third_party/go: remove unreferences patches
Change-Id: Idd00b552c621e3a227fc097e175f0c82fa1a7249
Reviewed-on: https://review.monogon.dev/c/monogon/+/1901
Tested-by: Jenkins CI
Reviewed-by: Lorenz Brun <lorenz@monogon.tech>
diff --git a/third_party/go/patches/k8s-adopt-to-go-jose-2.3.patch b/third_party/go/patches/k8s-adopt-to-go-jose-2.3.patch
deleted file mode 100644
index 9efd08a..0000000
--- a/third_party/go/patches/k8s-adopt-to-go-jose-2.3.patch
+++ /dev/null
@@ -1,136 +0,0 @@
-From a1411288423dfc4062844b9f699a30fd7cbe090d Mon Sep 17 00:00:00 2001
-From: Lorenz Brun <lorenz@monogon.tech>
-Date: Mon, 21 Mar 2022 15:20:19 +0100
-Subject: [PATCH 1/2] Adopt to API breakage in go-jose 2.3.0
-
----
- pkg/serviceaccount/claims_test.go | 40 +++++++++++-----------
- test/integration/auth/svcaccttoken_test.go | 6 ++--
- 2 files changed, 23 insertions(+), 23 deletions(-)
-
-diff --git a/pkg/serviceaccount/claims_test.go b/pkg/serviceaccount/claims_test.go
-index 2e968f60335..a0b5a595c2f 100644
---- a/pkg/serviceaccount/claims_test.go
-+++ b/pkg/serviceaccount/claims_test.go
-@@ -85,9 +85,9 @@ func TestClaims(t *testing.T) {
-
- sc: &jwt.Claims{
- Subject: "system:serviceaccount:myns:mysvcacct",
-- IssuedAt: jwt.NumericDate(1514764800),
-- NotBefore: jwt.NumericDate(1514764800),
-- Expiry: jwt.NumericDate(1514764800),
-+ IssuedAt: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ NotBefore: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ Expiry: jwt.NewNumericDate(time.Unix(1514764800, 0)),
- },
- pc: &privateClaims{
- Kubernetes: kubernetes{
-@@ -107,9 +107,9 @@ func TestClaims(t *testing.T) {
-
- sc: &jwt.Claims{
- Subject: "system:serviceaccount:myns:mysvcacct",
-- IssuedAt: jwt.NumericDate(1514764800),
-- NotBefore: jwt.NumericDate(1514764800),
-- Expiry: jwt.NumericDate(1514764800 + 100),
-+ IssuedAt: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ NotBefore: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ Expiry: jwt.NewNumericDate(time.Unix(1514764800+100, 0)),
- },
- pc: &privateClaims{
- Kubernetes: kubernetes{
-@@ -130,9 +130,9 @@ func TestClaims(t *testing.T) {
- sc: &jwt.Claims{
- Subject: "system:serviceaccount:myns:mysvcacct",
- Audience: []string{"1"},
-- IssuedAt: jwt.NumericDate(1514764800),
-- NotBefore: jwt.NumericDate(1514764800),
-- Expiry: jwt.NumericDate(1514764800 + 100),
-+ IssuedAt: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ NotBefore: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ Expiry: jwt.NewNumericDate(time.Unix(1514764800+100, 0)),
- },
- pc: &privateClaims{
- Kubernetes: kubernetes{
-@@ -152,9 +152,9 @@ func TestClaims(t *testing.T) {
- sc: &jwt.Claims{
- Subject: "system:serviceaccount:myns:mysvcacct",
- Audience: []string{"1", "2"},
-- IssuedAt: jwt.NumericDate(1514764800),
-- NotBefore: jwt.NumericDate(1514764800),
-- Expiry: jwt.NumericDate(1514764800 + 100),
-+ IssuedAt: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ NotBefore: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ Expiry: jwt.NewNumericDate(time.Unix(1514764800+100, 0)),
- },
- pc: &privateClaims{
- Kubernetes: kubernetes{
