7412225870

Committed 04 Jan 2024 04:35PM UTC coverage: 77.871%. Remained the same

Build # 7412225870

Build Type

Pull #1209

github

Committed by

web-flow

Commit Message

chore(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0

Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.5.0 to 0.6.0.
- [Commits](https://github.com/golang/sync/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Pull Request Pull Request #1209: chore(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0

Run Details

2034 of 2612 relevant lines covered (77.87%)

7.29 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

50.0

/pkg/blob/azure.go

/*
Copyright 2017 The Kubernetes Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package blob

import (
        "fmt"
        "os"
        "strings"

        kv "github.com/Azure/azure-sdk-for-go/services/keyvault/2016-10-01/keyvault"
        "github.com/Azure/azure-sdk-for-go/services/network/mgmt/2022-07-01/network"
        "github.com/Azure/azure-sdk-for-go/storage"
        "github.com/Azure/go-autorest/autorest"
        "golang.org/x/net/context"
        "k8s.io/client-go/kubernetes"
        "k8s.io/klog/v2"
        "k8s.io/utils/pointer"
        "sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader"
        azure "sigs.k8s.io/cloud-provider-azure/pkg/provider"
        providerconfig "sigs.k8s.io/cloud-provider-azure/pkg/provider/config"
)

var (
        DefaultAzureCredentialFileEnv = "AZURE_CREDENTIAL_FILE"
        DefaultCredFilePath           = "/etc/kubernetes/azure.json"
        storageService                = "Microsoft.Storage"
)

// IsAzureStackCloud decides whether the driver is running on Azure Stack Cloud.
func IsAzureStackCloud(cloud *azure.Cloud) bool {
        return !cloud.DisableAzureStackCloud && strings.EqualFold(cloud.Cloud, "AZURESTACKCLOUD")
}

// getCloudProvider get Azure Cloud Provider
func GetCloudProvider(ctx context.Context, kubeClient kubernetes.Interface, nodeID, secretName, secretNamespace, userAgent string, allowEmptyCloudConfig bool) (*azure.Cloud, error) {
        var (
                config     *azure.Config
                fromSecret bool
                err        error
        )

        az := &azure.Cloud{}
        az.Environment.StorageEndpointSuffix = storage.DefaultBaseURL

        if kubeClient != nil {
                az.KubeClient = kubeClient
                klog.V(2).Infof("reading cloud config from secret %s/%s", secretNamespace, secretName)
                config, err := configloader.Load[azure.Config](ctx, &configloader.K8sSecretLoaderConfig{
                        K8sSecretConfig: configloader.K8sSecretConfig{
                                SecretName:      secretName,
                                SecretNamespace: secretNamespace,
                                CloudConfigKey:  "cloud-config",
                        },
                        KubeClient: kubeClient,
                }, nil)
                if err == nil && config != nil {
                        fromSecret = true
                }
                if err != nil {
                        klog.V(2).Infof("InitializeCloudFromSecret: failed to get cloud config from secret %s/%s: %v", secretNamespace, secretName, err)
                }
        }

        if config == nil {
                klog.V(2).Infof("could not read cloud config from secret %s/%s", secretNamespace, secretName)
                credFile, ok := os.LookupEnv(DefaultAzureCredentialFileEnv)
                if ok && strings.TrimSpace(credFile) != "" {
                        klog.V(2).Infof("%s env var set as %v", DefaultAzureCredentialFileEnv, credFile)
                } else {
                        credFile = DefaultCredFilePath
                        klog.V(2).Infof("use default %s env var: %v", DefaultAzureCredentialFileEnv, credFile)
                }

                config, err = configloader.Load[azure.Config](ctx, nil, &configloader.FileLoaderConfig{
                        FilePath: credFile,
                })
                if err != nil {
                        klog.Warningf("load azure config from file(%s) failed with %v", credFile, err)
                }
        }

        if config == nil {
                if allowEmptyCloudConfig {
                        klog.V(2).Infof("no cloud config provided, error: %v, driver will run without cloud config", err)
                } else {
                        return az, fmt.Errorf("no cloud config provided, error: %w", err)
                }
        } else {
                config.UserAgent = userAgent
                config.CloudProviderBackoff = true
                if err = az.InitializeCloudFromConfig(context.TODO(), config, fromSecret, false); err != nil {
                        klog.Warningf("InitializeCloudFromConfig failed with error: %v", err)
                }
        }

