can the scalar be expressed in the single quoted style?
+ block_allowed bool // Can the scalar be expressed in the literal or folded styles?
+ style yaml_scalar_style_t // The output style.
+ }
+
+ // Dumper stuff
+
+ opened bool // If the stream was already opened?
+ closed bool // If the stream was already closed?
+
+ // The information associated with the document nodes.
+ anchors *struct {
+ references int // The number of references.
+ anchor int // The anchor id.
+ serialized bool // If the node has been emitted?
+ }
+
+ last_anchor_id int // The last assigned anchor id.
+
+ document *yaml_document_t // The currently emitted document.
+}
diff --git a/vendor/sigs.k8s.io/yaml/goyaml.v2/yamlprivateh.go b/vendor/sigs.k8s.io/yaml/goyaml.v2/yamlprivateh.go
new file mode 100644
index 000000000..8110ce3c3
--- /dev/null
+++ b/vendor/sigs.k8s.io/yaml/goyaml.v2/yamlprivateh.go
@@ -0,0 +1,173 @@
+package yaml
+
+const (
+ // The size of the input raw buffer.
+ input_raw_buffer_size = 512
+
+ // The size of the input buffer.
+ // It should be possible to decode the whole raw buffer.
+ input_buffer_size = input_raw_buffer_size * 3
+
+ // The size of the output buffer.
+ output_buffer_size = 128
+
+ // The size of the output raw buffer.
+ // It should be possible to encode the whole output buffer.
+ output_raw_buffer_size = (output_buffer_size*2 + 2)
+
+ // The size of other stacks and queues.
+ initial_stack_size = 16
+ initial_queue_size = 16
+ initial_string_size = 16
+)
+
+// Check if the character at the specified position is an alphabetical
+// character, a digit, '_', or '-'.
+func is_alpha(b []byte, i int) bool {
+ return b[i] >= '0' && b[i] <= '9' || b[i] >= 'A' && b[i] <= 'Z' || b[i] >= 'a' && b[i] <= 'z' || b[i] == '_' || b[i] == '-'
+}
+
+// Check if the character at the specified position is a digit.
+func is_digit(b []byte, i int) bool {
+ return b[i] >= '0' && b[i] <= '9'
+}
+
+// Get the value of a digit.
+func as_digit(b []byte, i int) int {
+ return int(b[i]) - '0'
+}
+
+// Check if the character at the specified position is a hex-digit.
+func is_hex(b []byte, i int) bool {
+ return b[i] >= '0' && b[i] <= '9' || b[i] >= 'A' && b[i] <= 'F' || b[i] >= 'a' && b[i] <= 'f'
+}
+
+// Get the value of a hex-digit.
+func as_hex(b []byte, i int) int {
+ bi := b[i]
+ if bi >= 'A' && bi <= 'F' {
+ return int(bi) - 'A' + 10
+ }
+ if bi >= 'a' && bi <= 'f' {
+ return int(bi) - 'a' + 10
+ }
+ return int(bi) - '0'
+}
+
+// Check if the character is ASCII.
+func is_ascii(b []byte, i int) bool {
+ return b[i] <= 0x7F
+}
+
+// Check if the character at the start of the buffer can be printed unescaped.
+func is_printable(b []byte, i int) bool {
+ return ((b[i] == 0x0A) || // . == #x0A
+ (b[i] >= 0x20 && b[i] <= 0x7E) || // #x20 <= . <= #x7E
+ (b[i] == 0xC2 && b[i+1] >= 0xA0) || // #0xA0 <= . <= #xD7FF
+ (b[i] > 0xC2 && b[i] < 0xED) ||
+ (b[i] == 0xED && b[i+1] < 0xA0) ||
+ (b[i] == 0xEE) ||
+ (b[i] == 0xEF && // #xE000 <= . <= #xFFFD
+ !(b[i+1] == 0xBB && b[i+2] == 0xBF) && // && . != #xFEFF
+ !(b[i+1] == 0xBF && (b[i+2] == 0xBE || b[i+2] == 0xBF))))
+}
+
+// Check if the character at the specified position is NUL.
+func is_z(b []byte, i int) bool {
+ return b[i] == 0x00
+}
+
+// Check if the beginning of the buffer is a BOM.
+func is_bom(b []byte, i int) bool {
+ return b[0] == 0xEF && b[1] == 0xBB && b[2] == 0xBF
+}
+
+// Check if the character at the specified position is space.
+func is_space(b []byte, i int) bool {
+ return b[i] == ' '
+}
+
+// Check if the character at the specified position is tab.
+func is_tab(b []byte, i int) bool {
+ return b[i] == '\t'
+}
+
+// Check if the character at the specified position is blank (space or tab).
+func is_blank(b []byte, i int) bool {
+ //return is_space(b, i) || is_tab(b, i)
+ return b[i] == ' ' || b[i] == '\t'
+}
+
+// Check if the character at the specified position is a line break.
+func is_break(b []byte, i int) bool {
+ return (b[i] == '\r' || // CR (#xD)
+ b[i] == '\n' || // LF (#xA)
+ b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9) // PS (#x2029)
+}
+
+func is_crlf(b []byte, i int) bool {
+ return b[i] == '\r' && b[i+1] == '\n'
+}
+
+// Check if the character is a line break or NUL.
+func is_breakz(b []byte, i int) bool {
+ //return is_break(b, i) || is_z(b, i)
+ return ( // is_break:
+ b[i] == '\r' || // CR (#xD)
+ b[i] == '\n' || // LF (#xA)
+ b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9 || // PS (#x2029)
+ // is_z:
+ b[i] == 0)
+}
+
+// Check if the character is a line break, space, or NUL.
+func is_spacez(b []byte, i int) bool {
+ //return is_space(b, i) || is_breakz(b, i)
+ return ( // is_space:
+ b[i] == ' ' ||
+ // is_breakz:
+ b[i] == '\r' || // CR (#xD)
+ b[i] == '\n' || // LF (#xA)
+ b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9 || // PS (#x2029)
+ b[i] == 0)
+}
+
+// Check if the character is a line break, space, tab, or NUL.
+func is_blankz(b []byte, i int) bool {
+ //return is_blank(b, i) || is_breakz(b, i)
+ return ( // is_blank:
+ b[i] == ' ' || b[i] == '\t' ||
+ // is_breakz:
+ b[i] == '\r' || // CR (#xD)
+ b[i] == '\n' || // LF (#xA)
+ b[i] == 0xC2 && b[i+1] == 0x85 || // NEL (#x85)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA8 || // LS (#x2028)
+ b[i] == 0xE2 && b[i+1] == 0x80 && b[i+2] == 0xA9 || // PS (#x2029)
+ b[i] == 0)
+}
+
+// Determine the width of the character.
+func width(b byte) int {
+ // Don't replace these by a switch without first
+ // confirming that it is being inlined.
+ if b&0x80 == 0x00 {
+ return 1
+ }
+ if b&0xE0 == 0xC0 {
+ return 2
+ }
+ if b&0xF0 == 0xE0 {
+ return 3
+ }
+ if b&0xF8 == 0xF0 {
+ return 4
+ }
+ return 0
+
+}
diff --git a/vendor/sigs.k8s.io/yaml/yaml.go b/vendor/sigs.k8s.io/yaml/yaml.go
index efbc535d4..fc10246bd 100644
--- a/vendor/sigs.k8s.io/yaml/yaml.go
+++ b/vendor/sigs.k8s.io/yaml/yaml.go
@@ -1,3 +1,19 @@
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
package yaml
import (
@@ -8,56 +24,59 @@ import (
"reflect"
"strconv"
- "gopkg.in/yaml.v2"
+ "sigs.k8s.io/yaml/goyaml.v2"
)
-// Marshal marshals the object into JSON then converts JSON to YAML and returns the
-// YAML.
-func Marshal(o interface{}) ([]byte, error) {
- j, err := json.Marshal(o)
+// Marshal marshals obj into JSON using stdlib json.Marshal, and then converts JSON to YAML using JSONToYAML (see that method for more reference)
+func Marshal(obj interface{}) ([]byte, error) {
+ jsonBytes, err := json.Marshal(obj)
if err != nil {
- return nil, fmt.Errorf("error marshaling into JSON: %v", err)
+ return nil, fmt.Errorf("error marshaling into JSON: %w", err)
}
- y, err := JSONToYAML(j)
- if err != nil {
- return nil, fmt.Errorf("error converting JSON to YAML: %v", err)
- }
-
- return y, nil
+ return JSONToYAML(jsonBytes)
}
// JSONOpt is a decoding option for decoding from JSON format.
type JSONOpt func(*json.Decoder) *json.Decoder
-// Unmarshal converts YAML to JSON then uses JSON to unmarshal into an object,
-// optionally configuring the behavior of the JSON unmarshal.
-func Unmarshal(y []byte, o interface{}, opts ...JSONOpt) error {
- return yamlUnmarshal(y, o, false, opts...)
+// Unmarshal first converts the given YAML to JSON, and then unmarshals the JSON into obj. Options for the
+// standard library json.Decoder can be optionally specified, e.g. to decode untyped numbers into json.Number instead of float64, or to disallow unknown fields (but for that purpose, see also UnmarshalStrict). obj must be a non-nil pointer.
+//
+// Important notes about the Unmarshal logic:
+//
+// - Decoding is case-insensitive, unlike the rest of Kubernetes API machinery, as this is using the stdlib json library. This might be confusing to users.
+// - This decodes any number (although it is an integer) into a float64 if the type of obj is unknown, e.g. *map[string]interface{}, *interface{}, or *[]interface{}. This means integers above +/- 2^53 will lose precision when round-tripping. Make a JSONOpt that calls d.UseNumber() to avoid this.
+// - Duplicate fields, including in-case-sensitive matches, are ignored in an undefined order. Note that the YAML specification forbids duplicate fields, so this logic is more permissive than it needs to. See UnmarshalStrict for an alternative.
+// - Unknown fields, i.e. serialized data that do not map to a field in obj, are ignored. Use d.DisallowUnknownFields() or UnmarshalStrict to override.
+// - As per the YAML 1.1 specification, which yaml.v2 used underneath implements, literal 'yes' and 'no' strings without quotation marks will be converted to true/false implicitly.
+// - YAML non-string keys, e.g. ints, bools and floats, are converted to strings implicitly during the YAML to JSON conversion process.
+// - There are no compatibility guarantees for returned error values.
+func Unmarshal(yamlBytes []byte, obj interface{}, opts ...JSONOpt) error {
+ return unmarshal(yamlBytes, obj, yaml.Unmarshal, opts...)
}
-// UnmarshalStrict strictly converts YAML to JSON then uses JSON to unmarshal
-// into an object, optionally configuring the behavior of the JSON unmarshal.
-func UnmarshalStrict(y []byte, o interface{}, opts ...JSONOpt) error {
- return yamlUnmarshal(y, o, true, append(opts, DisallowUnknownFields)...)
+// UnmarshalStrict is similar to Unmarshal (please read its documentation for reference), with the following exceptions:
+//
+// - Duplicate fields in an object yield an error. This is according to the YAML specification.
+// - If obj, or any of its recursive children, is a struct, presence of fields in the serialized data unknown to the struct will yield an error.
+func UnmarshalStrict(yamlBytes []byte, obj interface{}, opts ...JSONOpt) error {
+ return unmarshal(yamlBytes, obj, yaml.UnmarshalStrict, append(opts, DisallowUnknownFields)...)
}
-// yamlUnmarshal unmarshals the given YAML byte stream into the given interface,
+// unmarshal unmarshals the given YAML byte stream into the given interface,
// optionally performing the unmarshalling strictly
-func yamlUnmarshal(y []byte, o interface{}, strict bool, opts ...JSONOpt) error {
- vo := reflect.ValueOf(o)
- unmarshalFn := yaml.Unmarshal
- if strict {
- unmarshalFn = yaml.UnmarshalStrict
- }
- j, err := yamlToJSON(y, &vo, unmarshalFn)
+func unmarshal(yamlBytes []byte, obj interface{}, unmarshalFn func([]byte, interface{}) error, opts ...JSONOpt) error {
+ jsonTarget := reflect.ValueOf(obj)
+
+ jsonBytes, err := yamlToJSONTarget(yamlBytes, &jsonTarget, unmarshalFn)
if err != nil {
- return fmt.Errorf("error converting YAML to JSON: %v", err)
+ return fmt.Errorf("error converting YAML to JSON: %w", err)
}
- err = jsonUnmarshal(bytes.NewReader(j), o, opts...)
+ err = jsonUnmarshal(bytes.NewReader(jsonBytes), obj, opts...)
if err != nil {
- return fmt.Errorf("error unmarshaling JSON: %v", err)
+ return fmt.Errorf("error unmarshaling JSON: %w", err)
}
return nil
@@ -67,21 +86,26 @@ func yamlUnmarshal(y []byte, o interface{}, strict bool, opts ...JSONOpt) error
// object, optionally applying decoder options prior to decoding. We are not
// using json.Unmarshal directly as we want the chance to pass in non-default
// options.
-func jsonUnmarshal(r io.Reader, o interface{}, opts ...JSONOpt) error {
- d := json.NewDecoder(r)
+func jsonUnmarshal(reader io.Reader, obj interface{}, opts ...JSONOpt) error {
+ d := json.NewDecoder(reader)
for _, opt := range opts {
d = opt(d)
}
- if err := d.Decode(&o); err != nil {
+ if err := d.Decode(&obj); err != nil {
return fmt.Errorf("while decoding JSON: %v", err)
}
return nil
}
-// JSONToYAML Converts JSON to YAML.
+// JSONToYAML converts JSON to YAML. Notable implementation details:
+//
+// - Duplicate fields, are case-sensitively ignored in an undefined order.
+// - The sequence indentation style is compact, which means that the "- " marker for a YAML sequence will be on the same indentation level as the sequence field name.
+// - Unlike Unmarshal, all integers, up to 64 bits, are preserved during this round-trip.
func JSONToYAML(j []byte) ([]byte, error) {
// Convert the JSON to an object.
var jsonObj interface{}
+
// We are using yaml.Unmarshal here (instead of json.Unmarshal) because the
// Go JSON library doesn't try to pick the right number type (int, float,
// etc.) when unmarshalling to interface{}, it just picks float64
@@ -93,35 +117,46 @@ func JSONToYAML(j []byte) ([]byte, error) {
}
// Marshal this object into YAML.
- return yaml.Marshal(jsonObj)
+ yamlBytes, err := yaml.Marshal(jsonObj)
+ if err != nil {
+ return nil, err
+ }
+
+ return yamlBytes, nil
}
// YAMLToJSON converts YAML to JSON. Since JSON is a subset of YAML,
// passing JSON through this method should be a no-op.
//
-// Things YAML can do that are not supported by JSON:
-// * In YAML you can have binary and null keys in your maps. These are invalid
-// in JSON. (int and float keys are converted to strings.)
-// * Binary data in YAML with the !!binary tag is not supported. If you want to
-// use binary data with this library, encode the data as base64 as usual but do
-// not use the !!binary tag in your YAML. This will ensure the original base64
-// encoded data makes it all the way through to the JSON.
+// Some things YAML can do that are not supported by JSON:
+// - In YAML you can have binary and null keys in your maps. These are invalid
+// in JSON, and therefore int, bool and float keys are converted to strings implicitly.
+// - Binary data in YAML with the !!binary tag is not supported. If you want to
+// use binary data with this library, encode the data as base64 as usual but do
+// not use the !!binary tag in your YAML. This will ensure the original base64
+// encoded data makes it all the way through to the JSON.
+// - And more... read the YAML specification for more details.
+//
+// Notable about the implementation:
//
-// For strict decoding of YAML, use YAMLToJSONStrict.
+// - Duplicate fields are case-sensitively ignored in an undefined order. Note that the YAML specification forbids duplicate fields, so this logic is more permissive than it needs to. See YAMLToJSONStrict for an alternative.
+// - As per the YAML 1.1 specification, which yaml.v2 used underneath implements, literal 'yes' and 'no' strings without quotation marks will be converted to true/false implicitly.
+// - Unlike Unmarshal, all integers, up to 64 bits, are preserved during this round-trip.
+// - There are no compatibility guarantees for returned error values.
func YAMLToJSON(y []byte) ([]byte, error) {
- return yamlToJSON(y, nil, yaml.Unmarshal)
+ return yamlToJSONTarget(y, nil, yaml.Unmarshal)
}
// YAMLToJSONStrict is like YAMLToJSON but enables strict YAML decoding,
// returning an error on any duplicate field names.
func YAMLToJSONStrict(y []byte) ([]byte, error) {
- return yamlToJSON(y, nil, yaml.UnmarshalStrict)
+ return yamlToJSONTarget(y, nil, yaml.UnmarshalStrict)
}
-func yamlToJSON(y []byte, jsonTarget *reflect.Value, yamlUnmarshal func([]byte, interface{}) error) ([]byte, error) {
+func yamlToJSONTarget(yamlBytes []byte, jsonTarget *reflect.Value, unmarshalFn func([]byte, interface{}) error) ([]byte, error) {
// Convert the YAML to an object.
var yamlObj interface{}
- err := yamlUnmarshal(y, &yamlObj)
+ err := unmarshalFn(yamlBytes, &yamlObj)
if err != nil {
return nil, err
}
@@ -136,7 +171,11 @@ func yamlToJSON(y []byte, jsonTarget *reflect.Value, yamlUnmarshal func([]byte,
}
// Convert this object to JSON and return the data.
- return json.Marshal(jsonObj)
+ jsonBytes, err := json.Marshal(jsonObj)
+ if err != nil {
+ return nil, err
+ }
+ return jsonBytes, nil
}
func convertToJSONableObject(yamlObj interface{}, jsonTarget *reflect.Value) (interface{}, error) {
@@ -147,13 +186,13 @@ func convertToJSONableObject(yamlObj interface{}, jsonTarget *reflect.Value) (in
// decoding into the value, we're just checking if the ultimate target is a
// string.
if jsonTarget != nil {
- ju, tu, pv := indirect(*jsonTarget, false)
+ jsonUnmarshaler, textUnmarshaler, pointerValue := indirect(*jsonTarget, false)
// We have a JSON or Text Umarshaler at this level, so we can't be trying
// to decode into a string.
- if ju != nil || tu != nil {
+ if jsonUnmarshaler != nil || textUnmarshaler != nil {
jsonTarget = nil
} else {
- jsonTarget = &pv
+ jsonTarget = &pointerValue
}
}
@@ -205,7 +244,7 @@ func convertToJSONableObject(yamlObj interface{}, jsonTarget *reflect.Value) (in
keyString = "false"
}
default:
- return nil, fmt.Errorf("Unsupported map key of type: %s, key: %+#v, value: %+#v",
+ return nil, fmt.Errorf("unsupported map key of type: %s, key: %+#v, value: %+#v",
reflect.TypeOf(k), k, v)
}
diff --git a/vendor/sigs.k8s.io/yaml/yaml_go110.go b/vendor/sigs.k8s.io/yaml/yaml_go110.go
index ab3e06a22..94abc1719 100644
--- a/vendor/sigs.k8s.io/yaml/yaml_go110.go
+++ b/vendor/sigs.k8s.io/yaml/yaml_go110.go
@@ -1,7 +1,24 @@
// This file contains changes that are only compatible with go 1.10 and onwards.
+//go:build go1.10
// +build go1.10
+/*
+Copyright 2021 The Kubernetes Authors.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
package yaml
import "encoding/json"