diff --git a/go.mod b/go.mod index db7189358..447727b13 100644 --- a/go.mod +++ b/go.mod @@ -14,10 +14,10 @@ require ( k8s.io/api v0.27.6 k8s.io/apimachinery v0.27.6 k8s.io/client-go v0.27.6 - knative.dev/eventing v0.38.1-0.20231016131100-cf6b140be688 + knative.dev/eventing v0.38.1-0.20231016213247-4a07fdcad340 knative.dev/hack v0.0.0-20231016131700-2c938d4918da - knative.dev/pkg v0.0.0-20231016131056-058f699b3d10 - knative.dev/serving v0.38.1-0.20231014060921-eac93b072bab + knative.dev/pkg v0.0.0-20231016185203-283df0be0668 + knative.dev/serving v0.38.1-0.20231016171859-71085f8936b6 ) require ( diff --git a/go.sum b/go.sum index 0f1674b1a..d981e76fd 100644 --- a/go.sum +++ b/go.sum @@ -717,16 +717,16 @@ k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f h1:2kWPakN3i/k81b0gvD5C5F k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY= k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -knative.dev/eventing v0.38.1-0.20231016131100-cf6b140be688 h1:29nCspSU9rFfieh6N6/tlLsbII7OKhNePvnRSSDpwQ0= -knative.dev/eventing v0.38.1-0.20231016131100-cf6b140be688/go.mod h1:oqW1TAc9aARrSM4/Xf/RQkUxd2/JfBAhdjvd9WXM02A= +knative.dev/eventing v0.38.1-0.20231016213247-4a07fdcad340 h1:eXavtGSbuOK6W3ikuq/DmTZfBtuJkYbD1CUrHvloYGA= +knative.dev/eventing v0.38.1-0.20231016213247-4a07fdcad340/go.mod h1:XD+VAKjISdF6P01vXCmPSCyIMB4zYxoe7JouUpFKrB4= knative.dev/hack v0.0.0-20231016131700-2c938d4918da h1:xy+fvuz2LDOMsZ5UwXRaMF70NYUs9fsG+EF5/ierYBg= knative.dev/hack v0.0.0-20231016131700-2c938d4918da/go.mod h1:yk2OjGDsbEnQjfxdm0/HJKS2WqTLEFg/N6nUs6Rqx3Q= knative.dev/networking v0.0.0-20231012062439-c0863403c83b h1:yGtVPNHek3rmKb50k7G9fG/NuuC4FRzESVrWmPFU9AM= knative.dev/networking v0.0.0-20231012062439-c0863403c83b/go.mod h1:uEvP4spV82HGB8loxo8nH/LGmwsd9jUGWvDVC+tH4O4= -knative.dev/pkg v0.0.0-20231016131056-058f699b3d10 h1:+kam6UYp2ESUkJBTqVO/H69bEWjuP62ts6O4QoC8O4Q= -knative.dev/pkg v0.0.0-20231016131056-058f699b3d10/go.mod h1:khuxKBM4WqjcCIeCIm+4VDNBmzMsl0ZspXGMm5i/fFA= -knative.dev/serving v0.38.1-0.20231014060921-eac93b072bab h1:HrdPRjl+fU1CXwcjaC+GIAClYI3g8sUBvU00qNjpSvM= -knative.dev/serving v0.38.1-0.20231014060921-eac93b072bab/go.mod h1:L5J0O7KEgLIIurl2c8bwhrGbaqyZTjGHNy1pEIKxkCE= +knative.dev/pkg v0.0.0-20231016185203-283df0be0668 h1:rYlTKNUZbMsSHQID0A7sZbrtXlD+REKN6F94ceMnA5c= +knative.dev/pkg v0.0.0-20231016185203-283df0be0668/go.mod h1:khuxKBM4WqjcCIeCIm+4VDNBmzMsl0ZspXGMm5i/fFA= +knative.dev/serving v0.38.1-0.20231016171859-71085f8936b6 h1:BUPO81z3MskWXxhAdzvxCWNiWeeNWYtS1hi6SWWv0ec= +knative.dev/serving v0.38.1-0.20231016171859-71085f8936b6/go.mod h1:q+JCvAyrwwij/xQWUMA4bLI/0oJd+iO4lRwxPQIWaBY= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/vendor/knative.dev/eventing/pkg/apis/eventing/v1/test_helper.go b/vendor/knative.dev/eventing/pkg/apis/eventing/v1/test_helper.go index 31c2c51c8..9775f84dd 100644 --- a/vendor/knative.dev/eventing/pkg/apis/eventing/v1/test_helper.go +++ b/vendor/knative.dev/eventing/pkg/apis/eventing/v1/test_helper.go @@ -53,6 +53,7 @@ func (testHelper) ReadySubscriptionStatus() *messagingv1.SubscriptionStatus { ss.MarkChannelReady() ss.MarkReferencesResolved() ss.MarkAddedToChannel() + ss.MarkOIDCIdentityCreatedSucceeded() return ss } diff --git a/vendor/knative.dev/eventing/pkg/apis/messaging/v1/subscription_lifecycle.go