        // reassign kubeClient
        if kubeClient != nil && az.KubeClient == nil {
                az.KubeClient = kubeClient
        }

        isController := (nodeID == "")
        if isController {
                if err == nil {
                        // Disable UseInstanceMetadata for controller to mitigate a timeout issue using IMDS
                        // https://github.com/kubernetes-sigs/azuredisk-csi-driver/issues/168
                        klog.V(2).Infof("disable UseInstanceMetadata for controller server")
                        az.Config.UseInstanceMetadata = false
                }
                klog.V(2).Infof("starting controller server...")
        } else {
                klog.V(2).Infof("starting node server on node(%s)", nodeID)
        }

        if az.Environment.StorageEndpointSuffix == "" {
                az.Environment.StorageEndpointSuffix = storage.DefaultBaseURL
        }
        return az, nil
}

// getKeyVaultSecretContent get content of the keyvault secret
func (d *Driver) getKeyVaultSecretContent(ctx context.Context, vaultURL string, secretName string, secretVersion string) (content string, err error) {
        kvClient, err := d.initializeKvClient()
        if err != nil {
                return "", fmt.Errorf("failed to get keyvaultClient: %w", err)
        }

        klog.V(2).Infof("get secret from vaultURL(%v), sercretName(%v), secretVersion(%v)", vaultURL, secretName, secretVersion)
        secret, err := kvClient.GetSecret(ctx, vaultURL, secretName, secretVersion)
        if err != nil {
                return "", fmt.Errorf("get secret from vaultURL(%v), sercretName(%v), secretVersion(%v) failed with error: %w", vaultURL, secretName, secretVersion, err)
        }
        return *secret.Value, nil
}

func (d *Driver) initializeKvClient() (*kv.BaseClient, error) {
        kvClient := kv.New()
        token, err := d.getKeyvaultToken()
        if err != nil {
                return nil, err
        }

        kvClient.Authorizer = token
        return &kvClient, nil
}

// getKeyvaultToken retrieves a new service principal token to access keyvault
func (d *Driver) getKeyvaultToken() (authorizer autorest.Authorizer, err error) {
        env := d.cloud.Environment
        kvEndPoint := strings.TrimSuffix(env.KeyVaultEndpoint, "/")
        servicePrincipalToken, err := providerconfig.GetServicePrincipalToken(&d.cloud.AzureAuthConfig, &env, kvEndPoint)
        if err != nil {
                return nil, err
        }
        authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)
        return authorizer, nil
}

func (d *Driver) updateSubnetServiceEndpoints(ctx context.Context, vnetResourceGroup, vnetName, subnetName string) error {
        if d.cloud.SubnetsClient == nil {
                return fmt.Errorf("SubnetsClient is nil")
        }

        if vnetResourceGroup == "" {
                vnetResourceGroup = d.cloud.ResourceGroup
                if len(d.cloud.VnetResourceGroup) > 0 {
                        vnetResourceGroup = d.cloud.VnetResourceGroup
                }
        }

        location := d.cloud.Location
        if vnetName == "" {
                vnetName = d.cloud.VnetName
        }
        if subnetName == "" {
                subnetName = d.cloud.SubnetName
        }

        klog.V(2).Infof("updateSubnetServiceEndpoints on vnetName: %s, subnetName: %s, location: %s", vnetName, subnetName, location)
        if subnetName == "" || vnetName == "" || location == "" {
                return fmt.Errorf("value of subnetName, vnetName or location is empty")
        }

        lockKey := vnetResourceGroup + vnetName + subnetName
        d.subnetLockMap.LockEntry(lockKey)
        defer d.subnetLockMap.UnlockEntry(lockKey)

        subnet, err := d.cloud.SubnetsClient.Get(ctx, vnetResourceGroup, vnetName, subnetName, "")
        if err != nil {
                return fmt.Errorf("failed to get the subnet %s under vnet %s: %v", subnetName, vnetName, err)
        }
        endpointLocaions := []string{location}
        storageServiceEndpoint := network.ServiceEndpointPropertiesFormat{
                Service:   &storageService,
                Locations: &endpointLocaions,
        }
        storageServiceExists := false
        if subnet.SubnetPropertiesFormat == nil {
                subnet.SubnetPropertiesFormat = &network.SubnetPropertiesFormat{}
        }
        if subnet.SubnetPropertiesFormat.ServiceEndpoints == nil {
                subnet.SubnetPropertiesFormat.ServiceEndpoints = &[]network.ServiceEndpointPropertiesFormat{}
        }
        serviceEndpoints := *subnet.SubnetPropertiesFormat.ServiceEndpoints
        for _, v := range serviceEndpoints {
                if strings.HasPrefix(pointer.StringDeref(v.Service, ""), storageService) {
                        storageServiceExists = true
                        klog.V(4).Infof("serviceEndpoint(%s) is already in subnet(%s)", storageService, subnetName)
                        break
                }
        }

