mirror of https://github.com/linkerd/linkerd2.git
policy: update to `kube-rs` v0.85 and friends (#11255)
This branch updates the policy-controller's dependency on Kubert to v0.18, `kube-rs` to v0.85, `k8s-gateway-api` to v0.13, and `k8s-openapi` to v0.19. All of these crates depend on `kube-rs` and `k8s-openapi`, so they must all be updated together in one commit. Therefore, this branch updates all these dependencies.
This commit is contained in:
Eliza Weisman
GitHub
parent
51214c0666
commit
161d1a72f4
499
Cargo.lock
499
Cargo.lock
File diff suppressed because it is too large
Load Diff
10
deny.toml
10
deny.toml
|
|
@ -56,8 +56,6 @@ wildcards = "allow"
|
|||
highlight = "all"
|
||||
deny = []
|
||||
skip = [
|
||||
# Waiting on h2, tonic, etc
|
||||
{ name = "tokio-util", version = "0.6" },
|
||||
# `rustls-pemfile` and `k8s-openapi` depend on versions of `base64` that
|
||||
# have diverged significantly.
|
||||
{ name = "base64" },
|
||||
|
|
@ -65,6 +63,14 @@ skip = [
|
|||
{ name = "ahash", version = "0.7" },
|
||||
# syn v2 has been released and some libraries are slower to adopt it
|
||||
{ name = "syn", version = "1.0" },
|
||||
# `tower-http` (a transitive dep via `kubert`) depends on v2.x of `bitflags`,
|
||||
# while pretty much the entire rest of the world is still on v1.x
|
||||
{ name = "bitflags", version = "1.0" },
|
||||
]
|
||||
skip-tree = [
|
||||
# `serde_json` and `h2` depend on diverged versions of `indexmap` (2.0.x and
|
||||
# 1.9.x, respectively)
|
||||
{ name = "indexmap" },
|
||||
]
|
||||
|
||||
[sources]
|
||||
|
|
|
|||
|
|
@ -17,8 +17,8 @@ anyhow = "1"
|
|||
async-trait = "0.1"
|
||||
drain = "0.1"
|
||||
futures = { version = "0.3", default-features = false }
|
||||
k8s-gateway-api = "0.12"
|
||||
k8s-openapi = { version = "0.17", features = ["v1_20"] }
|
||||
k8s-gateway-api = "0.13"
|
||||
k8s-openapi = { version = "0.19", features = ["v1_20"] }
|
||||
hyper = { version = "0.14", features = ["http1", "http2", "runtime", "server"] }
|
||||
ipnet = { version = "2", default-features = false }
|
||||
linkerd-policy-controller-core = { path = "./core" }
|
||||
|
|
@ -40,14 +40,14 @@ default-features = false
|
|||
features = ["derive", "env", "std"]
|
||||
|
||||
[dependencies.kube]
|
||||
version = "0.80"
|
||||
version = "0.85"
|
||||
default-features = false
|
||||
features = ["admission", "derive"]
|
||||
|
||||
[dependencies.kubert]
|
||||
version = "0.16"
|
||||
version = "0.18"
|
||||
default-features = false
|
||||
features = ["clap", "index", "lease", "metrics", "runtime", "server"]
|
||||
features = ["clap", "index", "lease", "metrics", "runtime", "server", "rustls-tls"]
|
||||
|
||||
[dependencies.tokio]
|
||||
version = "1"
|
||||
|
|
|
|||
|
|
@ -6,11 +6,11 @@ license = "Apache-2.0"
|
|||
publish = false
|
||||
|
||||
[dependencies]
|
||||
k8s-openapi = { version = "0.17", default-features = false, features = [
|
||||
k8s-openapi = { version = "0.19", default-features = false, features = [
|
||||
"v1_20",
|
||||
] }
|
||||
k8s-gateway-api = "0.12"
|
||||
kube = { version = "0.80", default-features = false, features = [
|
||||
k8s-gateway-api = "0.13"
|
||||
kube = { version = "0.85", default-features = false, features = [
|
||||
"client",
|
||||
"derive",
|
||||
"runtime",
|
||||
|
|
@ -19,7 +19,7 @@ ipnet = { version = "2.7", features = ["json"] }
|
|||
