treewide: switch to gomod and bump everything
This switches version resolution from fietsje to gomod and updates
all Go dependencies. It also bumps rules_go (required by gVisor) and
switches the Gazelle naming convention from go_default_xxx to the
standard Bazel convention of the default target having the package
name.
Since Kubernetes dropped upstream Bazel support and doesn't check in
all generated files I manually pregenerated the OpenAPI spec. This
should be fixed, but because of the already-huge scope of this CL
and the rebase complexity this is not in here.
Change-Id: Iec8ea613d06946882426c2f9fad5bda7e8aaf833
Reviewed-on: https://review.monogon.dev/c/monogon/+/639
Reviewed-by: Sergiusz Bazanski <serge@monogon.tech>
Reviewed-by: Leopold Schabel <leo@nexantic.com>
diff --git a/third_party/go/patches/k8s-backport-no-dockershim.patch b/third_party/go/patches/k8s-backport-no-dockershim.patch
new file mode 100644
index 0000000..452c7e1
--- /dev/null
+++ b/third_party/go/patches/k8s-backport-no-dockershim.patch
@@ -0,0 +1,191 @@
+From bc78dff42ec6be929648e91f3ef2dd6dae5169fb Mon Sep 17 00:00:00 2001
+From: Davanum Srinivas <davanum@gmail.com>
+Date: Tue, 7 Dec 2021 14:48:57 -0500
+Subject: [PATCH] update files to drop dockershim
+
+Signed-off-by: Davanum Srinivas <davanum@gmail.com>
+---
+ build/dependencies.yaml | 2 --
+ cmd/kubelet/app/options/globalflags_linux.go | 11 --------
+ go.mod | 5 ----
+ go.sum | 3 ---
+ pkg/kubelet/kubelet.go | 26 +------------------
+ .../legacy-cloud-providers/aws/aws_fakes.go | 1 +
+ test/e2e/framework/.import-restrictions | 10 -------
+ 7 files changed, 2 insertions(+), 56 deletions(-)
+
+diff --git a/build/dependencies.yaml b/build/dependencies.yaml
+index ff296e255b961..b0b1b5a6d41b8 100644
+--- a/build/dependencies.yaml
++++ b/build/dependencies.yaml
+@@ -172,8 +172,6 @@ dependencies:
+ match: defaultPodSandboxImageVersion\s+=
+ - path: hack/testdata/pod-with-precision.json
+ match: k8s.gcr.io\/pause:\d+\.\d+
+- - path: pkg/kubelet/dockershim/docker_sandbox.go
+- match: k8s.gcr.io\/pause:\d+\.\d+
+ - path: staging/src/k8s.io/kubectl/testdata/set/multi-resource-yaml.yaml
+ match: k8s.gcr.io\/pause:\d+\.\d+
+ - path: staging/src/k8s.io/kubectl/testdata/set/namespaced-resource.yaml
+diff --git a/cmd/kubelet/app/options/globalflags_linux.go b/cmd/kubelet/app/options/globalflags_linux.go
+index ad3b68628f661..e75e65ec37cd0 100644
+--- a/cmd/kubelet/app/options/globalflags_linux.go
++++ b/cmd/kubelet/app/options/globalflags_linux.go
+@@ -28,7 +28,6 @@ import (
+ // ensure libs have a chance to globally register their flags
+ _ "github.com/google/cadvisor/container/common"
+ _ "github.com/google/cadvisor/container/containerd"
+- _ "github.com/google/cadvisor/container/docker"
+ _ "github.com/google/cadvisor/container/raw"
+ _ "github.com/google/cadvisor/machine"
+ _ "github.com/google/cadvisor/manager"
+@@ -41,9 +40,6 @@ func addCadvisorFlags(fs *pflag.FlagSet) {
+ global := flag.CommandLine
+ local := pflag.NewFlagSet(os.Args[0], pflag.ExitOnError)
+
+- // These flags were also implicit from cadvisor, but are actually used by something in the core repo:
+- // TODO(mtaufen): This one is stil used by our salt, but for heaven's sake it's even deprecated in cadvisor
+- register(global, local, "docker_root")
+ // e2e node tests rely on this
+ register(global, local, "housekeeping_interval")
+
+@@ -54,13 +50,6 @@ func addCadvisorFlags(fs *pflag.FlagSet) {
+ registerDeprecated(global, local, "boot_id_file", deprecated)
+ registerDeprecated(global, local, "container_hints", deprecated)
+ registerDeprecated(global, local, "containerd", deprecated)
+- registerDeprecated(global, local, "docker", deprecated)
+- registerDeprecated(global, local, "docker_env_metadata_whitelist", deprecated)
+- registerDeprecated(global, local, "docker_only", deprecated)
+- registerDeprecated(global, local, "docker-tls", deprecated)
+- registerDeprecated(global, local, "docker-tls-ca", deprecated)
+- registerDeprecated(global, local, "docker-tls-cert", deprecated)
+- registerDeprecated(global, local, "docker-tls-key", deprecated)
+ registerDeprecated(global, local, "enable_load_reader", deprecated)
+ registerDeprecated(global, local, "event_storage_age_limit", deprecated)
+ registerDeprecated(global, local, "event_storage_event_limit", deprecated)
