From 96f8ec419d94b5da4b01ac3312b336b8e3121bc2 Mon Sep 17 00:00:00 2001 From: Manuel de Brito Fontes Date: Fri, 11 Nov 2016 00:14:20 -0300 Subject: [PATCH] Remove gce data race in tests --- controllers/gce/backends/fakes.go | 55 ++++--- core/pkg/ingress/controller/backend_ssl.go | 161 --------------------- 2 files changed, 33 insertions(+), 183 deletions(-) delete mode 100644 core/pkg/ingress/controller/backend_ssl.go diff --git a/controllers/gce/backends/fakes.go b/controllers/gce/backends/fakes.go index a9fc4abe2..a5eb1d006 100644 --- a/controllers/gce/backends/fakes.go +++ b/controllers/gce/backends/fakes.go @@ -18,30 +18,42 @@ package backends import ( "fmt" + compute "google.golang.org/api/compute/v1" "k8s.io/ingress/controllers/gce/utils" + "k8s.io/kubernetes/pkg/client/cache" ) // NewFakeBackendServices creates a new fake backend services manager. func NewFakeBackendServices() *FakeBackendServices { return &FakeBackendServices{ - backendServices: []*compute.BackendService{}, + backendServices: cache.NewStore(func(obj interface{}) (string, error) { + svc := obj.(*compute.BackendService) + return svc.Name, nil + }), } } // FakeBackendServices fakes out GCE backend services. type FakeBackendServices struct { - backendServices []*compute.BackendService + backendServices cache.Store calls []int } // GetBackendService fakes getting a backend service from the cloud. func (f *FakeBackendServices) GetBackendService(name string) (*compute.BackendService, error) { f.calls = append(f.calls, utils.Get) - for i := range f.backendServices { - if name == f.backendServices[i].Name { - return f.backendServices[i], nil - } + obj, exists, err := f.backendServices.GetByKey(name) + if !exists { + return nil, fmt.Errorf("Backend service %v not found", name) + } + if err != nil { + return nil, err + } + + svc := obj.(*compute.BackendService) + if name == svc.Name { + return svc, nil } return nil, fmt.Errorf("Backend service %v not found", name) } @@ -50,37 +62,36 @@ func (f *FakeBackendServices) GetBackendService(name string) (*compute.BackendSe func (f *FakeBackendServices) CreateBackendService(be *compute.BackendService) error { f.calls = append(f.calls, utils.Create) be.SelfLink = be.Name - f.backendServices = append(f.backendServices, be) - return nil + return f.backendServices.Update(be) } // DeleteBackendService fakes backend service deletion. func (f *FakeBackendServices) DeleteBackendService(name string) error { f.calls = append(f.calls, utils.Delete) - newBackends := []*compute.BackendService{} - for i := range f.backendServices { - if name != f.backendServices[i].Name { - newBackends = append(newBackends, f.backendServices[i]) - } + svc, exists, err := f.backendServices.GetByKey(name) + if !exists { + return fmt.Errorf("Backend service %v not found", name) } - f.backendServices = newBackends - return nil + if err != nil { + return err + } + return f.backendServices.Delete(svc) } // ListBackendServices fakes backend service listing. func (f *FakeBackendServices) ListBackendServices() (*compute.BackendServiceList, error) { - return &compute.BackendServiceList{Items: f.backendServices}, nil + var svcs []*compute.BackendService + for _, s := range f.backendServices.List() { + svc := s.(*compute.BackendService) + svcs = append(svcs, svc) + } + return &compute.BackendServiceList{Items: svcs}, nil } // UpdateBackendService fakes updating a backend service. func (f *FakeBackendServices) UpdateBackendService(be *compute.BackendService) error { f.calls = append(f.calls, utils.Update) - for i := range f.backendServices { - if f.backendServices[i].Name == be.Name { - f.backendServices[i] = be - } - } - return nil + return f.backendServices.Update(be) } // GetHealth fakes getting backend service health. diff --git a/core/pkg/ingress/controller/backend_ssl.go b/core/pkg/ingress/controller/backend_ssl.go deleted file mode 100644 index eea053913..000000000 --- a/core/pkg/ingress/controller/backend_ssl.go +++ /dev/null @@ -1,161 +0,0 @@ -/* -Copyright 2015 The Kubernetes Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package controller - -import ( - "fmt" - "strings" - "time" - - "k8s.io/kubernetes/pkg/api" - "k8s.io/kubernetes/pkg/apis/extensions" - "k8s.io/kubernetes/pkg/client/cache" - - "github.com/golang/glog" - "k8s.io/ingress/core/pkg/ingress" - "k8s.io/ingress/core/pkg/ingress/annotations/parser" - ssl "k8s.io/ingress/core/pkg/net/ssl" -) - -// syncSecret keeps in sync Secrets used by Ingress rules with files to allow -// being used in controllers. -func (ic *GenericController) syncSecret(k interface{}) error { - if ic.secretQueue.IsShuttingDown() { - return nil - } - if !ic.controllersInSync() { - time.Sleep(podStoreSyncedPollPeriod) - return fmt.Errorf("deferring sync till endpoints controller has synced") - } - - // check if the default certificate is configured - key := fmt.Sprintf("default/%v", defServerName) - _, exists := ic.sslCertTracker.Get(key) - var cert *ingress.SSLCert - var err error - if !exists { - if ic.cfg.DefaultSSLCertificate != "" { - cert, err = ic.getPemCertificate(ic.cfg.DefaultSSLCertificate) - if err != nil { - return err - } - } else { - defCert, defKey := ssl.GetFakeSSLCert() - cert, err = ssl.AddOrUpdateCertAndKey("system-snake-oil-certificate", defCert, defKey, []byte{}) - if err != nil { - return nil - } - } - cert.Name = defServerName - cert.Namespace = api.NamespaceDefault - ic.sslCertTracker.Add(key, cert) - } - - key = k.(string) - - // get secret - secObj, exists, err := ic.secrLister.Store.GetByKey(key) - if err != nil { - return fmt.Errorf("error getting secret %v: %v", key, err) - } - if !exists { - return fmt.Errorf("secret %v was not found", key) - } - sec := secObj.(*api.Secret) - if !ic.secrReferenced(sec.Name, sec.Namespace) { - glog.V(2).Infof("secret %v/%v is not used in Ingress rules. skipping ", sec.Namespace, sec.Name) - return nil - } - - cert, err = ic.getPemCertificate(key) - if err != nil { - return err - } - - // create certificates and add or update the item in the store - _, exists = ic.sslCertTracker.Get(key) - if exists { - ic.sslCertTracker.Update(key, cert) - return nil - } - ic.sslCertTracker.Add(key, cert) - return nil -} - -func (ic *GenericController) getPemCertificate(secretName string) (*ingress.SSLCert, error) { - secretInterface, exists, err := ic.secrLister.Store.GetByKey(secretName) - if err != nil { - return nil, fmt.Errorf("Error retriveing secret %v: %v", secretName, err) - } - if !exists { - return nil, fmt.Errorf("secret named %v does not exists", secretName) - } - - secret := secretInterface.(*api.Secret) - cert, ok := secret.Data[api.TLSCertKey] - if !ok { - return nil, fmt.Errorf("secret named %v has no private key", secretName) - } - key, ok := secret.Data[api.TLSPrivateKeyKey] - if !ok { - return nil, fmt.Errorf("secret named %v has no cert", secretName) - } - - ca := secret.Data["ca.crt"] - - nsSecName := strings.Replace(secretName, "/", "-", -1) - s, err := ssl.AddOrUpdateCertAndKey(nsSecName, cert, key, ca) - if err != nil { - return nil, err - } - - s.Name = secret.Name - s.Namespace = secret.Namespace - return s, nil -} - -// check if secret is referenced in this controller's config -func (ic *GenericController) secrReferenced(name, namespace string) bool { - for _, ingIf := range ic.ingLister.Store.List() { - ing := ingIf.(*extensions.Ingress) - str, err := parser.GetStringAnnotation("ingress.kubernetes.io/auth-tls-secret", ing) - if err == nil && str == fmt.Sprintf("%v/%v", namespace, name) { - return true - } - - if ing.Namespace != namespace { - continue - } - for _, tls := range ing.Spec.TLS { - if tls.SecretName == name { - return true - } - } - } - return false -} - -// sslCertTracker ... -type sslCertTracker struct { - cache.ThreadSafeStore -} - -func newSSLCertTracker() *sslCertTracker { - return &sslCertTracker{ - cache.NewThreadSafeStore(cache.Indexers{}, cache.Indices{}), - } -}