-@@ -175,16 +175,16 @@ func TestClaims(t *testing.T) {
-
- sc: &jwt.Claims{
- Subject: "system:serviceaccount:myns:mysvcacct",
-- IssuedAt: jwt.NumericDate(1514764800),
-- NotBefore: jwt.NumericDate(1514764800),
-- Expiry: jwt.NumericDate(1514764800 + 60*60*24),
-+ IssuedAt: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ NotBefore: jwt.NewNumericDate(time.Unix(1514764800, 0)),
-+ Expiry: jwt.NewNumericDate(time.Unix(1514764800+60*60*24, 0)),
- },
- pc: &privateClaims{
- Kubernetes: kubernetes{
- Namespace: "myns",
- Svcacct: ref{Name: "mysvcacct", UID: "mysvcacct-uid"},
- Pod: &ref{Name: "mypod", UID: "mypod-uid"},
-- WarnAfter: jwt.NumericDate(1514764800 + 60*60),
-+ WarnAfter: jwt.NewNumericDate(time.Unix(1514764800+60*60, 0)),
- },
- },
- },
-@@ -223,8 +223,8 @@ type claimTestCase struct {
- name string
- getter ServiceAccountTokenGetter
- private *privateClaims
-- expiry jwt.NumericDate
-- notBefore jwt.NumericDate
-+ expiry *jwt.NumericDate
-+ notBefore *jwt.NumericDate
- expectErr string
- }
-
-@@ -365,8 +365,8 @@ func TestValidatePrivateClaims(t *testing.T) {
- for _, tc := range testcases {
- t.Run(tc.name, func(t *testing.T) {
- v := &validator{tc.getter}
-- expiry := jwt.NumericDate(nowUnix)
-- if tc.expiry != 0 {
-+ expiry := jwt.NewNumericDate(time.Unix(nowUnix, 0))
-+ if tc.expiry != nil {
- expiry = tc.expiry
- }
- _, err := v.Validate(context.Background(), "", &jwt.Claims{Expiry: expiry, NotBefore: tc.notBefore}, tc.private)
-diff --git a/test/integration/auth/svcaccttoken_test.go b/test/integration/auth/svcaccttoken_test.go
-index da50bf4736e..5311b6c90c3 100644
---- a/test/integration/auth/svcaccttoken_test.go
-+++ b/test/integration/auth/svcaccttoken_test.go
-@@ -421,16 +421,16 @@ func TestServiceAccountTokenCreate(t *testing.T) {
- t.Fatalf("error parsing warnafter: %v", err)
- }
-
-- if exp < int64(actualExpiry)-leeway || exp > int64(actualExpiry)+leeway {
-+ if exp < int64(*actualExpiry)-leeway || exp > int64(*actualExpiry)+leeway {
- t.Errorf("unexpected token exp %d, should within range of %d +- %d seconds", exp, actualExpiry, leeway)
- }
-- if warnafter < int64(assumedExpiry)-leeway || warnafter > int64(assumedExpiry)+leeway {
-+ if warnafter < int64(*assumedExpiry)-leeway || warnafter > int64(*assumedExpiry)+leeway {
- t.Errorf("unexpected token warnafter %d, should within range of %d +- %d seconds", warnafter, assumedExpiry, leeway)
- }
-
- checkExpiration(t, treq, requestExp)
- expStatus := treq.Status.ExpirationTimestamp.Time.Unix()
-- if expStatus < int64(assumedExpiry)-leeway || warnafter > int64(assumedExpiry)+leeway {
-+ if expStatus < int64(*assumedExpiry)-leeway || warnafter > int64(*assumedExpiry)+leeway {
- t.Errorf("unexpected expiration returned in tokenrequest status %d, should within range of %d +- %d seconds", expStatus, assumedExpiry, leeway)
- }
- })
---
-2.25.1
-
diff --git a/third_party/go/patches/k8s-backport-no-dockershim.patch b/third_party/go/patches/k8s-backport-no-dockershim.patch
deleted file mode 100644
index 452c7e1..0000000
--- a/third_party/go/patches/k8s-backport-no-dockershim.patch
+++ /dev/null
@@ -1,191 +0,0 @@
-From bc78dff42ec6be929648e91f3ef2dd6dae5169fb Mon Sep 17 00:00:00 2001
-From: Davanum Srinivas <davanum@gmail.com>
-Date: Tue, 7 Dec 2021 14:48:57 -0500
-Subject: [PATCH] update files to drop dockershim
-
-Signed-off-by: Davanum Srinivas <davanum@gmail.com>
----
- build/dependencies.yaml | 2 --
- cmd/kubelet/app/options/globalflags_linux.go | 11 --------
- go.mod | 5 ----
- go.sum | 3 ---
- pkg/kubelet/kubelet.go | 26 +------------------
- .../legacy-cloud-providers/aws/aws_fakes.go | 1 +
- test/e2e/framework/.import-restrictions | 10 -------
- 7 files changed, 2 insertions(+), 56 deletions(-)
-
-diff --git a/build/dependencies.yaml b/build/dependencies.yaml
-index ff296e255b961..b0b1b5a6d41b8 100644
---- a/build/dependencies.yaml
-+++ b/build/dependencies.yaml
-@@ -172,8 +172,6 @@ dependencies:
- match: defaultPodSandboxImageVersion\s+=
- - path: hack/testdata/pod-with-precision.json
- match: k8s.gcr.io\/pause:\d+\.\d+
-- - path: pkg/kubelet/dockershim/docker_sandbox.go
-- match: k8s.gcr.io\/pause:\d+\.\d+
- - path: staging/src/k8s.io/kubectl/testdata/set/multi-resource-yaml.yaml
- match: k8s.gcr.io\/pause:\d+\.\d+
- - path: staging/src/k8s.io/kubectl/testdata/set/namespaced-resource.yaml
-diff --git a/cmd/kubelet/app/options/globalflags_linux.go b/cmd/kubelet/app/options/globalflags_linux.go
-index ad3b68628f661..e75e65ec37cd0 100644
---- a/cmd/kubelet/app/options/globalflags_linux.go
-+++ b/cmd/kubelet/app/options/globalflags_linux.go
-@@ -28,7 +28,6 @@ import (
- // ensure libs have a chance to globally register their flags
- _ "github.com/google/cadvisor/container/common"
- _ "github.com/google/cadvisor/container/containerd"
-- _ "github.com/google/cadvisor/container/docker"
- _ "github.com/google/cadvisor/container/raw"
- _ "github.com/google/cadvisor/machine"
- _ "github.com/google/cadvisor/manager"
-@@ -41,9 +40,6 @@ func addCadvisorFlags(fs *pflag.FlagSet) {
- global := flag.CommandLine
- local := pflag.NewFlagSet(os.Args[0], pflag.ExitOnError)
-
-- // These flags were also implicit from cadvisor, but are actually used by something in the core repo:
-- // TODO(mtaufen): This one is stil used by our salt, but for heaven's sake it's even deprecated in cadvisor
-- register(global, local, "docker_root")
- // e2e node tests rely on this
- register(global, local, "housekeeping_interval")
-
-@@ -54,13 +50,6 @@ func addCadvisorFlags(fs *pflag.FlagSet) {
- registerDeprecated(global, local, "boot_id_file", deprecated)
- registerDeprecated(global, local, "container_hints", deprecated)
- registerDeprecated(global, local, "containerd", deprecated)
-- registerDeprecated(global, local, "docker", deprecated)
-- registerDeprecated(global, local, "docker_env_metadata_whitelist", deprecated)
-- registerDeprecated(global, local, "docker_only", deprecated)
-- registerDeprecated(global, local, "docker-tls", deprecated)
-- registerDeprecated(global, local, "docker-tls-ca", deprecated)
-- registerDeprecated(global, local, "docker-tls-cert", deprecated)
-- registerDeprecated(global, local, "docker-tls-key", deprecated)