b/vendor/knative.dev/eventing/pkg/apis/messaging/v1/subscription_lifecycle.go index 1f826e19a..b6be048fe 100644 --- a/vendor/knative.dev/eventing/pkg/apis/messaging/v1/subscription_lifecycle.go +++ b/vendor/knative.dev/eventing/pkg/apis/messaging/v1/subscription_lifecycle.go @@ -22,7 +22,7 @@ import ( // SubCondSet is a condition set with Ready as the happy condition and // ReferencesResolved and ChannelReady as the dependent conditions. -var SubCondSet = apis.NewLivingConditionSet(SubscriptionConditionReferencesResolved, SubscriptionConditionAddedToChannel, SubscriptionConditionChannelReady) +var SubCondSet = apis.NewLivingConditionSet(SubscriptionConditionReferencesResolved, SubscriptionConditionAddedToChannel, SubscriptionConditionChannelReady, SubscriptionConditionOIDCIdentityCreated) const ( // SubscriptionConditionReady has status True when all subconditions below have been set to True. @@ -37,6 +37,8 @@ const ( // SubscriptionConditionChannelReady has status True when the channel has marked the subscriber as 'ready' SubscriptionConditionChannelReady apis.ConditionType = "ChannelReady" + + SubscriptionConditionOIDCIdentityCreated apis.ConditionType = "OIDCIdentityCreated" ) // GetConditionSet retrieves the condition set for this resource. Implements the KRShaped interface. @@ -113,3 +115,19 @@ func (ss *SubscriptionStatus) MarkChannelUnknown(reason, messageFormat string, m func (ss *SubscriptionStatus) MarkNotAddedToChannel(reason, messageFormat string, messageA ...interface{}) { SubCondSet.Manage(ss).MarkFalse(SubscriptionConditionAddedToChannel, reason, messageFormat, messageA...) } + +func (ss *SubscriptionStatus) MarkOIDCIdentityCreatedSucceeded() { + SubCondSet.Manage(ss).MarkTrue(SubscriptionConditionOIDCIdentityCreated) +} + +func (ss *SubscriptionStatus) MarkOIDCIdentityCreatedSucceededWithReason(reason, messageFormat string, messageA ...interface{}) { + SubCondSet.Manage(ss).MarkTrueWithReason(SubscriptionConditionOIDCIdentityCreated, reason, messageFormat, messageA...) +} + +func (ss *SubscriptionStatus) MarkOIDCIdentityCreatedFailed(reason, messageFormat string, messageA ...interface{}) { + SubCondSet.Manage(ss).MarkFalse(SubscriptionConditionOIDCIdentityCreated, reason, messageFormat, messageA...) +} + +func (ss *SubscriptionStatus) MarkOIDCIdentityCreatedUnknown(reason, messageFormat string, messageA ...interface{}) { + SubCondSet.Manage(ss).MarkUnknown(SubscriptionConditionOIDCIdentityCreated, reason, messageFormat, messageA...) +} diff --git a/vendor/knative.dev/eventing/pkg/apis/sources/v1/apiserver_lifecycle.go b/vendor/knative.dev/eventing/pkg/apis/sources/v1/apiserver_lifecycle.go index 5b8f5d1e3..70d0f7674 100644 --- a/vendor/knative.dev/eventing/pkg/apis/sources/v1/apiserver_lifecycle.go +++ b/vendor/knative.dev/eventing/pkg/apis/sources/v1/apiserver_lifecycle.go @@ -37,12 +37,16 @@ const ( // ApiServerConditionSufficientPermissions has status True when the ApiServerSource has sufficient permissions to access resources. ApiServerConditionSufficientPermissions apis.ConditionType = "SufficientPermissions" + + // ApiServerConditionOIDCIdentityCreated has status True when the ApiServerSource has created an OIDC identity. + ApiServerConditionOIDCIdentityCreated apis.ConditionType = "OIDCIdentityCreated" ) var apiserverCondSet = apis.NewLivingConditionSet( ApiServerConditionSinkProvided, ApiServerConditionDeployed, ApiServerConditionSufficientPermissions, + ApiServerConditionOIDCIdentityCreated, ) // GetConditionSet retrieves the condition set for this resource. Implements the KRShaped interface. @@ -126,3 +130,19 @@ func (s *ApiServerSourceStatus) MarkNoSufficientPermissions(reason, messageForma func (s *ApiServerSourceStatus) IsReady() bool { return apiserverCondSet.Manage(s).IsHappy() } + +func (s *ApiServerSourceStatus) MarkOIDCIdentityCreatedSucceeded() { + apiserverCondSet.Manage(s).MarkTrue(ApiServerConditionOIDCIdentityCreated) +} + +func (s *ApiServerSourceStatus) MarkOIDCIdentityCreatedSucceededWithReason(reason, messageFormat string, messageA ...interface{}) { + apiserverCondSet.Manage(s).MarkTrueWithReason(ApiServerConditionOIDCIdentityCreated, reason, messageFormat, messageA...) +} + +func (s *ApiServerSourceStatus) MarkOIDCIdentityCreatedFailed(reason, messageFormat string, messageA ...interface{}) { + apiserverCondSet.Manage(s).MarkFalse(ApiServerConditionOIDCIdentityCreated, reason, messageFormat, messageA...) +} + +func (s *ApiServerSourceStatus) MarkOIDCIdentityCreatedUnknown(reason, messageFormat string, messageA ...interface{}) { + apiserverCondSet.Manage(s).MarkUnknown(ApiServerConditionOIDCIdentityCreated, reason, messageFormat, messageA...) +} diff --git a/vendor/knative.dev/pkg/environment/client_config.go b/vendor/knative.dev/pkg/environment/client_config.go index 0b51857aa..aef33927e 100644 --- a/vendor/knative.dev/pkg/environment/client_config.go +++ b/vendor/knative.dev/pkg/environment/client_config.go @@ -44,12 +44,8 @@ func (c *ClientConfig) InitFlags(fs *flag.FlagSet) { fs.StringVar(&c.ServerURL, "server", "", "The address of the Kubernetes API server. Overrides any value in kubeconfig. Only required if out-of-cluster.") - if f := fs.Lookup("kubeconfig"); f != nil { - c.Kubeconfig = f.Value.String() - } else { - fs.StringVar(&c.Kubeconfig, "kubeconfig", os.Getenv("KUBECONFIG"), - "Path to a kubeconfig. Only required if out-of-cluster.") - } + fs.StringVar(&c.Kubeconfig, "kubeconfig", os.Getenv("KUBECONFIG"), + "Path to a kubeconfig. Only required if out-of-cluster.") fs.IntVar(&c.Burst, "kube-api-burst", int(envVarOrDefault("KUBE_API_BURST", 0)), "Maximum burst for throttle.") diff --git a/vendor/knative.dev/pkg/network/h2c.go b/vendor/knative.dev/pkg/network/h2c.go index ebf1ee8a2..e1671233d 100644 --- a/vendor/knative.dev/pkg/network/h2c.go +++ b/vendor/knative.dev/pkg/network/h2c.go @@ -59,13 +59,11 @@ func newH2CTransport(disableCompression bool) http.RoundTripper { // newH2Transport constructs a neew H2 transport. That transport will handles HTTPS traffic // with TLS config. -func newH2Transport(disableCompression bool, tlsConf *tls.Config) http.RoundTripper { +func newH2Transport(disableCompression bool, tlsContext DialTLSContextFunc) http.RoundTripper { return &http2.Transport{ DisableCompression: disableCompression, - DialTLS: func(netw, addr string, tlsConf *tls.Config) (net.Conn, error) { - return DialTLSWithBackOff(context.Background(), - netw, addr, tlsConf) + DialTLSContext: func(ctx context.Context, network, addr string, cfg *tls.Config) (net.Conn, error) { + return tlsContext(ctx, network, addr) }, - TLSClientConfig: tlsConf, } } diff --git a/vendor/knative.dev/pkg/network/transports.go