rebase: update kubernetes to 1.30

updating kubernetes to 1.30 release Signed-off-by: Madhu Rajanna <madhupr007@gmail.com>
2025-06-13 02:33:34 +00:00 · 2024-05-15 08:54:18 +02:00
parent 62ddcf715b
commit e727bd351e
747 changed files with 73809 additions and 10436 deletions
--- a/vendor/k8s.io/kubernetes/pkg/volume/plugins.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/plugins.go
@ -1064,7 +1064,7 @@ func NewPersistentVolumeRecyclerPodTemplate() *v1.Pod {
 			Containers: []v1.Container{
 				{
 					Name:    "pv-recycler",
-					Image:   "registry.k8s.io/build-image/debian-base:bookworm-v1.0.1",
+					Image:   "registry.k8s.io/build-image/debian-base:bookworm-v1.0.2",
 					Command: []string{"/bin/sh"},
 					Args:    []string{"-c", "test -e /scrub && find /scrub -mindepth 1 -delete && test -z \"$(ls -A /scrub)\" || exit 1"},
 					VolumeMounts: []v1.VolumeMount{
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/atomic_writer.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/atomic_writer.go
@ -101,9 +101,9 @@ const (
 //     portion of the payload was deleted and is still present on disk.
 //
 //  4. The data in the current timestamped directory is compared to the projected
-//     data to determine if an update is required.
+//     data to determine if an update to data directory is required.
 //
-//  5. A new timestamped dir is created.
+//  5. A new timestamped dir is created if an update is required.
 //
 //  6. The payload is written to the new timestamped directory.
 //
@ -159,6 +159,7 @@ func (w *AtomicWriter) Write(payload map[string]FileProjection, setPerms func(su
 	oldTsPath := filepath.Join(w.targetDir, oldTsDir)

 	var pathsToRemove sets.String
+	shouldWrite := true
 	// if there was no old version, there's nothing to remove
 	if len(oldTsDir) != 0 {
 		// (3)
@ -173,57 +174,74 @@ func (w *AtomicWriter) Write(payload map[string]FileProjection, setPerms func(su
 			klog.Errorf("%s: error determining whether payload should be written to disk: %v", w.logContext, err)
 			return err
 		} else if !should && len(pathsToRemove) == 0 {
-			klog.V(4).Infof("%s: no update required for target directory %v", w.logContext, w.targetDir)
-			return nil
+			klog.V(4).Infof("%s: write not required for data directory %v", w.logContext, oldTsDir)
+			// data directory is already up to date, but we need to make sure that
+			// the user-visible symlinks are created.
+			// See https://github.com/kubernetes/kubernetes/issues/121472 for more details.
+			// Reset oldTsDir to empty string to avoid removing the data directory.
+			shouldWrite = false
+			oldTsDir = ""
 		} else {
 			klog.V(4).Infof("%s: write required for target directory %v", w.logContext, w.targetDir)
 		}
 	}

-	// (5)
-	tsDir, err := w.newTimestampDir()
-	if err != nil {
-		klog.V(4).Infof("%s: error creating new ts data directory: %v", w.logContext, err)
-		return err
-	}
-	tsDirName := filepath.Base(tsDir)
-
-	// (6)
-	if err = w.writePayloadToDir(cleanPayload, tsDir); err != nil {
-		klog.Errorf("%s: error writing payload to ts data directory %s: %v", w.logContext, tsDir, err)
-		return err
-	}
-	klog.V(4).Infof("%s: performed write of new data to ts data directory: %s", w.logContext, tsDir)
-
-	// (7)
-	if setPerms != nil {
-		if err := setPerms(tsDirName); err != nil {
-			klog.Errorf("%s: error applying ownership settings: %v", w.logContext, err)
+	if shouldWrite {
+		// (5)
+		tsDir, err := w.newTimestampDir()
+		if err != nil {
+			klog.V(4).Infof("%s: error creating new ts data directory: %v", w.logContext, err)
 			return err
 		}
-	}
+		tsDirName := filepath.Base(tsDir)

-	// (8)
-	newDataDirPath := filepath.Join(w.targetDir, newDataDirName)
-	if err = os.Symlink(tsDirName, newDataDirPath); err != nil {
-		os.RemoveAll(tsDir)
-		klog.Errorf("%s: error creating symbolic link for atomic update: %v", w.logContext, err)
-		return err
-	}
+		// (6)
+		if err = w.writePayloadToDir(cleanPayload, tsDir); err != nil {
+			klog.Errorf("%s: error writing payload to ts data directory %s: %v", w.logContext, tsDir, err)
+			return err
+		}
+		klog.V(4).Infof("%s: performed write of new data to ts data directory: %s", w.logContext, tsDir)

-	// (9)
-	if runtime.GOOS == "windows" {
-		os.Remove(dataDirPath)
-		err = os.Symlink(tsDirName, dataDirPath)
-		os.Remove(newDataDirPath)
-	} else {
-		err = os.Rename(newDataDirPath, dataDirPath)
-	}
-	if err != nil {
-		os.Remove(newDataDirPath)
-		os.RemoveAll(tsDir)
-		klog.Errorf("%s: error renaming symbolic link for data directory %s: %v", w.logContext, newDataDirPath, err)
-		return err
+		// (7)
+		if setPerms != nil {
+			if err := setPerms(tsDirName); err != nil {
+				klog.Errorf("%s: error applying ownership settings: %v", w.logContext, err)
+				return err
+			}
+		}
+
+		// (8)
+		newDataDirPath := filepath.Join(w.targetDir, newDataDirName)
+		if err = os.Symlink(tsDirName, newDataDirPath); err != nil {
+			if err := os.RemoveAll(tsDir); err != nil {
+				klog.Errorf("%s: error removing new ts directory %s: %v", w.logContext, tsDir, err)
+			}
+			klog.Errorf("%s: error creating symbolic link for atomic update: %v", w.logContext, err)
+			return err
+		}
+
+		// (9)
+		if runtime.GOOS == "windows" {
+			if err := os.Remove(dataDirPath); err != nil {
+				klog.Errorf("%s: error removing data dir directory %s: %v", w.logContext, dataDirPath, err)
+			}
+			err = os.Symlink(tsDirName, dataDirPath)
+			if err := os.Remove(newDataDirPath); err != nil {
+				klog.Errorf("%s: error removing new data dir directory %s: %v", w.logContext, newDataDirPath, err)
+			}
+		} else {
+			err = os.Rename(newDataDirPath, dataDirPath)
+		}
+		if err != nil {
+			if err := os.Remove(newDataDirPath); err != nil && err != os.ErrNotExist {
+				klog.Errorf("%s: error removing new data dir directory %s: %v", w.logContext, newDataDirPath, err)
+			}
+			if err := os.RemoveAll(tsDir); err != nil {
+				klog.Errorf("%s: error removing new ts directory %s: %v", w.logContext, tsDir, err)
+			}
+			klog.Errorf("%s: error renaming symbolic link for data directory %s: %v", w.logContext, newDataDirPath, err)
+			return err
+		}
 	}

 	// (10)
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/hostutil/hostutil.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/hostutil/hostutil.go
@ -41,6 +41,10 @@ const (
 	FileTypeUnknown FileType = ""
 )

+var (
+	errUnknownFileType = fmt.Errorf("only recognise file, directory, socket, block device and character device")
+)
+
 // HostUtils defines the set of methods for interacting with paths on a host.
 type HostUtils interface {
 	// DeviceOpened determines if the device (e.g. /dev/sdc) is in use elsewhere
@ -50,6 +54,7 @@ type HostUtils interface {
 	PathIsDevice(pathname string) (bool, error)
 	// GetDeviceNameFromMount finds the device name by checking the mount path
 	// to get the global mount path within its plugin directory.
+	// TODO: Remove this method once the rbd and vsphere plugins are removed from in-tree.
 	GetDeviceNameFromMount(mounter mount.Interface, mountPath, pluginMountDir string) (string, error)
 	// MakeRShared checks that given path is on a mount with 'rshared' mount
 	// propagation. If not, it bind-mounts the path as rshared.
@ -108,5 +113,5 @@ func getFileType(pathname string) (FileType, error) {
 		return FileTypeBlockDev, nil
 	}

-	return pathType, fmt.Errorf("only recognise file, directory, socket, block device and character device")
+	return pathType, errUnknownFileType
 }
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/hostutil/hostutil_linux.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/hostutil/hostutil_linux.go
@ -109,7 +109,7 @@ func (hu *HostUtil) GetDeviceNameFromMount(mounter mount.Interface, mountPath, p
 	return getDeviceNameFromMount(mounter, mountPath, pluginMountDir)
 }

-// getDeviceNameFromMountLinux find the device name from /proc/mounts in which
+// getDeviceNameFromMount find the device name from /proc/self/mountinfo in which
 // the mount path reference should match the given plugin mount directory. In case no mount path reference
 // matches, returns the volume name taken from its given mountPath
 func getDeviceNameFromMount(mounter mount.Interface, mountPath, pluginMountDir string) (string, error) {
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/hostutil/hostutil_windows.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/hostutil/hostutil_windows.go
@ -23,7 +23,6 @@ import (
 	"fmt"
 	"io/fs"
 	"os"
-	"path"
 	"path/filepath"
 	"strings"
 	"syscall"
@ -72,7 +71,7 @@ func getDeviceNameFromMount(mounter mount.Interface, mountPath, pluginMountDir s
 		}
 	}

-	return path.Base(mountPath), nil
+	return filepath.Base(mountPath), nil
 }

 // DeviceOpened determines if the device is in use elsewhere
@ -106,7 +105,7 @@ func (hu *(HostUtil)) GetFileType(pathname string) (FileType, error) {

 	// os.Stat will return a 1920 error (windows.ERROR_CANT_ACCESS_FILE) if we use it on a Unix Socket
 	// on Windows. In this case, we need to use a different method to check if it's a Unix Socket.
-	if isSystemCannotAccessErr(err) {
+	if err == errUnknownFileType || isSystemCannotAccessErr(err) {
 		if isSocket, errSocket := filesystem.IsUnixDomainSocket(pathname); errSocket == nil && isSocket {
 			return FileTypeSocket, nil
 		}
--- a/vendor/k8s.io/kubernetes/pkg/volume/util/selinux.go
+++ b/vendor/k8s.io/kubernetes/pkg/volume/util/selinux.go
@ -177,6 +177,10 @@ func VolumeSupportsSELinuxMount(volumeSpec *volume.Spec) bool {
 	if len(volumeSpec.PersistentVolume.Spec.AccessModes) != 1 {
 		return false
 	}
+	if utilfeature.DefaultFeatureGate.Enabled(features.SELinuxMount) {
+		return true
+	}
+	// Only SELinuxMountReadWriteOncePod feature enabled
 	if !v1helper.ContainsAccessMode(volumeSpec.PersistentVolume.Spec.AccessModes, v1.ReadWriteOncePod) {
 		return false
 	}