        if !storageServiceExists {
                serviceEndpoints = append(serviceEndpoints, storageServiceEndpoint)
                subnet.SubnetPropertiesFormat.ServiceEndpoints = &serviceEndpoints

                klog.V(2).Infof("begin to update the subnet %s under vnet %s rg %s", subnetName, vnetName, vnetResourceGroup)
                if err := d.cloud.SubnetsClient.CreateOrUpdate(ctx, vnetResourceGroup, vnetName, subnetName, subnet); err != nil {
                        return fmt.Errorf("failed to update the subnet %s under vnet %s: %v", subnetName, vnetName, err)
                }
                klog.V(2).Infof("serviceEndpoint(%s) is appended in subnet(%s)", storageService, subnetName)
        }

        return nil
}

1	/*
2	Copyright 2017 The Kubernetes Authors.
3
4	Licensed under the Apache License, Version 2.0 (the "License");
5	you may not use this file except in compliance with the License.
6	You may obtain a copy of the License at
7
8	http://www.apache.org/licenses/LICENSE-2.0
9
10	Unless required by applicable law or agreed to in writing, software
11	distributed under the License is distributed on an "AS IS" BASIS,
12	WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13	See the License for the specific language governing permissions and
14	limitations under the License.
15	*/
16
17	package blob
18
19	import (
20	"fmt"
21	"os"
22	"strings"
23
24	kv "github.com/Azure/azure-sdk-for-go/services/keyvault/2016-10-01/keyvault"
25	"github.com/Azure/azure-sdk-for-go/services/network/mgmt/2022-07-01/network"
26	"github.com/Azure/azure-sdk-for-go/storage"
27	"github.com/Azure/go-autorest/autorest"
28	"golang.org/x/net/context"
29	"k8s.io/client-go/kubernetes"
30	"k8s.io/klog/v2"
31	"k8s.io/utils/pointer"
32	"sigs.k8s.io/cloud-provider-azure/pkg/azclient/configloader"
33	azure "sigs.k8s.io/cloud-provider-azure/pkg/provider"
34	providerconfig "sigs.k8s.io/cloud-provider-azure/pkg/provider/config"
35	)
36
37	var (
38	DefaultAzureCredentialFileEnv = "AZURE_CREDENTIAL_FILE"
39	DefaultCredFilePath = "/etc/kubernetes/azure.json"
40	storageService = "Microsoft.Storage"
41	)
42
43	// IsAzureStackCloud decides whether the driver is running on Azure Stack Cloud.
44	func IsAzureStackCloud(cloud *azure.Cloud) bool {	9✔
45	return !cloud.DisableAzureStackCloud && strings.EqualFold(cloud.Cloud, "AZURESTACKCLOUD")	9✔
46	}	9✔
47
48	// getCloudProvider get Azure Cloud Provider
49	func GetCloudProvider(ctx context.Context, kubeClient kubernetes.Interface, nodeID, secretName, secretNamespace, userAgent string, allowEmptyCloudConfig bool) (*azure.Cloud, error) {	×
50	var (	×
51	config *azure.Config	×
52	fromSecret bool	×
53	err error	×
54	)	×
55		×
56	az := &azure.Cloud{}	×
57	az.Environment.StorageEndpointSuffix = storage.DefaultBaseURL	×
58		×
59	if kubeClient != nil {	×
60	az.KubeClient = kubeClient	×
61	klog.V(2).Infof("reading cloud config from secret %s/%s", secretNamespace, secretName)	×
62	config, err := configloader.Load[azure.Config](ctx, &configloader.K8sSecretLoaderConfig{	×
63	K8sSecretConfig: configloader.K8sSecretConfig{	×
64	SecretName: secretName,	×
65	SecretNamespace: secretNamespace,	×
66	CloudConfigKey: "cloud-config",	×
67	},	×
68	KubeClient: kubeClient,	×
69	}, nil)	×
70	if err == nil && config != nil {	×
71	fromSecret = true	×
72	}	×
73	if err != nil {	×
74	klog.V(2).Infof("InitializeCloudFromSecret: failed to get cloud config from secret %s/%s: %v", secretNamespace, secretName, err)	×