b/vendor/knative.dev/pkg/network/transports.go index d48cd6215..1e9c6c219 100644 --- a/vendor/knative.dev/pkg/network/transports.go +++ b/vendor/knative.dev/pkg/network/transports.go @@ -127,16 +127,17 @@ func newHTTPTransport(disableKeepAlives, disableCompression bool, maxIdle, maxId return transport } -func newHTTPSTransport(disableKeepAlives, disableCompression bool, maxIdle, maxIdlePerHost int, tlsConf *tls.Config) http.RoundTripper { +type DialTLSContextFunc func(ctx context.Context, network, addr string) (net.Conn, error) + +func newHTTPSTransport(disableKeepAlives, disableCompression bool, maxIdle, maxIdlePerHost int, tlsContext DialTLSContextFunc) http.RoundTripper { transport := http.DefaultTransport.(*http.Transport).Clone() - transport.DialContext = DialWithBackOff transport.DisableKeepAlives = disableKeepAlives transport.MaxIdleConns = maxIdle transport.MaxIdleConnsPerHost = maxIdlePerHost transport.ForceAttemptHTTP2 = false transport.DisableCompression = disableCompression + transport.DialTLSContext = tlsContext - transport.TLSClientConfig = tlsConf return transport } @@ -148,11 +149,11 @@ func NewProberTransport() http.RoundTripper { NewH2CTransport()) } -// NewProxyAutoTLSTransport is same with NewProxyAutoTransport but it has tls.Config to create HTTPS request. -func NewProxyAutoTLSTransport(maxIdle, maxIdlePerHost int, tlsConf *tls.Config) http.RoundTripper { +// NewProxyAutoTLSTransport is same with NewProxyAutoTransport but it has DialTLSContextFunc to create HTTPS request. +func NewProxyAutoTLSTransport(maxIdle, maxIdlePerHost int, tlsContext DialTLSContextFunc) http.RoundTripper { return newAutoTransport( - newHTTPSTransport(false /*disable keep-alives*/, true /*disable auto-compression*/, maxIdle, maxIdlePerHost, tlsConf), - newH2Transport(true /*disable auto-compression*/, tlsConf)) + newHTTPSTransport(false /*disable keep-alives*/, true /*disable auto-compression*/, maxIdle, maxIdlePerHost, tlsContext), + newH2Transport(true /*disable auto-compression*/, tlsContext)) } // NewAutoTransport creates a RoundTripper that can use appropriate transport diff --git a/vendor/modules.txt b/vendor/modules.txt index ef9406e68..c520809a9 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -967,7 +967,7 @@ k8s.io/utils/net k8s.io/utils/pointer k8s.io/utils/strings/slices k8s.io/utils/trace -# knative.dev/eventing v0.38.1-0.20231016131100-cf6b140be688 +# knative.dev/eventing v0.38.1-0.20231016213247-4a07fdcad340 ## explicit; go 1.19 knative.dev/eventing/pkg/adapter/v2 knative.dev/eventing/pkg/adapter/v2/test @@ -1022,7 +1022,7 @@ knative.dev/hack knative.dev/networking/pkg/apis/networking knative.dev/networking/pkg/apis/networking/v1alpha1 knative.dev/networking/pkg/config -# knative.dev/pkg v0.0.0-20231016131056-058f699b3d10 +# knative.dev/pkg v0.0.0-20231016185203-283df0be0668 ## explicit; go 1.18 knative.dev/pkg/apis knative.dev/pkg/apis/duck @@ -1086,7 +1086,7 @@ knative.dev/pkg/webhook/psbinding knative.dev/pkg/webhook/resourcesemantics knative.dev/pkg/webhook/resourcesemantics/defaulting knative.dev/pkg/webhook/resourcesemantics/validation -# knative.dev/serving v0.38.1-0.20231014060921-eac93b072bab +# knative.dev/serving v0.38.1-0.20231016171859-71085f8936b6 ## explicit; go 1.18 knative.dev/serving/pkg/apis/autoscaling knative.dev/serving/pkg/apis/autoscaling/v1alpha1