diff --git a/go.mod b/go.mod index 7c18b13c..b122e9fe 100644 --- a/go.mod +++ b/go.mod @@ -10,6 +10,6 @@ require ( k8s.io/client-go v0.23.5 k8s.io/code-generator v0.23.5 k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 - knative.dev/hack v0.0.0-20220407171644-0e0784b13cef - knative.dev/pkg v0.0.0-20220407210145-4d62e1dbb943 + knative.dev/hack v0.0.0-20220411131823-6ffd8417de7c + knative.dev/pkg v0.0.0-20220411234407-00c122e376d0 ) diff --git a/go.sum b/go.sum index 8649cd61..940180e9 100644 --- a/go.sum +++ b/go.sum @@ -1148,10 +1148,10 @@ k8s.io/utils v0.0.0-20211116205334-6203023598ed/go.mod h1:jPW/WVKK9YHAvNhRxK0md/ k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9 h1:HNSDgDCrr/6Ly3WEGKZftiE7IY19Vz2GdbOCyI4qqhc= k8s.io/utils v0.0.0-20220210201930-3a6ce19ff2f9/go.mod h1:jPW/WVKK9YHAvNhRxK0md/EJ228hCsBRufyofKtW8HA= knative.dev/hack v0.0.0-20220328133751-f06773764ce3/go.mod h1:PHt8x8yX5Z9pPquBEfIj0X66f8iWkWfR0S/sarACJrI= -knative.dev/hack v0.0.0-20220407171644-0e0784b13cef h1:tIBTdo8Ui1oVYyaQV9kup1qA3Rp9YQosS7c5fhjHnMc= -knative.dev/hack v0.0.0-20220407171644-0e0784b13cef/go.mod h1:PHt8x8yX5Z9pPquBEfIj0X66f8iWkWfR0S/sarACJrI= -knative.dev/pkg v0.0.0-20220407210145-4d62e1dbb943 h1:eE0lLLThHkvWWqycAiJmyIIOMMeBVjZkFQTffoWLEJU= -knative.dev/pkg v0.0.0-20220407210145-4d62e1dbb943/go.mod h1:0A5D5tOLettuVoi5x+0SLGRfrvVemXXtLH247WupPJk= +knative.dev/hack v0.0.0-20220411131823-6ffd8417de7c h1:aXsFXeky/GccNQxwf72CS4NR3EoqTqsCVNKQnblfwr0= +knative.dev/hack v0.0.0-20220411131823-6ffd8417de7c/go.mod h1:PHt8x8yX5Z9pPquBEfIj0X66f8iWkWfR0S/sarACJrI= +knative.dev/pkg v0.0.0-20220411234407-00c122e376d0 h1:dY5DItNU5gQGFddsxkGQvBt4Zu1cZWE7irhNV9rYHpU= +knative.dev/pkg v0.0.0-20220411234407-00c122e376d0/go.mod h1:0A5D5tOLettuVoi5x+0SLGRfrvVemXXtLH247WupPJk= pgregory.net/rapid v0.3.3/go.mod h1:UYpPVyjFHzYBGHIxLFoupi8vwk6rXNzRY9OMvVxFIOU= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= diff --git a/vendor/knative.dev/pkg/hack/update-codegen.sh b/vendor/knative.dev/pkg/hack/update-codegen.sh index 970a5af8..121b7c80 100644 --- a/vendor/knative.dev/pkg/hack/update-codegen.sh +++ b/vendor/knative.dev/pkg/hack/update-codegen.sh @@ -51,7 +51,7 @@ EXTERNAL_INFORMER_PKG="k8s.io/client-go/informers" \ k8s.io/api \ "${K8S_TYPES}" \ --go-header-file ${REPO_ROOT_DIR}/hack/boilerplate/boilerplate.go.txt \ - --force-genreconciler-kinds "Namespace,Deployment,Secret,Pod,CronJob,NetworkPolicy" + --force-genreconciler-kinds "Namespace,ConfigMap,Deployment,Secret,Pod,CronJob,NetworkPolicy" OUTPUT_PKG="knative.dev/pkg/client/injection/apiextensions" \ VERSIONED_CLIENTSET_PKG="k8s.io/apiextensions-apiserver/pkg/client/clientset/clientset" \ diff --git a/vendor/knative.dev/pkg/network/h2c.go b/vendor/knative.dev/pkg/network/h2c.go index f950b9c3..6cc0fa73 100644 --- a/vendor/knative.dev/pkg/network/h2c.go +++ b/vendor/knative.dev/pkg/network/h2c.go @@ -54,3 +54,16 @@ func newH2CTransport(disableCompression bool) http.RoundTripper { }, } } + +// newH2Transport constructs a neew H2 transport. That transport will handles HTTPS traffic +// with TLS config. +func newH2Transport(disableCompression bool, tlsConf *tls.Config) http.RoundTripper { + return &http2.Transport{ + DisableCompression: disableCompression, + DialTLS: func(netw, addr string, tlsConf *tls.Config) (net.Conn, error) { + return DialTLSWithBackOff(context.Background(), + netw, addr, tlsConf) + }, + TLSClientConfig: tlsConf, + } +} diff --git a/vendor/knative.dev/pkg/network/transports.go b/vendor/knative.dev/pkg/network/transports.go index 26ce8239..d96eda11 100644 --- a/vendor/knative.dev/pkg/network/transports.go +++ b/vendor/knative.dev/pkg/network/transports.go @@ -18,6 +18,7 @@ package network import ( "context" + "crypto/tls" "errors" "fmt" "net" @@ -45,7 +46,7 @@ func newAutoTransport(v1, v2 http.RoundTripper) http.RoundTripper { }) } -const sleepTO = 30 * time.Millisecond +const sleep = 30 * time.Millisecond