- registerDeprecated(global, local, "enable_load_reader", deprecated)
- registerDeprecated(global, local, "event_storage_age_limit", deprecated)
- registerDeprecated(global, local, "event_storage_event_limit", deprecated)
-diff --git a/go.mod b/go.mod
-index a17878d68d030..7dccd35bb6b91 100644
---- a/go.mod
-+++ b/go.mod
-@@ -25,15 +25,12 @@ require (
- github.com/boltdb/bolt v1.3.1 // indirect
- github.com/clusterhq/flocker-go v0.0.0-20160920122132-2b8b7259d313
- github.com/container-storage-interface/spec v1.5.0
-- github.com/containernetworking/cni v0.8.1
- github.com/coredns/corefile-migration v1.0.14
- github.com/coreos/go-oidc v2.1.0+incompatible
- github.com/coreos/go-systemd/v22 v22.3.2
- github.com/cpuguy83/go-md2man/v2 v2.0.0
- github.com/davecgh/go-spew v1.1.1
- github.com/docker/distribution v2.7.1+incompatible
-- github.com/docker/docker v20.10.7+incompatible
-- github.com/docker/go-connections v0.4.0
- github.com/docker/go-units v0.4.0
- github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153
- github.com/emicklei/go-restful v2.9.5+incompatible
-@@ -63,7 +60,6 @@ require (
- github.com/mvdan/xurls v1.1.0
- github.com/onsi/ginkgo v1.14.0
- github.com/onsi/gomega v1.10.1
-- github.com/opencontainers/go-digest v1.0.0
- github.com/opencontainers/runc v1.0.2
- github.com/opencontainers/selinux v1.8.2
- github.com/pkg/errors v0.9.1
-@@ -209,7 +205,6 @@ replace (
- github.com/containerd/go-runc => github.com/containerd/go-runc v1.0.0
- github.com/containerd/ttrpc => github.com/containerd/ttrpc v1.0.2
- github.com/containerd/typeurl => github.com/containerd/typeurl v1.0.2
-- github.com/containernetworking/cni => github.com/containernetworking/cni v0.8.1
- github.com/coredns/caddy => github.com/coredns/caddy v1.1.0
- github.com/coredns/corefile-migration => github.com/coredns/corefile-migration v1.0.14
- github.com/coreos/go-oidc => github.com/coreos/go-oidc v2.1.0+incompatible
-diff --git a/go.sum b/go.sum
-index b458fb06802b3..9121b2f4ac81a 100644
---- a/go.sum
-+++ b/go.sum
-@@ -116,8 +116,6 @@ github.com/containerd/ttrpc v1.0.2 h1:2/O3oTZN36q2xRolk0a2WWGgh7/Vf/liElg5hFYLX9
- github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y=
- github.com/containerd/typeurl v1.0.2 h1:Chlt8zIieDbzQFzXzAeBEF92KhExuE4p9p92/QmY7aY=
- github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s=
--github.com/containernetworking/cni v0.8.1 h1:7zpDnQ3T3s4ucOuJ/ZCLrYBxzkg0AELFfII3Epo9TmI=
--github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
- github.com/coredns/caddy v1.1.0 h1:ezvsPrT/tA/7pYDBZxu0cT0VmWk75AfIaf6GSYCNMf0=
- github.com/coredns/caddy v1.1.0/go.mod h1:A6ntJQlAWuQfFlsd9hvigKbo2WS0VUs2l1e2F+BawD4=
- github.com/coredns/corefile-migration v1.0.14 h1:Tz3WZhoj2NdP8drrQH86NgnCng+VrPjNeg2Oe1ALKag=
-@@ -353,7 +351,6 @@ github.com/mohae/deepcopy v0.0.0-20170603005431-491d3605edfb h1:e+l77LJOEqXTIQih
- github.com/mohae/deepcopy v0.0.0-20170603005431-491d3605edfb/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
- github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0=
- github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4=
--github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
- github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
- github.com/mrunalp/fileutils v0.5.0 h1:NKzVxiH7eSk+OQ4M+ZYW1K6h27RUV3MI6NUTsHhU6Z4=
- github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ=
-diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go
-index 2013c871a608a..0e6f5f946dea0 100644
---- a/pkg/kubelet/kubelet.go
-+++ b/pkg/kubelet/kubelet.go
-@@ -73,7 +73,6 @@ import (
- "k8s.io/kubernetes/pkg/kubelet/configmap"
- kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
- "k8s.io/kubernetes/pkg/kubelet/cri/remote"
-- "k8s.io/kubernetes/pkg/kubelet/cri/streaming"
- "k8s.io/kubernetes/pkg/kubelet/events"
- "k8s.io/kubernetes/pkg/kubelet/eviction"
- "k8s.io/kubernetes/pkg/kubelet/images"
-@@ -310,18 +309,7 @@ func PreInitRuntimeService(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
-
- switch containerRuntime {
- case kubetypes.DockerContainerRuntime:
-- klog.InfoS("Using dockershim is deprecated, please consider using a full-fledged CRI implementation")
-- if err := runDockershim(
-- kubeCfg,
-- kubeDeps,
-- crOptions,
-- runtimeCgroups,
-- remoteRuntimeEndpoint,
-- remoteImageEndpoint,
-- nonMasqueradeCIDR,
-- ); err != nil {
-- return err
-- }
-+ return fmt.Errorf("using dockershim is not supported, please consider using a full-fledged CRI implementation")
- case kubetypes.RemoteContainerRuntime:
- // No-op.
- break
-@@ -2440,15 +2428,3 @@ func isSyncPodWorthy(event *pleg.PodLifecycleEvent) bool {
- // ContainerRemoved doesn't affect pod state
- return event.Type != pleg.ContainerRemoved
- }
--
--// Gets the streaming server configuration to use with in-process CRI shims.
--func getStreamingConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, crOptions *config.ContainerRuntimeOptions) *streaming.Config {
-- config := &streaming.Config{
-- StreamIdleTimeout: kubeCfg.StreamingConnectionIdleTimeout.Duration,
-- StreamCreationTimeout: streaming.DefaultConfig.StreamCreationTimeout,
-- SupportedRemoteCommandProtocols: streaming.DefaultConfig.SupportedRemoteCommandProtocols,
-- SupportedPortForwardProtocols: streaming.DefaultConfig.SupportedPortForwardProtocols,
-- }
-- config.Addr = net.JoinHostPort("localhost", "0")
-- return config
--}
-diff --git a/test/e2e/framework/.import-restrictions b/test/e2e/framework/.import-restrictions
-index a60fb9d790847..1353f40df9ddf 100644
---- a/test/e2e/framework/.import-restrictions
-+++ b/test/e2e/framework/.import-restrictions
-@@ -86,16 +86,6 @@ rules:
- - k8s.io/kubernetes/pkg/kubelet/config
- - k8s.io/kubernetes/pkg/kubelet/configmap
- - k8s.io/kubernetes/pkg/kubelet/container
-- - k8s.io/kubernetes/pkg/kubelet/dockershim
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/cm
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/metrics
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/network
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/metrics
-- - k8s.io/kubernetes/pkg/kubelet/dockershim/remote
- - k8s.io/kubernetes/pkg/kubelet/envvars
- - k8s.io/kubernetes/pkg/kubelet/eviction
- - k8s.io/kubernetes/pkg/kubelet/eviction/api