kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #56995 from mtaufen/kc-flags-precedence-redo 

Automatic merge from submit-queue (batch tested with PRs 56995, 58498, 57426, 58902, 58863). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

flag precedence redo

Changes the Kubelet configuration flag precedence order so that flags take precedence over config from files/ConfigMaps.

This should fix the re-parse issue with #56097 that led to revert.

Fixes #56171.

In order to prevent global flags (registered in 3rd party libs, etc.) from leaking into the command's help text, this PR turns off Cobra's flag parsing in the `kubelet` command and re-implements help and usage funcs for the Kubelet. Cobra's default funcs automatically merge all global flags into the command's flagset, which results in incorrect help text. I tried to keep the formatting as close as possible to the what the Kubelet currently produces.

Diff between Kubelet's help text on `upstream/master` vs `mtaufen/kc-flags-precedence-redo`, which shows a leaked flag being removed, but no change to the formatting:
```
diff --git a/upstream.master.help b/mtaufen.kc-flags-precedence-redo.help
index 798a030..0797869 100644
--- a/upstream.master.help
+++ b/mtaufen.kc-flags-precedence-redo.help
@@ -30,7 +30,6 @@ Flags:
       --authorization-mode string                                                                                 Authorization mode for Kubelet server. Valid options are AlwaysAllow or Webhook. Webhook mode uses the SubjectAccessReview API to determine authorization. (default "AlwaysAllow")
       --authorization-webhook-cache-authorized-ttl duration                                                       The duration to cache 'authorized' responses from the webhook authorizer. (default 5m0s)
       --authorization-webhook-cache-unauthorized-ttl duration                                                     The duration to cache 'unauthorized' responses from the webhook authorizer. (default 30s)
-      --azure-container-registry-config string                                                                    Path to the file containing Azure container registry configuration information.
       --bootstrap-checkpoint-path string                                                                          <Warning: Alpha feature> Path to to the directory where the checkpoints are stored
       --bootstrap-kubeconfig string                                                                               Path to a kubeconfig file that will be used to get client certificate for kubelet. If the file specified by --kubeconfig does not exist, the bootstrap kubeconfig is used to request a client certificate from the API server. On success, a kubeconfig file referencing the generated client certificate and key is written to the path specified by --kubeconfig. The client certificate and key file will be stored in the directory pointed by --cert-dir.
       --cadvisor-port int32                                                                                       The port of the localhost cAdvisor endpoint (set to 0 to disable) (default 4194)
```

Ultimately, I think we should implement a common lib that K8s components can use to generate clean help text, as the global flag leakage problem affects all core k8s binaries. I would like to do so in a future PR, to keep this PR simple. We could base the help text format on the default values returned from `Command.HelpTemplate` and `Command.UsageTemplate`. Unfortunately, the template funcs used to process these defaults are private to Cobra, so we'd have to re-implement these, or avoid using them.

```release-note
NONE
```

Kubernetes-commit: cf92d921d907f2c3fdf635b690849fd663705638
This commit is contained in:
Kubernetes Publisher 2018-01-29 12:37:34 -08:00
parent 1bf7de8f04 53ab2d6c3c
commit 0a66cf2869
3 changed files with 1842 additions and 1800 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3600
Godeps/Godeps.json generated
View File

File diff suppressed because it is too large Load Diff

1
pkg/util/flag/BUILD
View File

@ -32,6 +32,7 @@ go_library(
"map_string_bool.go",
"map_string_string.go",
"namedcertkey_flag.go",
"noop.go",
"omitempty.go",
"string_flag.go",
"tristate.go",

41
pkg/util/flag/noop.go Normal file
View File

@ -0,0 +1,41 @@
/*
Copyright 2018 The Kubernetes Authors.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package flag
import (
goflag "flag"
"github.com/spf13/pflag"
)
// NoOp implements goflag.Value and plfag.Value,
// but has a noop Set implementation
type NoOp struct{}
var _ goflag.Value = NoOp{}
var _ pflag.Value = NoOp{}
func (NoOp) String() string {
return ""
}
func (NoOp) Set(val string) error {
return nil
}
func (NoOp) Type() string {
return "NoOp"
}