var backOffTemplate = wait.Backoff{ Duration: 50 * time.Millisecond, @@ -63,11 +64,21 @@ var DialWithBackOff = NewBackoffDialer(backOffTemplate) // between tries. func NewBackoffDialer(backoffConfig wait.Backoff) func(context.Context, string, string) (net.Conn, error) { return func(ctx context.Context, network, address string) (net.Conn, error) { - return dialBackOffHelper(ctx, network, address, backoffConfig, sleepTO) + return dialBackOffHelper(ctx, network, address, backoffConfig, nil) } } -func dialBackOffHelper(ctx context.Context, network, address string, bo wait.Backoff, sleep time.Duration) (net.Conn, error) { +// DialTLSWithBackOff is same with DialWithBackOff but takes tls config. +var DialTLSWithBackOff = NewTLSBackoffDialer(backOffTemplate) + +// NewTLSBackoffDialer is same with NewBackoffDialer but takes tls config. +func NewTLSBackoffDialer(backoffConfig wait.Backoff) func(context.Context, string, string, *tls.Config) (net.Conn, error) { + return func(ctx context.Context, network, address string, tlsConf *tls.Config) (net.Conn, error) { + return dialBackOffHelper(ctx, network, address, backoffConfig, tlsConf) + } +} + +func dialBackOffHelper(ctx context.Context, network, address string, bo wait.Backoff, tlsConf *tls.Config) (net.Conn, error) { dialer := &net.Dialer{ Timeout: bo.Duration, // Initial duration. KeepAlive: 5 * time.Second, @@ -75,7 +86,15 @@ func dialBackOffHelper(ctx context.Context, network, address string, bo wait.Bac } start := time.Now() for { - c, err := dialer.DialContext(ctx, network, address) + var ( + c net.Conn + err error + ) + if tlsConf == nil { + c, err = dialer.DialContext(ctx, network, address) + } else { + c, err = tls.DialWithDialer(dialer, network, address, tlsConf) + } if err != nil { var errNet net.Error if errors.As(err, &errNet) && errNet.Timeout() { @@ -105,6 +124,19 @@ func newHTTPTransport(disableKeepAlives, disableCompression bool, maxIdle, maxId return transport } +func newHTTPSTransport(disableKeepAlives, disableCompression bool, maxIdle, maxIdlePerHost int, tlsConf *tls.Config) http.RoundTripper { + transport := http.DefaultTransport.(*http.Transport).Clone() + transport.DialContext = DialWithBackOff + transport.DisableKeepAlives = disableKeepAlives + transport.MaxIdleConns = maxIdle + transport.MaxIdleConnsPerHost = maxIdlePerHost + transport.ForceAttemptHTTP2 = false + transport.DisableCompression = disableCompression + + transport.TLSClientConfig = tlsConf + return transport +} + // NewProberTransport creates a RoundTripper that is useful for probing, // since it will not cache connections. func NewProberTransport() http.RoundTripper { @@ -113,6 +145,13 @@ func NewProberTransport() http.RoundTripper { NewH2CTransport()) } +// NewProxyAutoTLSTransport is same with NewProxyAutoTransport but it has tls.Config to create HTTPS request. +func NewProxyAutoTLSTransport(maxIdle, maxIdlePerHost int, tlsConf *tls.Config) http.RoundTripper { + return newAutoTransport( + newHTTPSTransport(false /*disable keep-alives*/, true /*disable auto-compression*/, maxIdle, maxIdlePerHost, tlsConf), + newH2Transport(true /*disable auto-compression*/, tlsConf)) +} + // NewAutoTransport creates a RoundTripper that can use appropriate transport // based on the request's HTTP version. func NewAutoTransport(maxIdle, maxIdlePerHost int) http.RoundTripper { diff --git a/vendor/modules.txt b/vendor/modules.txt index 98ddf3c4..7bea41a3 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -600,10 +600,10 @@ k8s.io/utils/integer k8s.io/utils/internal/third_party/forked/golang/net k8s.io/utils/net k8s.io/utils/trace -# knative.dev/hack v0.0.0-20220407171644-0e0784b13cef +# knative.dev/hack v0.0.0-20220411131823-6ffd8417de7c ## explicit knative.dev/hack -# knative.dev/pkg v0.0.0-20220407210145-4d62e1dbb943 +# knative.dev/pkg v0.0.0-20220411234407-00c122e376d0 ## explicit knative.dev/pkg/apis knative.dev/pkg/apis/duck