75	}	×
76	}
77
78	if config == nil {	×
79	klog.V(2).Infof("could not read cloud config from secret %s/%s", secretNamespace, secretName)	×
80	credFile, ok := os.LookupEnv(DefaultAzureCredentialFileEnv)	×
81	if ok && strings.TrimSpace(credFile) != "" {	×
82	klog.V(2).Infof("%s env var set as %v", DefaultAzureCredentialFileEnv, credFile)	×
83	} else {	×
84	credFile = DefaultCredFilePath	×
85	klog.V(2).Infof("use default %s env var: %v", DefaultAzureCredentialFileEnv, credFile)	×
86	}	×
87
88	config, err = configloader.Load[azure.Config](ctx, nil, &configloader.FileLoaderConfig{	×
89	FilePath: credFile,	×
90	})	×
91	if err != nil {	×
92	klog.Warningf("load azure config from file(%s) failed with %v", credFile, err)	×
93	}	×
94	}
95
96	if config == nil {	×
97	if allowEmptyCloudConfig {	×
98	klog.V(2).Infof("no cloud config provided, error: %v, driver will run without cloud config", err)	×
99	} else {	×
100	return az, fmt.Errorf("no cloud config provided, error: %w", err)	×
101	}	×
102	} else {	×
103	config.UserAgent = userAgent	×
104	config.CloudProviderBackoff = true	×
105	if err = az.InitializeCloudFromConfig(context.TODO(), config, fromSecret, false); err != nil {	×
106	klog.Warningf("InitializeCloudFromConfig failed with error: %v", err)	×
107	}	×
108	}
109
110	// reassign kubeClient
111	if kubeClient != nil && az.KubeClient == nil {	×
112	az.KubeClient = kubeClient	×
113	}	×
114
115	isController := (nodeID == "")	×
116	if isController {	×
117	if err == nil {	×
118	// Disable UseInstanceMetadata for controller to mitigate a timeout issue using IMDS	×
119	// https://github.com/kubernetes-sigs/azuredisk-csi-driver/issues/168	×
120	klog.V(2).Infof("disable UseInstanceMetadata for controller server")	×
121	az.Config.UseInstanceMetadata = false	×
122	}	×
123	klog.V(2).Infof("starting controller server...")	×
124	} else {	×
125	klog.V(2).Infof("starting node server on node(%s)", nodeID)	×
126	}	×
127
128	if az.Environment.StorageEndpointSuffix == "" {	×
129	az.Environment.StorageEndpointSuffix = storage.DefaultBaseURL	×
130	}	×
131	return az, nil	×
132	}
133
134	// getKeyVaultSecretContent get content of the keyvault secret
135	func (d *Driver) getKeyVaultSecretContent(ctx context.Context, vaultURL string, secretName string, secretVersion string) (content string, err error) {	3✔
136	kvClient, err := d.initializeKvClient()	3✔
137	if err != nil {	5✔
138	return "", fmt.Errorf("failed to get keyvaultClient: %w", err)	2✔
139	}	2✔
140
141	klog.V(2).Infof("get secret from vaultURL(%v), sercretName(%v), secretVersion(%v)", vaultURL, secretName, secretVersion)	1✔
142	secret, err := kvClient.GetSecret(ctx, vaultURL, secretName, secretVersion)	1✔
143	if err != nil {	2✔
144	return "", fmt.Errorf("get secret from vaultURL(%v), sercretName(%v), secretVersion(%v) failed with error: %w", vaultURL, secretName, secretVersion, err)	1✔
145	}	1✔
146	return *secret.Value, nil	×
147	}
148
149	func (d Driver) initializeKvClient() (kv.BaseClient, error) {	5✔
150	kvClient := kv.New()	5✔
151	token, err := d.getKeyvaultToken()	5✔
152	if err != nil {	8✔
153	return nil, err	3✔
154	}	3✔
155
156	kvClient.Authorizer = token	2✔
157	return &kvClient, nil	2✔
158	}
159
160	// getKeyvaultToken retrieves a new service principal token to access keyvault
161	func (d *Driver) getKeyvaultToken() (authorizer autorest.Authorizer, err error) {	7✔
