Add support for --runtime-config=api/beta=false, --feature-gates=AllBeta=false
Allow disabling all beta features and APIs Kubernetes-commit: a5760dee812d280e4de203fccf58214051d0d62a
This commit is contained in:
Jordan Liggitt
Kubernetes Publisher
parent
387bf36109
commit
54aa70b012
|
|
@ -43,11 +43,14 @@ func NewAPIEnablementOptions() *APIEnablementOptions {
|
||||||
// AddFlags adds flags for a specific APIServer to the specified FlagSet
|
// AddFlags adds flags for a specific APIServer to the specified FlagSet
|
||||||
func (s *APIEnablementOptions) AddFlags(fs *pflag.FlagSet) {
|
func (s *APIEnablementOptions) AddFlags(fs *pflag.FlagSet) {
|
||||||
fs.Var(&s.RuntimeConfig, "runtime-config", ""+
|
fs.Var(&s.RuntimeConfig, "runtime-config", ""+
|
||||||
"A set of key=value pairs that describe runtime configuration that may be passed "+
|
"A set of key=value pairs that enable or disable built-in APIs. Supported options are:\n"+
|
||||||
"to apiserver. <group>/<version> (or <version> for the core group) key can be used to "+
|
"v1=true|false for the core API group\n"+
|
||||||
"turn on/off specific api versions. api/all is special key to control all api versions, "+
|
"<group>/<version>=true|false for a specific API group and version (e.g. apps/v1=true)\n"+
|
||||||
"be careful setting it false, unless you know what you do. api/legacy is deprecated, "+
|
"api/all=true|false controls all API versions\n"+
|
||||||
"we will remove it in the future, so stop using it.")
|
"api/ga=true|false controls all API versions of the form v[0-9]+\n"+
|
||||||
|
"api/beta=true|false controls all API versions of the form v[0-9]+beta[0-9]+\n"+
|
||||||
|
"api/alpha=true|false controls all API versions of the form v[0-9]+alpha[0-9]+\n"+
|
||||||
|
"api/legacy is deprecated, and will be removed in a future version")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Validate validates RuntimeConfig with a list of registries.
|
// Validate validates RuntimeConfig with a list of registries.
|
||||||
|
|
@ -61,9 +64,9 @@ func (s *APIEnablementOptions) Validate(registries ...GroupRegisty) []error {
|
||||||
}
|
}
|
||||||
|
|
||||||
errors := []error{}
|
errors := []error{}
|
||||||
if s.RuntimeConfig["api/all"] == "false" && len(s.RuntimeConfig) == 1 {
|
if s.RuntimeConfig[resourceconfig.APIAll] == "false" && len(s.RuntimeConfig) == 1 {
|
||||||
// Do not allow only set api/all=false, in such case apiserver startup has no meaning.
|
// Do not allow only set api/all=false, in such case apiserver startup has no meaning.
|
||||||
return append(errors, fmt.Errorf("invalid key with only api/all=false"))
|
return append(errors, fmt.Errorf("invalid key with only %v=false", resourceconfig.APIAll))
|
||||||
}
|
}
|
||||||
|
|
||||||
groups, err := resourceconfig.ParseGroups(s.RuntimeConfig)
|
groups, err := resourceconfig.ParseGroups(s.RuntimeConfig)
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,7 @@ package resourceconfig
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"regexp"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
|
|
@ -51,6 +52,33 @@ func MergeResourceEncodingConfigs(
|
||||||
return resourceEncodingConfig
|
return resourceEncodingConfig
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Recognized values for the --runtime-config parameter to enable/disable groups of APIs
|
||||||
|
const (
|
||||||
|
APIAll = "api/all"
|
||||||
|
APIGA = "api/ga"
|
||||||
|
APIBeta = "api/beta"
|
||||||
|
APIAlpha = "api/alpha"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
gaPattern = regexp.MustCompile(`^v\d+$`)
|
||||||
|
betaPattern = regexp.MustCompile(`^v\d+beta\d+$`)
|
||||||
|
alphaPattern = regexp.MustCompile(`^v\d+alpha\d+$`)
|
||||||
|
|
||||||
|
matchers = map[string]func(gv schema.GroupVersion) bool{
|
||||||
|
// allows users to address all api versions
|
||||||
|
APIAll: func(gv schema.GroupVersion) bool { return true },
|
||||||
|
// allows users to address all api versions in the form v[0-9]+
|
||||||
|
APIGA: func(gv schema.GroupVersion) bool { return gaPattern.MatchString(gv.Version) },
|
||||||
|
// allows users to address all beta api versions
|
||||||
|
APIBeta: func(gv schema.GroupVersion) bool { return betaPattern.MatchString(gv.Version) },
|
||||||
|
// allows users to address all alpha api versions
|
||||||
|
APIAlpha: func(gv schema.GroupVersion) bool { return alphaPattern.MatchString(gv.Version) },
|
||||||
|
}
|
||||||
|
|
||||||
|
matcherOrder = []string{APIAll, APIGA, APIBeta, APIAlpha}
|
||||||
|
)
|
||||||
|
|
||||||
// MergeAPIResourceConfigs merges the given defaultAPIResourceConfig with the given resourceConfigOverrides.
