diff --git a/go.mod b/go.mod index 701388f24..31a518464 100644 --- a/go.mod +++ b/go.mod @@ -41,7 +41,7 @@ require ( gopkg.in/square/go-jose.v2 v2.2.2 k8s.io/api v0.0.0-20220916032116-c98ebf18d366 k8s.io/apimachinery v0.0.0-20220919104142-612703ed13bf - k8s.io/client-go v0.0.0-20220919105647-acfaa39399db + k8s.io/client-go v0.0.0-20220919184700-b6e72dce2814 k8s.io/component-base v0.0.0-20220919111118-ebe9a64d31a1 k8s.io/klog/v2 v2.80.1 k8s.io/kube-openapi v0.0.0-20220803162953-67bda5d908f1 @@ -121,6 +121,6 @@ require ( replace ( k8s.io/api => k8s.io/api v0.0.0-20220916032116-c98ebf18d366 k8s.io/apimachinery => k8s.io/apimachinery v0.0.0-20220919104142-612703ed13bf - k8s.io/client-go => k8s.io/client-go v0.0.0-20220919105647-acfaa39399db + k8s.io/client-go => k8s.io/client-go v0.0.0-20220919184700-b6e72dce2814 k8s.io/component-base => k8s.io/component-base v0.0.0-20220919111118-ebe9a64d31a1 ) diff --git a/go.sum b/go.sum index 1d30153cf..42141745a 100644 --- a/go.sum +++ b/go.sum @@ -971,8 +971,8 @@ k8s.io/api v0.0.0-20220916032116-c98ebf18d366 h1:QbCp5XhHlMsvZk+yaV4hwqfq48NJTYU k8s.io/api v0.0.0-20220916032116-c98ebf18d366/go.mod h1:mgirip+ylRYNjZVz7OqYQtrEdhksbpM2LSSH/QNc3wg= k8s.io/apimachinery v0.0.0-20220919104142-612703ed13bf h1:DqaEXPQPvHjswRaBllqESFzhqKQzei4jsx//mW6zd10= k8s.io/apimachinery v0.0.0-20220919104142-612703ed13bf/go.mod h1:cDOY42/LxGj6qgx5SDz+nj31Q2Thcdcq0BhBZAocaEY= -k8s.io/client-go v0.0.0-20220919105647-acfaa39399db h1:/uqi3vpIjaXmVyNSNp1WXJ2DnQplK8frf17pShZuBVo= -k8s.io/client-go v0.0.0-20220919105647-acfaa39399db/go.mod h1:Hxvu1YDSNPtbVEc8cPWCqSI5g45QtT8f6Z+BSuJklvA= +k8s.io/client-go v0.0.0-20220919184700-b6e72dce2814 h1:0hiN1W5eOHXAd6HujAvCI5pKUV1O3dGkCobTxPQxxDk= +k8s.io/client-go v0.0.0-20220919184700-b6e72dce2814/go.mod h1:Hxvu1YDSNPtbVEc8cPWCqSI5g45QtT8f6Z+BSuJklvA= k8s.io/component-base v0.0.0-20220919111118-ebe9a64d31a1 h1:0WcjVTLbiRLFQOQD9ywMSpVuLX950S52U1VGGXdYeBY= k8s.io/component-base v0.0.0-20220919111118-ebe9a64d31a1/go.mod h1:0xsQ70gY+fwfAWX2I0nwD9sSSpMmDRTGhIDyKG6l+1E= k8s.io/klog/v2 v2.0.0/go.mod h1:PBfzABfn139FHAV07az/IF9Wp1bkk3vpT2XSJ76fSDE= diff --git a/pkg/server/options/deprecated_insecure_serving.go b/pkg/server/options/deprecated_insecure_serving.go index 2b3afb0f1..173c28b80 100644 --- a/pkg/server/options/deprecated_insecure_serving.go +++ b/pkg/server/options/deprecated_insecure_serving.go @@ -23,7 +23,6 @@ import ( "github.com/spf13/pflag" "k8s.io/apiserver/pkg/server" - "k8s.io/client-go/rest" ) // DeprecatedInsecureServingOptions are for creating an unauthenticated, unauthorized, insecure port. @@ -125,45 +124,3 @@ func (s *DeprecatedInsecureServingOptions) ApplyTo(c **server.DeprecatedInsecure return nil } - -// WithLoopback adds loopback functionality to the serving options. -func (o *DeprecatedInsecureServingOptions) WithLoopback() *DeprecatedInsecureServingOptionsWithLoopback { - return &DeprecatedInsecureServingOptionsWithLoopback{o} -} - -// DeprecatedInsecureServingOptionsWithLoopback adds loopback functionality to the DeprecatedInsecureServingOptions. -// DEPRECATED: all insecure serving options will be removed in a future version, however note that -// there are security concerns over how health checks can work here - see e.g. #43784 -type DeprecatedInsecureServingOptionsWithLoopback struct { - *DeprecatedInsecureServingOptions -} - -// ApplyTo fills up serving information in the server configuration. -func (s *DeprecatedInsecureServingOptionsWithLoopback) ApplyTo(insecureServingInfo **server.DeprecatedInsecureServingInfo, loopbackClientConfig **rest.Config) error { - if s == nil || s.DeprecatedInsecureServingOptions == nil || insecureServingInfo == nil { - return nil - } - - if err := s.DeprecatedInsecureServingOptions.ApplyTo(insecureServingInfo); err != nil { - return err - } - - if *insecureServingInfo == nil || loopbackClientConfig == nil { - return nil - } - - secureLoopbackClientConfig, err := (*insecureServingInfo).NewLoopbackClientConfig() - switch { - // if we failed and there's no fallback loopback client config, we need to fail - case err != nil && *loopbackClientConfig == nil: - return err - - // if we failed, but we already have a fallback loopback client config (usually insecure), allow it - case err != nil && *loopbackClientConfig != nil: - - default: - *loopbackClientConfig = secureLoopbackClientConfig - } - - return nil -}