schemars = "0.8"
|
||||
serde = { version = "1", features = ["derive"] }
|
||||
serde_json = "1"
|
||||
serde_yaml = "0.8"
|
||||
serde_yaml = "0.9"
|
||||
thiserror = "1"
|
||||
tokio = { version = "1", features = ["time"] }
|
||||
tracing = "0.1"
|
||||
|
|
|
|||
|
|
@ -10,13 +10,13 @@ ahash = "0.8"
|
|||
anyhow = "1"
|
||||
futures = { version = "0.3", default-features = false }
|
||||
http = "0.2"
|
||||
k8s-gateway-api = "0.12"
|
||||
kube = { version = "0.80", default-features = false, features = [
|
||||
k8s-gateway-api = "0.13"
|
||||
kube = { version = "0.85", default-features = false, features = [
|
||||
"client",
|
||||
"derive",
|
||||
"runtime",
|
||||
] }
|
||||
kubert = { version = "0.16", default-features = false, features = ["index"] }
|
||||
kubert = { version = "0.18", default-features = false, features = ["index"] }
|
||||
linkerd-policy-controller-core = { path = "../../core" }
|
||||
linkerd-policy-controller-k8s-api = { path = "../api" }
|
||||
parking_lot = "0.12"
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@ ahash = "0.8"
|
|||
anyhow = "1"
|
||||
# Fix for https://github.com/chronotope/chrono/issues/602
|
||||
chrono = { version = "0.4.24", default-features = false, features = ["clock"] }
|
||||
k8s-gateway-api = "0.12"
|
||||
kubert = { version = "0.16", default-features = false, features = [
|
||||
k8s-gateway-api = "0.13"
|
||||
kubert = { version = "0.18", default-features = false, features = [
|
||||
"index",
|
||||
"lease",
|
||||
] }
|
||||
|
|
|
|||
|
|
@ -6,7 +6,7 @@ use clap::Parser;
|
|||
use futures::prelude::*;
|
||||
use k8s::{api::apps::v1::Deployment, Client, ObjectMeta, Resource};
|
||||
use k8s_openapi::api::coordination::v1 as coordv1;
|
||||
use kube::api::{ListParams, PatchParams};
|
||||
use kube::{api::PatchParams, runtime::watcher};
|
||||
use kubert::LeaseManager;
|
||||
use linkerd_policy_controller::{
|
||||
grpc, inbound, index_list::IndexList, k8s, outbound, Admission, ClusterInfo, DefaultPolicy,
|
||||
|
|
@ -167,13 +167,13 @@ async fn main() -> Result<()> {
|
|||
|
||||
// Spawn resource watches.
|
||||
|
||||
let pods =
|
||||
runtime.watch_all::<k8s::Pod>(ListParams::default().labels("linkerd.io/control-plane-ns"));
|
||||
let pods = runtime
|
||||
.watch_all::<k8s::Pod>(watcher::Config::default().labels("linkerd.io/control-plane-ns"));
|
||||
tokio::spawn(
|
||||
kubert::index::namespaced(inbound_index.clone(), pods).instrument(info_span!("pods")),
|
||||
);
|
||||
|
||||
let servers = runtime.watch_all::<k8s::policy::Server>(ListParams::default());
|
||||
let servers = runtime.watch_all::<k8s::policy::Server>(watcher::Config::default());
|
||||
let servers_indexes = IndexList::new(inbound_index.clone())
|
||||
.push(status_index.clone())
|
||||
.shared();
|
||||
|
|
@ -182,34 +182,34 @@ async fn main() -> Result<()> {
|
|||
);
|
||||
|
||||
let server_authzs =
|
||||
runtime.watch_all::<k8s::policy::ServerAuthorization>(ListParams::default());
|
||||
runtime.watch_all::<k8s::policy::ServerAuthorization>(watcher::Config::default());
|
||||
tokio::spawn(
|
||||
kubert::index::namespaced(inbound_index.clone(), server_authzs)
|
||||
.instrument(info_span!("serverauthorizations")),
|
||||
);
|
||||
|
||||
let authz_policies =
|
||||
runtime.watch_all::<k8s::policy::AuthorizationPolicy>(ListParams::default());
|
||||
runtime.watch_all::<k8s::policy::AuthorizationPolicy>(watcher::Config::default());
|
||||
tokio::spawn(
|
||||
kubert::index::namespaced(inbound_index.clone(), authz_policies)
|
||||
.instrument(info_span!("authorizationpolicies")),
|
||||
);
|
||||
|
||||
let mtls_authns =
|
||||
runtime.watch_all::<k8s::policy::MeshTLSAuthentication>(ListParams::default());
|
||||
runtime.watch_all::<k8s::policy::MeshTLSAuthentication>(watcher::Config::default());
|
||||
tokio::spawn(
|
||||
kubert::index::namespaced(inbound_index.clone(), mtls_authns)
|
||||
.instrument(info_span!("meshtlsauthentications")),
|
||||
);
|
||||
|
||||
let network_authns =
|
||||
runtime.watch_all::<k8s::policy::NetworkAuthentication>(ListParams::default());
|
||||
runtime.watch_all::<k8s::policy::NetworkAuthentication>(watcher::Config::default());
|
||||
tokio::spawn(
|
||||
kubert::index::namespaced(inbound_index.clone(), network_authns)
|
||||
.instrument(info_span!("networkauthentications")),
|
||||
);
|
||||
|
||||
let http_routes = runtime.watch_all::<k8s::policy::HttpRoute>(ListParams::default());
|
||||
let http_routes = runtime.watch_all::<k8s::policy::HttpRoute>(watcher::Config::default());
|
||||
let http_routes_indexes = IndexList::new(inbound_index.clone())
|
||||
.push(outbound_index.clone())
|
||||
.push(status_index.clone())
|
||||
|
|
@ -220,13 +220,13 @@ async fn main() -> Result<()> {
|
|||
);
|
||||
|
||||
let gateway_http_routes =
|
||||
runtime.watch_all::<k8s_gateway_api::HttpRoute>(ListParams::default());
|
||||
runtime.watch_all::<k8s_gateway_api::HttpRoute>(watcher::Config::default());
|
||||
tokio::spawn(
|
||||
kubert::index::namespaced(http_routes_indexes, gateway_http_routes)
|
||||
.instrument(info_span!("httproutes.gateway.networking.k8s.io")),
|
||||
);
|
||||
|
||||
let services = runtime.watch_all::<k8s::Service>(ListParams::default());
|
||||
let services = runtime.watch_all::<k8s::Service>(watcher::Config::default());
|
||||
let services_indexes = IndexList::new(outbound_index.clone())
|
||||
.push(status_index.clone())
|
||||
.shared();
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@ anyhow = "1"
|
|||
hyper = { version = "0.14", features = ["client", "http2"] }
|
||||
futures = { version = "0.3", default-features = false }
|
||||
ipnet = "2"
|
||||
k8s-gateway-api = "0.12"
|
||||
k8s-openapi = { version = "0.17", features = ["v1_20"] }
|
||||
k8s-gateway-api = "0.13"
|
||||
k8s-openapi = { version = "0.19", features = ["v1_20"] }
|
||||
linkerd-policy-controller-core = { path = "../policy-controller/core" }
|
||||
linkerd-policy-controller-k8s-api = { path = "../policy-controller/k8s/api" }
|
||||
maplit = "1"
|
||||
|
|
@ -25,7 +25,7 @@ tracing = "0.1"
|
|||
tracing-subscriber = { version = "0.3", features = ["env-filter"] }
|
||||
|
||||
[dependencies.kube]
|
||||
version = "0.80"
|
||||
version = "0.85"
|
||||
default-features = false
|
||||
features = ["client", "openssl-tls", "runtime", "ws"]
|
||||
|
||||
|
|
|
|||
|
|
@ -392,7 +392,7 @@ async fn await_service_account(client: &kube::Client, ns: &str, name: &str) {
|
|||
tokio::pin! {
|
||||
let sas = kube::runtime::watcher(
|
||||
kube::Api::<k8s::ServiceAccount>::namespaced(client.clone(), ns),
|
||||
kube::api::ListParams::default(),
|
||||
Default::default(),
|
||||
);
|
||||
}
|
||||
loop {
|
||||
|
|
|
|||
Loading…
Reference in New Issue