|
// MergeAPIResourceConfigs merges the given defaultAPIResourceConfig with the given resourceConfigOverrides.
|
||||||
// Exclude the groups not registered in registry, and check if version is
|
// Exclude the groups not registered in registry, and check if version is
|
||||||
// not registered in group, then it will fail.
|
// not registered in group, then it will fail.
|
||||||
|
|
@ -62,14 +90,15 @@ func MergeAPIResourceConfigs(
|
||||||
resourceConfig := defaultAPIResourceConfig
|
resourceConfig := defaultAPIResourceConfig
|
||||||
overrides := resourceConfigOverrides
|
overrides := resourceConfigOverrides
|
||||||
|
|
||||||
// "api/all=false" allows users to selectively enable specific api versions.
|
for _, flag := range matcherOrder {
|
||||||
allAPIFlagValue, ok := overrides["api/all"]
|
if value, ok := overrides[flag]; ok {
|
||||||
if ok {
|
if value == "false" {
|
||||||
if allAPIFlagValue == "false" {
|
resourceConfig.DisableMatchingVersions(matchers[flag])
|
||||||
// Disable all group versions.
|
} else if value == "true" {
|
||||||
resourceConfig.DisableAll()
|
resourceConfig.EnableMatchingVersions(matchers[flag])
|
||||||
} else if allAPIFlagValue == "true" {
|
} else {
|
||||||
resourceConfig.EnableAll()
|
return nil, fmt.Errorf("invalid value %v=%v", flag, value)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -78,7 +107,7 @@ func MergeAPIResourceConfigs(
|
||||||
// Iterate through all group/version overrides specified in runtimeConfig.
|
// Iterate through all group/version overrides specified in runtimeConfig.
|
||||||
for key := range overrides {
|
for key := range overrides {
|
||||||
// Have already handled them above. Can skip them here.
|
// Have already handled them above. Can skip them here.
|
||||||
if key == "api/all" {
|
if _, ok := matchers[key]; ok {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -153,7 +182,7 @@ func getRuntimeConfigValue(overrides cliflag.ConfigurationMap, apiKey string, de
|
||||||
func ParseGroups(resourceConfig cliflag.ConfigurationMap) ([]string, error) {
|
func ParseGroups(resourceConfig cliflag.ConfigurationMap) ([]string, error) {
|
||||||
groups := []string{}
|
groups := []string{}
|
||||||
for key := range resourceConfig {
|
for key := range resourceConfig {
|
||||||
if key == "api/all" {
|
if _, ok := matchers[key]; ok {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
tokens := strings.Split(key, "/")
|
tokens := strings.Split(key, "/")
|
||||||
|
|
|
||||||
|
|
@ -195,6 +195,21 @@ func TestParseRuntimeConfig(t *testing.T) {
|
||||||
},
|
},
|
||||||
err: false, // no error for backwards compatibility
|
err: false, // no error for backwards compatibility
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
// disable all beta resources
|
||||||
|
runtimeConfig: map[string]string{
|
||||||
|
"api/beta": "false",
|
||||||
|
},
|
||||||
|
defaultResourceConfig: func() *serverstore.ResourceConfig {
|
||||||
|
return newFakeAPIResourceConfigSource()
|
||||||
|
},
|
||||||
|
expectedAPIConfig: func() *serverstore.ResourceConfig {
|
||||||
|
config := newFakeAPIResourceConfigSource()
|
||||||
|
config.DisableVersions(extensionsapiv1beta1.SchemeGroupVersion)
|
||||||
|
return config
|
||||||
|
},
|
||||||
|
err: false, // no error for backwards compatibility
|
||||||
|
},
|
||||||
}
|
}
|
||||||
for index, test := range testCases {
|
for index, test := range testCases {
|
||||||
t.Log(scheme.PrioritizedVersionsAllGroups())
|
t.Log(scheme.PrioritizedVersionsAllGroups())
|
||||||
|
|
|
||||||
|
|
@ -52,6 +52,24 @@ func (o *ResourceConfig) EnableAll() {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// DisableMatchingVersions disables all group/versions for which the matcher function returns true. It does not modify individual resource enablement/disablement.
|
||||||
|
func (o *ResourceConfig) DisableMatchingVersions(matcher func(gv schema.GroupVersion) bool) {
|
||||||
|
for k := range o.GroupVersionConfigs {
|
||||||
|
if matcher(k) {
|
||||||
|
o.GroupVersionConfigs[k] = false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// EnableMatchingVersions enables all group/versions for which the matcher function returns true. It does not modify individual resource enablement/disablement.
|
||||||
|
func (o *ResourceConfig) EnableMatchingVersions(matcher func(gv schema.GroupVersion) bool) {
|
||||||
|
for k := range o.GroupVersionConfigs {
|
||||||
|
if matcher(k) {
|
||||||
|
o.GroupVersionConfigs[k] = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// DisableVersions disables the versions entirely.
|
// DisableVersions disables the versions entirely.
|
||||||
func (o *ResourceConfig) DisableVersions(versions ...schema.GroupVersion) {
|
func (o *ResourceConfig) DisableVersions(versions ...schema.GroupVersion) {
|
||||||
for _, version := range versions {
|
for _, version := range versions {
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue