diff --git a/go.mod b/go.mod index e7603f260..7fbd98018 100644 --- a/go.mod +++ b/go.mod @@ -14,10 +14,10 @@ require ( k8s.io/api v0.29.2 k8s.io/apimachinery v0.29.2 k8s.io/client-go v0.29.2 - knative.dev/eventing v0.40.1-0.20240404013432-ce5b77fc2d0c + knative.dev/eventing v0.40.1-0.20240408154446-84115ea9bf55 knative.dev/hack v0.0.0-20240404013450-1133b37da8d7 - knative.dev/pkg v0.0.0-20240404013351-5d4af76051e4 - knative.dev/serving v0.40.1-0.20240403153127-d96d39fefa6b + knative.dev/pkg v0.0.0-20240408131417-094f1527d5fc + knative.dev/serving v0.40.1-0.20240405120759-7e7bd93a8ea5 ) require ( @@ -68,7 +68,7 @@ require ( github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_golang v1.19.0 // indirect github.com/prometheus/client_model v0.6.0 // indirect - github.com/prometheus/common v0.51.1 // indirect + github.com/prometheus/common v0.52.2 // indirect github.com/prometheus/procfs v0.12.0 // indirect github.com/prometheus/statsd_exporter v0.22.7 // indirect github.com/rickb777/date v1.13.0 // indirect @@ -81,7 +81,7 @@ require ( golang.org/x/crypto v0.21.0 // indirect golang.org/x/mod v0.16.0 // indirect golang.org/x/net v0.22.0 // indirect - golang.org/x/sync v0.6.0 // indirect + golang.org/x/sync v0.7.0 // indirect golang.org/x/sys v0.18.0 // indirect golang.org/x/term v0.18.0 // indirect golang.org/x/text v0.14.0 // indirect diff --git a/go.sum b/go.sum index f0f154da9..a45608ba0 100644 --- a/go.sum +++ b/go.sum @@ -292,8 +292,8 @@ github.com/prometheus/client_model v0.6.0 h1:k1v3CzpSRUTrKMppY35TLwPvxHqBu0bYgxZ github.com/prometheus/client_model v0.6.0/go.mod h1:NTQHnmxFpouOD0DpvP4XujX3CdOAGQPoaGhyTchlyt8= github.com/prometheus/common v0.26.0/go.mod h1:M7rCNAaPfAosfx8veZJCuw84e35h3Cfd9VFqTh1DIvc= github.com/prometheus/common v0.35.0/go.mod h1:phzohg0JFMnBEFGxTDbfu3QyL5GI8gTQJFhYO5B3mfA= -github.com/prometheus/common v0.51.1 h1:eIjN50Bwglz6a/c3hAgSMcofL3nD+nFQkV6Dd4DsQCw= -github.com/prometheus/common v0.51.1/go.mod h1:lrWtQx+iDfn2mbH5GUzlH9TSHyfZpHkSiG1W7y3sF2Q= +github.com/prometheus/common v0.52.2 h1:LW8Vk7BccEdONfrJBDffQGRtpSzi5CQaRZGtboOO2ck= +github.com/prometheus/common v0.52.2/go.mod h1:lrWtQx+iDfn2mbH5GUzlH9TSHyfZpHkSiG1W7y3sF2Q= github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.7.3/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= @@ -458,8 +458,8 @@ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= -golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -724,16 +724,16 @@ k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 h1:aVUu9fTY98ivBPKR9Y5w/A k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00/go.mod h1:AsvuZPBlUDVuCdzJ87iajxtXuR9oktsTctW/R9wwouA= k8s.io/utils v0.0.0-20240102154912-e7106e64919e h1:eQ/4ljkx21sObifjzXwlPKpdGLrCfRziVtos3ofG/sQ= k8s.io/utils v0.0.0-20240102154912-e7106e64919e/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -knative.dev/eventing v0.40.1-0.20240404013432-ce5b77fc2d0c h1:qiozZFJJIXyueLQBMzHsh6YTX35jtSaTnE2UvU/xs6A= -knative.dev/eventing v0.40.1-0.20240404013432-ce5b77fc2d0c/go.mod h1:Umttu3AD7G9KeycYRmdvk/SOIiHEuuyyQUSwFDiZd9Q= +knative.dev/eventing v0.40.1-0.20240408154446-84115ea9bf55 h1:35TesJrsJ+enfIdM/1YFMZdG60kJb0ie/oqongYG8TA= +knative.dev/eventing v0.40.1-0.20240408154446-84115ea9bf55/go.mod h1:Umttu3AD7G9KeycYRmdvk/SOIiHEuuyyQUSwFDiZd9Q= knative.dev/hack v0.0.0-20240404013450-1133b37da8d7 h1:fkWYWvdHm1mVHevKW2vVJnZtxH0NzOlux8imesweKwE= knative.dev/hack v0.0.0-20240404013450-1133b37da8d7/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= knative.dev/networking v0.0.0-20240329112016-75762caf9e15 h1:AXfadR7ULrSY10o8oaz2bEevGCg034rMb8c7Zdwc9Ac= knative.dev/networking v0.0.0-20240329112016-75762caf9e15/go.mod h1:g/w0osd9bivSJjKwB0aL6KsjRBTQjk+bDFc9/qYUIQY= -knative.dev/pkg v0.0.0-20240404013351-5d4af76051e4 h1:o/LIW1Ph+e5ik9TMu2GsHxSouUkc4vMCdPcv2izsqKs= -knative.dev/pkg v0.0.0-20240404013351-5d4af76051e4/go.mod h1:086p4jjTy1KCaL2uoznjgh+kKVp0Vk2hh4yagpbUhOA= -knative.dev/serving v0.40.1-0.20240403153127-d96d39fefa6b h1:j/8Cvr4+1r6qOOh45U5S/64ZUuxEaos2eH8iuPx54CE= -knative.dev/serving v0.40.1-0.20240403153127-d96d39fefa6b/go.mod h1:ofeMebvmncSIYjVetdsjcGp+EisLFVVnWM7m7nI9EjY= +knative.dev/pkg v0.0.0-20240408131417-094f1527d5fc h1:JB3L6YFH48fptMmRncVyuFc75ypRXEwJNJ99jxL+Ih0= +knative.dev/pkg v0.0.0-20240408131417-094f1527d5fc/go.mod h1:h+gNAom49pdzdVcO8hsKjyqSr+TwCWFs0Yr5NwfKNCc= +knative.dev/serving v0.40.1-0.20240405120759-7e7bd93a8ea5 h1:7A2gvA9RdmvjNvB3dDTIPuW8uol4Q7uts/kACbQuFJs= +knative.dev/serving v0.40.1-0.20240405120759-7e7bd93a8ea5/go.mod h1:ofeMebvmncSIYjVetdsjcGp+EisLFVVnWM7m7nI9EjY= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/vendor/github.com/prometheus/common/expfmt/decode.go b/vendor/github.com/prometheus/common/expfmt/decode.go index b2b89b017..25cfaa216 100644 --- a/vendor/github.com/prometheus/common/expfmt/decode.go +++ b/vendor/github.com/prometheus/common/expfmt/decode.go @@ -75,14 +75,14 @@ func ResponseFormat(h http.Header) Format { func NewDecoder(r io.Reader, format Format) Decoder { switch format.FormatType() { case TypeProtoDelim: - return &protoDecoder{r: r} + return &protoDecoder{r: bufio.NewReader(r)} } return &textDecoder{r: r} } // protoDecoder implements the Decoder interface for protocol buffers. type protoDecoder struct { - r io.Reader + r protodelim.Reader } // Decode implements the Decoder interface. @@ -90,7 +90,7 @@ func (d *protoDecoder) Decode(v *dto.MetricFamily) error { opts := protodelim.UnmarshalOptions{ MaxSize: -1, } - if err := opts.UnmarshalFrom(bufio.NewReader(d.r), v); err != nil { + if err := opts.UnmarshalFrom(d.r, v); err != nil { return err } if !model.IsValidMetricName(model.LabelValue(v.GetName())) { diff --git a/vendor/golang.org/x/sync/semaphore/semaphore.go b/vendor/golang.org/x/sync/semaphore/semaphore.go index 30f632c57..b618162aa 100644 --- a/vendor/golang.org/x/sync/semaphore/semaphore.go +++ b/vendor/golang.org/x/sync/semaphore/semaphore.go @@ -35,11 +35,25 @@ type Weighted struct { // Acquire acquires the semaphore with a weight of n, blocking until resources // are available or ctx is done. On success, returns nil. On failure, returns // ctx.Err() and leaves the semaphore unchanged. -// -// If ctx is already done, Acquire may still succeed without blocking. func (s *Weighted) Acquire(ctx context.Context, n int64) error { + done := ctx.Done() + s.mu.Lock() + select { + case <-done: + // ctx becoming done has "happened before" acquiring the semaphore, + // whether it became done before the call began or while we were + // waiting for the mutex. We prefer to fail even if we could acquire + // the mutex without blocking. + s.mu.Unlock() + return ctx.Err() + default: + } if s.size-s.cur >= n && s.waiters.Len() == 0 { + // Since we hold s.mu and haven't synchronized since checking done, if + // ctx becomes done before we return here, it becoming done must have + // "happened concurrently" with this call - it cannot "happen before" + // we return in this branch. So, we're ok to always acquire here. s.cur += n s.mu.Unlock() return nil @@ -48,7 +62,7 @@ func (s *Weighted) Acquire(ctx context.Context, n int64) error { if n > s.size { // Don't make other Acquire calls block on one that's doomed to fail. s.mu.Unlock() - <-ctx.Done() + <-done return ctx.Err() } @@ -58,14 +72,14 @@ func (s *Weighted) Acquire(ctx context.Context, n int64) error { s.mu.Unlock() select { - case <-ctx.Done(): - err := ctx.Err() + case <-done: s.mu.Lock() select { case <-ready: - // Acquired the semaphore after we were canceled. Rather than trying to - // fix up the queue, just pretend we didn't notice the cancelation. - err = nil + // Acquired the semaphore after we were canceled. + // Pretend we didn't and put the tokens back. + s.cur -= n + s.notifyWaiters() default: isFront := s.waiters.Front() == elem s.waiters.Remove(elem) @@ -75,9 +89,19 @@ func (s *Weighted) Acquire(ctx context.Context, n int64) error { } } s.mu.Unlock() - return err + return ctx.Err() case <-ready: + // Acquired the semaphore. Check that ctx isn't already done. + // We check the done channel instead of calling ctx.Err because we + // already have the channel, and ctx.Err is O(n) with the nesting + // depth of ctx. + select { + case <-done: + s.Release(n) + return ctx.Err() + default: + } return nil } } diff --git a/vendor/knative.dev/eventing/pkg/eventingtls/trust_bundle.go b/vendor/knative.dev/eventing/pkg/eventingtls/trust_bundle.go index 583d2afc4..b867c9a1b 100644 --- a/vendor/knative.dev/eventing/pkg/eventingtls/trust_bundle.go +++ b/vendor/knative.dev/eventing/pkg/eventingtls/trust_bundle.go @@ -34,27 +34,27 @@ import ( ) const ( + // TrustBundleLabelKey is the label key for trust bundles configmaps. + TrustBundleLabelKey = "networking.knative.dev/trust-bundle" + // TrustBundleLabelValue is the label value for trust bundles configmaps. + TrustBundleLabelValue = "true" // TrustBundleLabelSelector is the ConfigMap label selector for trust bundles. - TrustBundleLabelSelector = "networking.knative.dev/trust-bundle=true" + TrustBundleLabelSelector = TrustBundleLabelKey + "=" + TrustBundleLabelValue TrustBundleMountPath = "/knative-custom-certs" TrustBundleVolumeNamePrefix = "kne-bundle-" + + TrustBundleConfigMapNameSuffix = "kne-bundle" ) var ( // TrustBundleSelector is a selector for trust bundle ConfigMaps. - TrustBundleSelector labels.Selector + TrustBundleSelector = labels.SelectorFromSet(map[string]string{ + TrustBundleLabelKey: TrustBundleLabelValue, + }) ) -func init() { - var err error - TrustBundleSelector, err = labels.Parse(TrustBundleLabelSelector) - if err != nil { - panic(err) - } -} - // PropagateTrustBundles propagates Trust bundles ConfigMaps from the system.Namespace() to the // obj namespace. func PropagateTrustBundles(ctx context.Context, k8s kubernetes.Interface, trustBundleConfigMapLister corev1listers.ConfigMapLister, gvk schema.GroupVersionKind, obj kmeta.Accessor) error { @@ -77,10 +77,11 @@ func PropagateTrustBundles(ctx context.Context, k8s kubernetes.Interface, trustB state := make(map[string]Pair, len(systemNamespaceBundles)+len(userNamespaceBundles)) for _, cm := range systemNamespaceBundles { - if p, ok := state[cm.Name]; !ok { - state[cm.Name] = Pair{sysCM: cm} + name := userCMName(cm.Name) + if p, ok := state[name]; !ok { + state[name] = Pair{sysCM: cm} } else { - state[cm.Name] = Pair{ + state[name] = Pair{ sysCM: cm, userCm: p.userCm, } @@ -101,18 +102,31 @@ func PropagateTrustBundles(ctx context.Context, k8s kubernetes.Interface, trustB for _, p := range state { if p.sysCM == nil { - if err := deleteConfigMap(ctx, k8s, obj, p.userCm); err != nil { - return err + + expectedOr := metav1.OwnerReference{ + APIVersion: gvk.GroupVersion().String(), + Kind: gvk.Kind, + Name: obj.GetName(), + } + + for _, or := range p.userCm.OwnerReferences { + if equality.Semantic.DeepDerivative(expectedOr, or) { + if err := deleteConfigMap(ctx, k8s, obj, p.userCm); err != nil { + return err + } + } } + continue } expected := &corev1.ConfigMap{ ObjectMeta: metav1.ObjectMeta{ - Name: p.sysCM.Name, - Namespace: obj.GetNamespace(), - Labels: p.sysCM.Labels, - Annotations: p.sysCM.Annotations, + Name: userCMName(p.sysCM.Name), + Namespace: obj.GetNamespace(), + Labels: map[string]string{ + TrustBundleLabelKey: TrustBundleLabelValue, + }, }, Data: p.sysCM.Data, BinaryData: p.sysCM.BinaryData, @@ -284,3 +298,7 @@ func createConfigMap(ctx context.Context, k8s kubernetes.Interface, expected *co } return nil } + +func userCMName(name string) string { + return kmeta.ChildName(name, TrustBundleConfigMapNameSuffix) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 9033a502e..83563d5ea 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -211,7 +211,7 @@ github.com/prometheus/client_golang/prometheus/promhttp # github.com/prometheus/client_model v0.6.0 ## explicit; go 1.19 github.com/prometheus/client_model/go -# github.com/prometheus/common v0.51.1 +# github.com/prometheus/common v0.52.2 ## explicit; go 1.21 github.com/prometheus/common/expfmt github.com/prometheus/common/internal/bitbucket.org/ww/goautoneg @@ -311,7 +311,7 @@ golang.org/x/net/trace ## explicit; go 1.18 golang.org/x/oauth2 golang.org/x/oauth2/internal -# golang.org/x/sync v0.6.0 +# golang.org/x/sync v0.7.0 ## explicit; go 1.18 golang.org/x/sync/errgroup golang.org/x/sync/semaphore @@ -974,7 +974,7 @@ k8s.io/utils/pointer k8s.io/utils/ptr k8s.io/utils/strings/slices k8s.io/utils/trace -# knative.dev/eventing v0.40.1-0.20240404013432-ce5b77fc2d0c +# knative.dev/eventing v0.40.1-0.20240408154446-84115ea9bf55 ## explicit; go 1.21 knative.dev/eventing/pkg/adapter/v2 knative.dev/eventing/pkg/adapter/v2/test @@ -1033,7 +1033,7 @@ knative.dev/hack knative.dev/networking/pkg/apis/networking knative.dev/networking/pkg/apis/networking/v1alpha1 knative.dev/networking/pkg/config -# knative.dev/pkg v0.0.0-20240404013351-5d4af76051e4 +# knative.dev/pkg v0.0.0-20240408131417-094f1527d5fc ## explicit; go 1.21 knative.dev/pkg/apis knative.dev/pkg/apis/duck @@ -1097,7 +1097,7 @@ knative.dev/pkg/webhook/psbinding knative.dev/pkg/webhook/resourcesemantics knative.dev/pkg/webhook/resourcesemantics/defaulting knative.dev/pkg/webhook/resourcesemantics/validation -# knative.dev/serving v0.40.1-0.20240403153127-d96d39fefa6b +# knative.dev/serving v0.40.1-0.20240405120759-7e7bd93a8ea5 ## explicit; go 1.21 knative.dev/serving/pkg/apis/autoscaling knative.dev/serving/pkg/apis/autoscaling/v1alpha1