162	env := d.cloud.Environment	7✔
163	kvEndPoint := strings.TrimSuffix(env.KeyVaultEndpoint, "/")	7✔
164	servicePrincipalToken, err := providerconfig.GetServicePrincipalToken(&d.cloud.AzureAuthConfig, &env, kvEndPoint)	7✔
165	if err != nil {	11✔
166	return nil, err	4✔
167	}	4✔
168	authorizer = autorest.NewBearerAuthorizer(servicePrincipalToken)	3✔
169	return authorizer, nil	3✔
170	}
171
172	func (d *Driver) updateSubnetServiceEndpoints(ctx context.Context, vnetResourceGroup, vnetName, subnetName string) error {	7✔
173	if d.cloud.SubnetsClient == nil {	9✔
174	return fmt.Errorf("SubnetsClient is nil")	2✔
175	}	2✔
176
177	if vnetResourceGroup == "" {	10✔
178	vnetResourceGroup = d.cloud.ResourceGroup	5✔
179	if len(d.cloud.VnetResourceGroup) > 0 {	5✔
180	vnetResourceGroup = d.cloud.VnetResourceGroup	×
181	}	×
182	}
183
184	location := d.cloud.Location	5✔
185	if vnetName == "" {	10✔
186	vnetName = d.cloud.VnetName	5✔
187	}	5✔
188	if subnetName == "" {	10✔
189	subnetName = d.cloud.SubnetName	5✔
190	}	5✔
191
192	klog.V(2).Infof("updateSubnetServiceEndpoints on vnetName: %s, subnetName: %s, location: %s", vnetName, subnetName, location)	5✔
193	if subnetName == "" \|\| vnetName == "" \|\| location == "" {	5✔
194	return fmt.Errorf("value of subnetName, vnetName or location is empty")	×
195	}	×
196
197	lockKey := vnetResourceGroup + vnetName + subnetName	5✔
198	d.subnetLockMap.LockEntry(lockKey)	5✔
199	defer d.subnetLockMap.UnlockEntry(lockKey)	5✔
200		5✔
201	subnet, err := d.cloud.SubnetsClient.Get(ctx, vnetResourceGroup, vnetName, subnetName, "")	5✔
202	if err != nil {	6✔
203	return fmt.Errorf("failed to get the subnet %s under vnet %s: %v", subnetName, vnetName, err)	1✔
204	}	1✔
205	endpointLocaions := []string{location}	4✔
206	storageServiceEndpoint := network.ServiceEndpointPropertiesFormat{	4✔
207	Service: &storageService,	4✔
208	Locations: &endpointLocaions,	4✔
209	}	4✔
210	storageServiceExists := false	4✔
211	if subnet.SubnetPropertiesFormat == nil {	5✔
212	subnet.SubnetPropertiesFormat = &network.SubnetPropertiesFormat{}	1✔
213	}	1✔
214	if subnet.SubnetPropertiesFormat.ServiceEndpoints == nil {	6✔
215	subnet.SubnetPropertiesFormat.ServiceEndpoints = &[]network.ServiceEndpointPropertiesFormat{}	2✔
216	}	2✔
217	serviceEndpoints := *subnet.SubnetPropertiesFormat.ServiceEndpoints	4✔
218	for _, v := range serviceEndpoints {	5✔
219	if strings.HasPrefix(pointer.StringDeref(v.Service, ""), storageService) {	2✔
220	storageServiceExists = true	1✔
221	klog.V(4).Infof("serviceEndpoint(%s) is already in subnet(%s)", storageService, subnetName)	1✔
222	break	1✔
223	}
224	}
225
226	if !storageServiceExists {	7✔
227	serviceEndpoints = append(serviceEndpoints, storageServiceEndpoint)	3✔
228	subnet.SubnetPropertiesFormat.ServiceEndpoints = &serviceEndpoints	3✔
229		3✔
230	klog.V(2).Infof("begin to update the subnet %s under vnet %s rg %s", subnetName, vnetName, vnetResourceGroup)	3✔
231	if err := d.cloud.SubnetsClient.CreateOrUpdate(ctx, vnetResourceGroup, vnetName, subnetName, subnet); err != nil {	3✔
232	return fmt.Errorf("failed to update the subnet %s under vnet %s: %v", subnetName, vnetName, err)	×
233	}	×
234	klog.V(2).Infof("serviceEndpoint(%s) is appended in subnet(%s)", storageService, subnetName)	3✔
235	}
236
237	return nil	4✔
238	}

kubernetes-sigs / blob-csi-driver / 7412225870

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous