Merge pull request #7454 from rikatz/update-mods

Update go version, modules and remove ioutil

.github/workflows/ci.yaml

@@ -65,11 +65,11 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v2
 
-      - name: Set up Go 1.15
+      - name: Set up Go 1.16
         id: go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.15
+          go-version: 1.16
 
       - name: Set up Docker Buildx
         id: buildx

.gitignore

@@ -46,6 +46,7 @@ test/e2e/e2e\.test
 bin
 test/e2e-image/wait-for-nginx.sh
 .cache
+.modcache
 cover.out
 
 # secret terraform variables

build/run-in-docker.sh

@@ -37,7 +37,7 @@ function cleanup {
 }
 trap cleanup EXIT
 
-E2E_IMAGE=${E2E_IMAGE:-k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210601-g96a87c79b@sha256:f84dcddc84e5cba220260f315e18cd47fc8c6b7f3f4f57b7b3e9cc2ea25324b7}
+E2E_IMAGE=${E2E_IMAGE:-k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210806-g26768e957@sha256:0f3c0d0bda953aa7f1164c452cc0165ce8a0c72469b550988a9601c539f61608}
 
 DOCKER_OPTS=${DOCKER_OPTS:-}
 DOCKER_IN_DOCKER_ENABLED=${DOCKER_IN_DOCKER_ENABLED:-}
@@ -63,6 +63,7 @@ else
     --rm                                                \
     ${DOCKER_OPTS}                                      \
     -e GOCACHE="/go/src/${PKG}/.cache"                  \
+    -e GOMODCACHE="/go/src/${PKG}/.modcache"                  \
     -e DOCKER_IN_DOCKER_ENABLED="true"                  \
     -v "${HOME}/.kube:${HOME}/.kube"                    \
     -v "${KUBE_ROOT}:/go/src/${PKG}"                    \

go.mod

@@ -1,49 +1,47 @@
 module k8s.io/ingress-nginx
 
-go 1.15
+go 1.16
 
 require (
-	github.com/armon/go-proxyproto v0.0.0-20200108142055-f0b8253b1507
+	github.com/armon/go-proxyproto v0.0.0-20210323213023-7e956b284f0a
 	github.com/eapache/channels v1.1.0
 	github.com/fsnotify/fsnotify v1.4.9
-	github.com/fullsailor/pkcs7 v0.0.0-20190404230743-d7302db945fa // indirect
+	github.com/gavv/httpexpect/v2 v2.3.1
-	github.com/gavv/httpexpect/v2 v2.1.0
+	github.com/imdario/mergo v0.3.12
-	github.com/imdario/mergo v0.3.10
+	github.com/json-iterator/go v1.1.11
-	github.com/json-iterator/go v1.1.10
 	github.com/kylelemons/godebug v1.1.0
-	github.com/mitchellh/copystructure v1.0.0
 	github.com/mitchellh/go-ps v1.0.0
-	github.com/mitchellh/hashstructure v1.0.0
+	github.com/mitchellh/hashstructure v1.1.0
-	github.com/mitchellh/mapstructure v1.3.2
+	github.com/mitchellh/mapstructure v1.4.1
 	github.com/moul/pb v0.0.0-20180404114147-54bdd96e6a52
-	github.com/ncabatoff/process-exporter v0.7.2
+	github.com/ncabatoff/process-exporter v0.7.5
 	github.com/onsi/ginkgo v1.16.4
-	github.com/opencontainers/runc v1.0.0-rc92
+	github.com/opencontainers/runc v1.0.1
 	github.com/pkg/errors v0.9.1
 	github.com/pmezard/go-difflib v1.0.0
-	github.com/prometheus/client_golang v1.7.1
+	github.com/prometheus/client_golang v1.11.0
 	github.com/prometheus/client_model v0.2.0
-	github.com/prometheus/common v0.14.0
+	github.com/prometheus/common v0.30.0
-	github.com/spf13/cobra v1.1.1
+	github.com/spf13/cobra v1.2.1
 	github.com/spf13/pflag v1.0.5
-	github.com/stretchr/testify v1.6.1
+	github.com/stretchr/testify v1.7.0
-	github.com/tallclair/mdtoc v1.0.0
+	github.com/zakjan/cert-chain-resolver v0.0.0-20210427055340-87e10242a981
-	github.com/zakjan/cert-chain-resolver v0.0.0-20200729110141-6b99e360f97a
+	golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97
-	golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0
+	golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d
-	golang.org/x/net v0.0.0-20201110031124-69a78807bb2b
+	google.golang.org/grpc v1.38.0
-	google.golang.org/grpc v1.27.1
 	gopkg.in/go-playground/assert.v1 v1.2.1 // indirect
 	gopkg.in/go-playground/pool.v3 v3.1.1
-	k8s.io/api v0.20.2
+	k8s.io/api v0.21.3
-	k8s.io/apiextensions-apiserver v0.20.2
+	k8s.io/apiextensions-apiserver v0.21.3
-	k8s.io/apimachinery v0.20.2
+	k8s.io/apimachinery v0.21.3
-	k8s.io/apiserver v0.20.2
+	k8s.io/apiserver v0.21.3
-	k8s.io/cli-runtime v0.20.2
+	k8s.io/cli-runtime v0.21.3
-	k8s.io/client-go v0.20.2
+	k8s.io/client-go v0.21.3
-	k8s.io/code-generator v0.20.2
+	k8s.io/code-generator v0.21.3
-	k8s.io/component-base v0.20.2
+	k8s.io/component-base v0.21.3
-	k8s.io/klog/v2 v2.4.0
+	k8s.io/klog/v2 v2.10.0
-	k8s.io/utils v0.0.0-20201110183641-67b214c5f920
+	k8s.io/utils v0.0.0-20210802155522-efc7438f0176
 	pault.ag/go/sniff v0.0.0-20200207005214-cf7e4d167732
-	sigs.k8s.io/controller-runtime v0.8.0
+	sigs.k8s.io/controller-runtime v0.9.5
+	sigs.k8s.io/mdtoc v1.0.1
 )

hack/tools.go

@@ -21,6 +21,6 @@ limitations under the License.
 package tools
 
 import (
-	_ "github.com/tallclair/mdtoc"
 	_ "k8s.io/code-generator"
+	_ "sigs.k8s.io/mdtoc"
 )

internal/admission/controller/server.go

@@ -17,7 +17,7 @@ limitations under the License.
 package controller
 
 import (
-	"io/ioutil"
+	"io"
 	"net/http"
 
 	admissionv1 "k8s.io/api/admission/v1"
@@ -61,7 +61,7 @@ func NewAdmissionControllerServer(ac AdmissionController) *AdmissionControllerSe
 func (acs *AdmissionControllerServer) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	defer req.Body.Close()
 
-	data, err := ioutil.ReadAll(req.Body)
+	data, err := io.ReadAll(req.Body)
 	if err != nil {
 		klog.ErrorS(err, "Failed to read request body")
 		w.WriteHeader(http.StatusBadRequest)

internal/file/file.go

@@ -19,7 +19,7 @@ package file
 import (
 	"crypto/sha1" // #nosec
 	"encoding/hex"
-	"io/ioutil"
+	"os"
 
 	"k8s.io/klog/v2"
 )
@@ -27,7 +27,7 @@ import (
 // SHA1 returns the SHA1 of a file.
 func SHA1(filename string) string {
 	hasher := sha1.New() // #nosec
-	s, err := ioutil.ReadFile(filename)
+	s, err := os.ReadFile(filename)
 	if err != nil {
 		klog.ErrorS(err, "Error reading file", "path", filename)
 		return ""

internal/file/file_test.go

@@ -17,7 +17,7 @@ limitations under the License.
 package file
 
 import (
-	"io/ioutil"
+	"os"
 	"testing"
 )
 
@@ -31,7 +31,7 @@ func TestSHA1(t *testing.T) {
 	}
 
 	for _, test := range tests {
-		f, err := ioutil.TempFile("", "sha-test")
+		f, err := os.CreateTemp("", "sha-test")
 		if err != nil {
 			t.Fatal(err)
 		}

internal/ingress/annotations/auth/main.go

@@ -18,7 +18,7 @@ package auth
 
 import (
 	"fmt"
-	"io/ioutil"
+	"os"
 	"regexp"
 	"strings"
 
@@ -183,7 +183,7 @@ func dumpSecretAuthFile(filename string, secret *api.Secret) error {
 		}
 	}
 
-	err := ioutil.WriteFile(filename, val, file.ReadWriteByUser)
+	err := os.WriteFile(filename, val, file.ReadWriteByUser)
 	if err != nil {
 		return ing_errors.LocationDenied{
 			Reason: errors.Wrap(err, "unexpected error creating password file"),
@@ -202,7 +202,7 @@ func dumpSecretAuthMap(filename string, secret *api.Secret) error {
 		builder.WriteString("\n")
 	}
 
-	err := ioutil.WriteFile(filename, []byte(builder.String()), file.ReadWriteByUser)
+	err := os.WriteFile(filename, []byte(builder.String()), file.ReadWriteByUser)
 	if err != nil {
 		return ing_errors.LocationDenied{
 			Reason: errors.Wrap(err, "unexpected error creating password file"),

internal/ingress/annotations/auth/main_test.go

@@ -18,7 +18,6 @@ package auth
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"testing"
 	"time"
@@ -202,12 +201,12 @@ func TestIngressAuthInvalidSecretKey(t *testing.T) {
 }
 
 func dummySecretContent(t *testing.T) (string, string, *api.Secret) {
-	dir, err := ioutil.TempDir("", fmt.Sprintf("%v", time.Now().Unix()))
+	dir, err := os.MkdirTemp("", fmt.Sprintf("%v", time.Now().Unix()))
 	if err != nil {
 		t.Error(err)
 	}
 
-	tmpfile, err := ioutil.TempFile("", "example-")
+	tmpfile, err := os.CreateTemp("", "example-")
 	if err != nil {
 		t.Error(err)
 	}

internal/ingress/controller/checker.go

@@ -18,8 +18,8 @@ package controller
 
 import (
 	"fmt"
-	"io/ioutil"
 	"net/http"
+	"os"
 	"strconv"
 	"strings"
 
@@ -46,7 +46,7 @@ func (n *NGINXController) Check(_ *http.Request) error {
 		return errors.Wrap(err, "reading /proc directory")
 	}
 
-	f, err := ioutil.ReadFile(nginx.PID)
+	f, err := os.ReadFile(nginx.PID)
 	if err != nil {
 		return errors.Wrapf(err, "reading %v", nginx.PID)
 	}

internal/ingress/controller/controller_test.go

@@ -22,7 +22,7 @@ import (
 	"crypto/x509/pkix"
 	"encoding/asn1"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -123,7 +123,7 @@ func (ntc testNginxTestCommand) Test(cfg string) ([]byte, error) {
 		return nil, err
 	}
 	defer fd.Close()
-	bytes, err := ioutil.ReadAll(fd)
+	bytes, err := io.ReadAll(fd)
 	if err != nil {
 		ntc.t.Errorf("could not read generated nginx configuration: %v", err.Error())
 	}

internal/ingress/controller/nginx.go

@@ -22,7 +22,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"net"
 	"net/http"
 	"os"
@@ -616,12 +615,12 @@ func (n NGINXController) testTemplate(cfg []byte) error {
 	if len(cfg) == 0 {
 		return fmt.Errorf("invalid NGINX configuration (empty)")
 	}
-	tmpfile, err := ioutil.TempFile("", tempNginxPattern)
+	tmpfile, err := os.CreateTemp("", tempNginxPattern)
 	if err != nil {
 		return err
 	}
 	defer tmpfile.Close()
-	err = ioutil.WriteFile(tmpfile.Name(), cfg, file.ReadWriteByUser)
+	err = os.WriteFile(tmpfile.Name(), cfg, file.ReadWriteByUser)
 	if err != nil {
 		return err
 	}
@@ -666,14 +665,14 @@ func (n *NGINXController) OnUpdate(ingressCfg ingress.Configuration) error {
 	}
 
 	if klog.V(2).Enabled() {
-		src, _ := ioutil.ReadFile(cfgPath)
+		src, _ := os.ReadFile(cfgPath)
 		if !bytes.Equal(src, content) {
-			tmpfile, err := ioutil.TempFile("", "new-nginx-cfg")
+			tmpfile, err := os.CreateTemp("", "new-nginx-cfg")
 			if err != nil {
 				return err
 			}
 			defer tmpfile.Close()
-			err = ioutil.WriteFile(tmpfile.Name(), content, file.ReadWriteByUser)
+			err = os.WriteFile(tmpfile.Name(), content, file.ReadWriteByUser)
 			if err != nil {
 				return err
 			}
@@ -696,7 +695,7 @@ func (n *NGINXController) OnUpdate(ingressCfg ingress.Configuration) error {
 		}
 	}
 
-	err = ioutil.WriteFile(cfgPath, content, file.ReadWriteByUser)
+	err = os.WriteFile(cfgPath, content, file.ReadWriteByUser)
 	if err != nil {
 		return err
 	}
@@ -1093,7 +1092,7 @@ func createOpentracingCfg(cfg ngx_config.Configuration) error {
 	// Expand possible environment variables before writing the configuration to file.
 	expanded := os.ExpandEnv(tmplBuf.String())
 
-	return ioutil.WriteFile("/etc/nginx/opentracing.json", []byte(expanded), file.ReadWriteByUser)
+	return os.WriteFile("/etc/nginx/opentracing.json", []byte(expanded), file.ReadWriteByUser)
 }
 
 func cleanTempNginxCfg() error {

internal/ingress/controller/nginx_test.go

@@ -19,7 +19,6 @@ package controller
 import (
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net"
 	"net/http"
 	"net/http/httptest"
@@ -179,7 +178,7 @@ func TestConfigureDynamically(t *testing.T) {
 					t.Errorf("expected a 'POST' request, got '%s'", r.Method)
 				}
 
-				b, err := ioutil.ReadAll(r.Body)
+				b, err := io.ReadAll(r.Body)
 				if err != nil && err != io.EOF {
 					t.Fatal(err)
 				}
@@ -339,7 +338,7 @@ func TestConfigureCertificates(t *testing.T) {
 					t.Errorf("expected a 'POST' request, got '%s'", r.Method)
 				}
 
-				b, err := ioutil.ReadAll(r.Body)
+				b, err := io.ReadAll(r.Body)
 				if err != nil && err != io.EOF {
 					t.Fatal(err)
 				}
@@ -478,7 +477,7 @@ func TestCleanTempNginxCfg(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	tmpfile, err := ioutil.TempFile("", tempNginxPattern)
+	tmpfile, err := os.CreateTemp("", tempNginxPattern)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -495,7 +494,7 @@ func TestCleanTempNginxCfg(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	tmpfile, err = ioutil.TempFile("", tempNginxPattern)
+	tmpfile, err = os.CreateTemp("", tempNginxPattern)
 	if err != nil {
 		t.Fatal(err)
 	}

internal/ingress/controller/store/store.go

@@ -20,7 +20,7 @@ import (
 	"context"
 	"encoding/base64"
 	"fmt"
-	"io/ioutil"
+	"os"
 	"reflect"
 	"sort"
 	"sync"
@@ -851,7 +851,7 @@ func (s *k8sStore) writeSSLSessionTicketKey(cmap *corev1.ConfigMap, fileName str
 			return
 		}
 
-		err = ioutil.WriteFile(fileName, decodedTicket, file.ReadWriteByUser)
+		err = os.WriteFile(fileName, decodedTicket, file.ReadWriteByUser)
 		if err != nil {
 			klog.Errorf("unexpected error writing ssl-session-ticket-key to %s: %v", fileName, err)
 			return

internal/ingress/controller/store/store_test.go

@@ -20,7 +20,6 @@ import (
 	"context"
 	"encoding/base64"
 	"fmt"
-	"io/ioutil"
 	"os"
 	"sync"
 	"sync/atomic"
@@ -959,14 +958,14 @@ func TestWriteSSLSessionTicketKey(t *testing.T) {
 			},
 		}
 
-		f, err := ioutil.TempFile("", "ssl-session-ticket-test")
+		f, err := os.CreateTemp("", "ssl-session-ticket-test")
 		if err != nil {
 			t.Fatal(err)
 		}
 
 		s.writeSSLSessionTicketKey(cmap, f.Name())
 
-		content, err := ioutil.ReadFile(f.Name())
+		content, err := os.ReadFile(f.Name())
 		if err != nil {
 			t.Fatal(err)
 		}

internal/ingress/controller/template/template.go

@@ -24,7 +24,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"math/rand" // #nosec
 	"net"
 	"net/url"
@@ -76,7 +75,7 @@ type Template struct {
 //NewTemplate returns a new Template instance or an
 //error if the specified template file contains errors
 func NewTemplate(file string) (*Template, error) {
-	data, err := ioutil.ReadFile(file)
+	data, err := os.ReadFile(file)
 	if err != nil {
 		return nil, errors.Wrapf(err, "unexpected error reading template %v", file)
 	}

internal/ingress/controller/template/template_test.go

@@ -20,7 +20,6 @@ import (
 	"bytes"
 	"encoding/base64"
 	"fmt"
-	"io/ioutil"
 	"net"
 	"os"
 	"path"
@@ -538,7 +537,7 @@ func TestTemplateWithData(t *testing.T) {
 		t.Errorf("unexpected error reading json file: %v", err)
 	}
 	defer f.Close()
-	data, err := ioutil.ReadFile(f.Name())
+	data, err := os.ReadFile(f.Name())
 	if err != nil {
 		t.Error("unexpected error reading json file: ", err)
 	}
@@ -582,7 +581,7 @@ func BenchmarkTemplateWithData(b *testing.B) {
 		b.Errorf("unexpected error reading json file: %v", err)
 	}
 	defer f.Close()
-	data, err := ioutil.ReadFile(f.Name())
+	data, err := os.ReadFile(f.Name())
 	if err != nil {
 		b.Error("unexpected error reading json file: ", err)
 	}
@@ -1657,7 +1656,7 @@ func TestCleanConf(t *testing.T) {
 	}
 	actual := &bytes.Buffer{}
 	{
-		data, err := ioutil.ReadFile(testDataDir + "/cleanConf.src.conf")
+		data, err := os.ReadFile(testDataDir + "/cleanConf.src.conf")
 		if err != nil {
 			t.Error("unexpected error reading conf file: ", err)
 		}
@@ -1668,7 +1667,7 @@ func TestCleanConf(t *testing.T) {
 		}
 	}
 
-	expected, err := ioutil.ReadFile(testDataDir + "/cleanConf.expected.conf")
+	expected, err := os.ReadFile(testDataDir + "/cleanConf.expected.conf")
 	if err != nil {
 		t.Error("unexpected error reading conf file: ", err)
 	}

internal/ingress/controller/util.go

@@ -18,7 +18,6 @@ package controller
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"path"
@@ -123,7 +122,7 @@ func (nc NginxCommand) Test(cfg string) ([]byte, error) {
 
 // getSysctl returns the value for the specified sysctl setting
 func getSysctl(sysctl string) (int, error) {
-	data, err := ioutil.ReadFile(path.Join("/proc/sys", sysctl))
+	data, err := os.ReadFile(path.Join("/proc/sys", sysctl))
 	if err != nil {
 		return -1, err
 	}

internal/ingress/metric/collectors/socket.go

@@ -19,7 +19,6 @@ package collectors
 import (
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net"
 	"os"
 	"syscall"
@@ -442,7 +441,7 @@ func (sc *SocketCollector) SetHosts(hosts sets.String) {
 // handleMessages process the content received in a network connection
 func handleMessages(conn io.ReadCloser, fn func([]byte)) {
 	defer conn.Close()
-	data, err := ioutil.ReadAll(conn)
+	data, err := io.ReadAll(conn)
 	if err != nil {
 		return
 	}

internal/net/dns/dns.go

@@ -17,8 +17,8 @@ limitations under the License.
 package dns
 
 import (
-	"io/ioutil"
 	"net"
+	"os"
 	"strings"
 
 	"k8s.io/klog/v2"
@@ -29,7 +29,7 @@ var defResolvConf = "/etc/resolv.conf"
 // GetSystemNameServers returns the list of nameservers located in the file /etc/resolv.conf
 func GetSystemNameServers() ([]net.IP, error) {
 	var nameservers []net.IP
-	file, err := ioutil.ReadFile(defResolvConf)
+	file, err := os.ReadFile(defResolvConf)
 	if err != nil {
 		return nameservers, err
 	}

internal/net/dns/dns_test.go

@@ -17,7 +17,6 @@ limitations under the License.
 package dns
 
 import (
-	"io/ioutil"
 	"net"
 	"os"
 	"testing"
@@ -34,14 +33,14 @@ func TestGetDNSServers(t *testing.T) {
 		t.Error("expected at least 1 nameserver in /etc/resolv.conf")
 	}
 
-	f, err := ioutil.TempFile("", "fw")
+	f, err := os.CreateTemp("", "fw")
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
 	}
 	defer f.Close()
 	defer os.Remove(f.Name())
 
-	ioutil.WriteFile(f.Name(), []byte(`
+	os.WriteFile(f.Name(), []byte(`
 	# comment
 	; comment
 	nameserver 2001:4860:4860::8844

internal/net/ssl/ssl.go

@@ -29,7 +29,6 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"math/big"
 	"net"
 	"os"
@@ -181,7 +180,7 @@ func CheckCACert(caBytes []byte) ([]*x509.Certificate, error) {
 func StoreSSLCertOnDisk(name string, sslCert *ingress.SSLCert) (string, error) {
 	pemFileName, _ := getPemFileName(name)
 
-	err := ioutil.WriteFile(pemFileName, []byte(sslCert.PemCertKey), file.ReadWriteByUser)
+	err := os.WriteFile(pemFileName, []byte(sslCert.PemCertKey), file.ReadWriteByUser)
 	if err != nil {
 		return "", fmt.Errorf("could not create PEM certificate file %v: %v", pemFileName, err)
 	}
@@ -209,7 +208,7 @@ func ConfigureCACertWithCertAndKey(name string, ca []byte, sslCert *ingress.SSLC
 		return fmt.Errorf("could not write ca data to cert file %v: %v", sslCert.CAFileName, err)
 	}
 
-	return ioutil.WriteFile(sslCert.CAFileName, buffer.Bytes(), 0644)
+	return os.WriteFile(sslCert.CAFileName, buffer.Bytes(), 0644)
 }
 
 // ConfigureCRL creates a CRL file and append it into the SSLCert
@@ -232,7 +231,7 @@ func ConfigureCRL(name string, crl []byte, sslCert *ingress.SSLCert) error {
 		return fmt.Errorf(err.Error())
 	}
 
-	err = ioutil.WriteFile(crlFileName, crl, 0644)
+	err = os.WriteFile(crlFileName, crl, 0644)
 	if err != nil {
 		return fmt.Errorf("could not write CRL file %v: %v", crlFileName, err)
 	}
@@ -250,7 +249,7 @@ func ConfigureCACert(name string, ca []byte, sslCert *ingress.SSLCert) error {
 	caName := fmt.Sprintf("ca-%v.pem", name)
 	fileName := fmt.Sprintf("%v/%v", file.DefaultSSLDirectory, caName)
 
-	err := ioutil.WriteFile(fileName, ca, 0644)
+	err := os.WriteFile(fileName, ca, 0644)
 	if err != nil {
 		return fmt.Errorf("could not write CA file %v: %v", fileName, err)
 	}
@@ -332,7 +331,7 @@ func parseSANExtension(value []byte) (dnsNames, emailAddresses []string, ipAddre
 func AddOrUpdateDHParam(name string, dh []byte) (string, error) {
 	pemFileName, pemName := getPemFileName(name)
 
-	tempPemFile, err := ioutil.TempFile(file.DefaultSSLDirectory, pemName)
+	tempPemFile, err := os.CreateTemp(file.DefaultSSLDirectory, pemName)
 
 	klog.V(3).InfoS("Creating temporal file for DH", "path", tempPemFile.Name(), "name", pemName)
 	if err != nil {
@@ -351,7 +350,7 @@ func AddOrUpdateDHParam(name string, dh []byte) (string, error) {
 
 	defer os.Remove(tempPemFile.Name())
 
-	pemCerts, err := ioutil.ReadFile(tempPemFile.Name())
+	pemCerts, err := os.ReadFile(tempPemFile.Name())
 	if err != nil {
 		return "", err
 	}
@@ -530,12 +529,12 @@ func (tl *TLSListener) TLSConfig() *tls.Config {
 
 func (tl *TLSListener) load() {
 	klog.InfoS("loading tls certificate", "path", tl.certificatePath, "key", tl.keyPath)
-	certBytes, err := ioutil.ReadFile(tl.certificatePath)
+	certBytes, err := os.ReadFile(tl.certificatePath)
 	if err != nil {
 		tl.certificate = nil
 		tl.err = err
 	}
-	keyBytes, err := ioutil.ReadFile(tl.keyPath)
+	keyBytes, err := os.ReadFile(tl.keyPath)
 	if err != nil {
 		tl.certificate = nil
 		tl.err = err

internal/net/ssl/ssl_test.go

@@ -28,11 +28,11 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"io/ioutil"
 	"math"
 	"math/big"
 	"net/http"
 	"net/http/httptest"
+	"os"
 	"strings"
 	"sync"
 	"testing"
@@ -393,7 +393,7 @@ func encodeCertPEM(cert *x509.Certificate) []byte {
 func newFakeCertificate(t *testing.T) ([]byte, string, string) {
 	cert, key := getFakeHostSSLCert("localhost")
 
-	certFile, err := ioutil.TempFile("", "crt-")
+	certFile, err := os.CreateTemp("", "crt-")
 	if err != nil {
 		t.Errorf("failed to write test key: %v", err)
 	}
@@ -401,7 +401,7 @@ func newFakeCertificate(t *testing.T) ([]byte, string, string) {
 	certFile.Write(cert)
 	defer certFile.Close()
 
-	keyFile, err := ioutil.TempFile("", "key-")
+	keyFile, err := os.CreateTemp("", "key-")
 	if err != nil {
 		t.Errorf("failed to write test key: %v", err)
 	}

internal/nginx/main.go

@@ -20,7 +20,7 @@ import (
 	"bytes"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"os"
 	"os/exec"
@@ -69,7 +69,7 @@ func NewGetStatusRequest(path string) (int, []byte, error) {
 	}
 	defer res.Body.Close()
 
-	data, err := ioutil.ReadAll(res.Body)
+	data, err := io.ReadAll(res.Body)
 	if err != nil {
 		return 0, nil, err
 	}
@@ -93,7 +93,7 @@ func NewPostStatusRequest(path, contentType string, data interface{}) (int, []by
 	}
 	defer res.Body.Close()
 
-	body, err := ioutil.ReadAll(res.Body)
+	body, err := io.ReadAll(res.Body)
 	if err != nil {
 		return 0, nil, err
 	}
@@ -133,7 +133,7 @@ func readFileToString(path string) (string, error) {
 	}
 	defer f.Close()
 
-	contents, err := ioutil.ReadAll(f)
+	contents, err := io.ReadAll(f)
 	if err != nil {
 		return "", err
 	}

internal/runtime/cpu_linux.go

@@ -19,8 +19,8 @@ limitations under the License.
 package runtime
 
 import (
-	"io/ioutil"
 	"math"
+	"os"
 	"path/filepath"
 	"runtime"
 	"strconv"
@@ -52,7 +52,7 @@ func NumCPU() int {
 }
 
 func readCgroupFileToInt64(cgroupPath, cgroupFile string) int64 {
-	contents, err := ioutil.ReadFile(filepath.Join(cgroupPath, cgroupFile))
+	contents, err := os.ReadFile(filepath.Join(cgroupPath, cgroupFile))
 	if err != nil {
 		return -1
 	}

internal/watch/file_watcher_test.go

@@ -17,7 +17,6 @@ limitations under the License.
 package watch
 
 import (
-	"io/ioutil"
 	"os"
 	"path"
 	"path/filepath"
@@ -37,7 +36,7 @@ func prepareTimeout() chan bool {
 }
 
 func TestFileWatcher(t *testing.T) {
-	f, err := ioutil.TempFile("", "fw")
+	f, err := os.CreateTemp("", "fw")
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
 	}
@@ -62,7 +61,7 @@ func TestFileWatcher(t *testing.T) {
 		t.Fatalf("expected no events before writing a file")
 	case <-timeoutChan:
 	}
-	ioutil.WriteFile(f.Name(), []byte{}, file.ReadWriteByUser)
+	os.WriteFile(f.Name(), []byte{}, file.ReadWriteByUser)
 	select {
 	case <-events:
 	case <-timeoutChan:
@@ -71,7 +70,7 @@ func TestFileWatcher(t *testing.T) {
 }
 
 func TestFileWatcherWithNestedSymlink(t *testing.T) {
-	target1, err := ioutil.TempFile("", "t1")
+	target1, err := os.CreateTemp("", "t1")
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
 	}
@@ -115,7 +114,7 @@ func TestFileWatcherWithNestedSymlink(t *testing.T) {
 	}
 	defer fw.Close()
 
-	target2, err := ioutil.TempFile("", "t2")
+	target2, err := os.CreateTemp("", "t2")
 	if err != nil {
 		t.Fatalf("unexpected error: %v", err)
 	}

test/e2e-image/Dockerfile

@@ -1,4 +1,4 @@
-FROM k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210601-g96a87c79b@sha256:f84dcddc84e5cba220260f315e18cd47fc8c6b7f3f4f57b7b3e9cc2ea25324b7 AS BASE
+FROM k8s.gcr.io/ingress-nginx/e2e-test-runner:v20210806-g26768e957@sha256:0f3c0d0bda953aa7f1164c452cc0165ce8a0c72469b550988a9601c539f61608 AS BASE
 
 FROM alpine:3.12
 

test/e2e/settings/ocsp/ocsp.go

@@ -22,8 +22,8 @@ import (
 	"crypto/tls"
 	"crypto/x509"
 	"fmt"
-	"io/ioutil"
 	"net/http"
+	"os"
 	"os/exec"
 	"strings"
 	"syscall"
@@ -57,13 +57,13 @@ var _ = framework.DescribeSetting("OCSP", func() {
 		ing := framework.NewSingleIngressWithTLS(host, "/", host, []string{host}, f.Namespace, framework.EchoService, 80, nil)
 		f.EnsureIngress(ing)
 
-		leafCert, err := ioutil.ReadFile("leaf.pem")
+		leafCert, err := os.ReadFile("leaf.pem")
 		assert.Nil(ginkgo.GinkgoT(), err)
 
-		leafKey, err := ioutil.ReadFile("leaf-key.pem")
+		leafKey, err := os.ReadFile("leaf-key.pem")
 		assert.Nil(ginkgo.GinkgoT(), err)
 
-		intermediateCa, err := ioutil.ReadFile("intermediate_ca.pem")
+		intermediateCa, err := os.ReadFile("intermediate_ca.pem")
 		assert.Nil(ginkgo.GinkgoT(), err)
 
 		var pemCertBuffer bytes.Buffer
@@ -82,7 +82,7 @@ var _ = framework.DescribeSetting("OCSP", func() {
 			},
 		})
 
-		cfsslDB, err := ioutil.ReadFile("empty.db")
+		cfsslDB, err := os.ReadFile("empty.db")
 		assert.Nil(ginkgo.GinkgoT(), err)
 
 		cmap, err := f.EnsureConfigMap(&corev1.ConfigMap{
@@ -197,7 +197,7 @@ const configTemplate = `
 
 func prepareCertificates(namespace string) error {
 	config := fmt.Sprintf(configTemplate, namespace)
-	err := ioutil.WriteFile("cfssl_config.json", []byte(config), 0644)
+	err := os.WriteFile("cfssl_config.json", []byte(config), 0644)
 	if err != nil {
 		return fmt.Errorf("creating cfssl_config.json file: %v", err)
 	}

test/e2e/settings/proxy_protocol.go

@@ -20,7 +20,7 @@ import (
 	"context"
 	"crypto/tls"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net"
 	"strings"
 
@@ -66,7 +66,7 @@ var _ = framework.DescribeSetting("use-proxy-protocol", func() {
 		conn.Write([]byte(header))
 		conn.Write([]byte("GET / HTTP/1.1\r\nHost: proxy-protocol\r\n\r\n"))
 
-		data, err := ioutil.ReadAll(conn)
+		data, err := io.ReadAll(conn)
 		assert.Nil(ginkgo.GinkgoT(), err, "unexpected error reading connection data")
 
 		body := string(data)
@@ -99,7 +99,7 @@ var _ = framework.DescribeSetting("use-proxy-protocol", func() {
 		conn.Write([]byte(header))
 		conn.Write([]byte("GET / HTTP/1.1\r\nHost: proxy-protocol\r\n\r\n"))
 
-		data, err := ioutil.ReadAll(conn)
+		data, err := io.ReadAll(conn)
 		assert.Nil(ginkgo.GinkgoT(), err, "unexpected error reading connection data")
 
 		body := string(data)
@@ -141,7 +141,7 @@ var _ = framework.DescribeSetting("use-proxy-protocol", func() {
 		_, err = tlsConn.Write([]byte("GET / HTTP/1.1\r\nHost: proxy-protocol\r\n\r\n"))
 		assert.Nil(ginkgo.GinkgoT(), err, "writing HTTP request")
 
-		data, err := ioutil.ReadAll(tlsConn)
+		data, err := io.ReadAll(tlsConn)
 		assert.Nil(ginkgo.GinkgoT(), err, "unexpected error reading connection data")
 
 		body := string(data)
@@ -208,7 +208,7 @@ var _ = framework.DescribeSetting("use-proxy-protocol", func() {
 		conn.Write([]byte(header))
 		conn.Write([]byte("GET / HTTP/1.1\r\nHost: proxy-protocol\r\n\r\n"))
 
-		_, err = ioutil.ReadAll(conn)
+		_, err = io.ReadAll(conn)
 		assert.Nil(ginkgo.GinkgoT(), err, "unexpected error reading connection data")
 
 		logs, err := f.NginxLogs()