+diff --git a/go.mod b/go.mod
+index a17878d68d030..7dccd35bb6b91 100644
+--- a/go.mod
++++ b/go.mod
+@@ -25,15 +25,12 @@ require (
+ github.com/boltdb/bolt v1.3.1 // indirect
+ github.com/clusterhq/flocker-go v0.0.0-20160920122132-2b8b7259d313
+ github.com/container-storage-interface/spec v1.5.0
+- github.com/containernetworking/cni v0.8.1
+ github.com/coredns/corefile-migration v1.0.14
+ github.com/coreos/go-oidc v2.1.0+incompatible
+ github.com/coreos/go-systemd/v22 v22.3.2
+ github.com/cpuguy83/go-md2man/v2 v2.0.0
+ github.com/davecgh/go-spew v1.1.1
+ github.com/docker/distribution v2.7.1+incompatible
+- github.com/docker/docker v20.10.7+incompatible
+- github.com/docker/go-connections v0.4.0
+ github.com/docker/go-units v0.4.0
+ github.com/elazarl/goproxy v0.0.0-20180725130230-947c36da3153
+ github.com/emicklei/go-restful v2.9.5+incompatible
+@@ -63,7 +60,6 @@ require (
+ github.com/mvdan/xurls v1.1.0
+ github.com/onsi/ginkgo v1.14.0
+ github.com/onsi/gomega v1.10.1
+- github.com/opencontainers/go-digest v1.0.0
+ github.com/opencontainers/runc v1.0.2
+ github.com/opencontainers/selinux v1.8.2
+ github.com/pkg/errors v0.9.1
+@@ -209,7 +205,6 @@ replace (
+ github.com/containerd/go-runc => github.com/containerd/go-runc v1.0.0
+ github.com/containerd/ttrpc => github.com/containerd/ttrpc v1.0.2
+ github.com/containerd/typeurl => github.com/containerd/typeurl v1.0.2
+- github.com/containernetworking/cni => github.com/containernetworking/cni v0.8.1
+ github.com/coredns/caddy => github.com/coredns/caddy v1.1.0
+ github.com/coredns/corefile-migration => github.com/coredns/corefile-migration v1.0.14
+ github.com/coreos/go-oidc => github.com/coreos/go-oidc v2.1.0+incompatible
+diff --git a/go.sum b/go.sum
+index b458fb06802b3..9121b2f4ac81a 100644
+--- a/go.sum
++++ b/go.sum
+@@ -116,8 +116,6 @@ github.com/containerd/ttrpc v1.0.2 h1:2/O3oTZN36q2xRolk0a2WWGgh7/Vf/liElg5hFYLX9
+ github.com/containerd/ttrpc v1.0.2/go.mod h1:UAxOpgT9ziI0gJrmKvgcZivgxOp8iFPSk8httJEt98Y=
+ github.com/containerd/typeurl v1.0.2 h1:Chlt8zIieDbzQFzXzAeBEF92KhExuE4p9p92/QmY7aY=
+ github.com/containerd/typeurl v1.0.2/go.mod h1:9trJWW2sRlGub4wZJRTW83VtbOLS6hwcDZXTn6oPz9s=
+-github.com/containernetworking/cni v0.8.1 h1:7zpDnQ3T3s4ucOuJ/ZCLrYBxzkg0AELFfII3Epo9TmI=
+-github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY=
+ github.com/coredns/caddy v1.1.0 h1:ezvsPrT/tA/7pYDBZxu0cT0VmWk75AfIaf6GSYCNMf0=
+ github.com/coredns/caddy v1.1.0/go.mod h1:A6ntJQlAWuQfFlsd9hvigKbo2WS0VUs2l1e2F+BawD4=
+ github.com/coredns/corefile-migration v1.0.14 h1:Tz3WZhoj2NdP8drrQH86NgnCng+VrPjNeg2Oe1ALKag=
+@@ -353,7 +351,6 @@ github.com/mohae/deepcopy v0.0.0-20170603005431-491d3605edfb h1:e+l77LJOEqXTIQih
+ github.com/mohae/deepcopy v0.0.0-20170603005431-491d3605edfb/go.mod h1:TaXosZuwdSHYgviHp1DAtfrULt5eUgsSMsZf+YrPgl8=
+ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0=
+ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4=
+-github.com/morikuni/aec v1.0.0 h1:nP9CBfwrvYnBRgY6qfDQkygYDmYwOilePFkwzv4dU8A=
+ github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=
+ github.com/mrunalp/fileutils v0.5.0 h1:NKzVxiH7eSk+OQ4M+ZYW1K6h27RUV3MI6NUTsHhU6Z4=
+ github.com/mrunalp/fileutils v0.5.0/go.mod h1:M1WthSahJixYnrXQl/DFQuteStB1weuxD2QJNHXfbSQ=
+diff --git a/pkg/kubelet/kubelet.go b/pkg/kubelet/kubelet.go
+index 2013c871a608a..0e6f5f946dea0 100644
+--- a/pkg/kubelet/kubelet.go
++++ b/pkg/kubelet/kubelet.go
+@@ -73,7 +73,6 @@ import (
+ "k8s.io/kubernetes/pkg/kubelet/configmap"
+ kubecontainer "k8s.io/kubernetes/pkg/kubelet/container"
+ "k8s.io/kubernetes/pkg/kubelet/cri/remote"
+- "k8s.io/kubernetes/pkg/kubelet/cri/streaming"
+ "k8s.io/kubernetes/pkg/kubelet/events"
+ "k8s.io/kubernetes/pkg/kubelet/eviction"
+ "k8s.io/kubernetes/pkg/kubelet/images"
+@@ -310,18 +309,7 @@ func PreInitRuntimeService(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
+
+ switch containerRuntime {
+ case kubetypes.DockerContainerRuntime:
+- klog.InfoS("Using dockershim is deprecated, please consider using a full-fledged CRI implementation")
+- if err := runDockershim(
+- kubeCfg,
+- kubeDeps,
+- crOptions,
+- runtimeCgroups,
+- remoteRuntimeEndpoint,
+- remoteImageEndpoint,
+- nonMasqueradeCIDR,
+- ); err != nil {
+- return err
+- }
++ return fmt.Errorf("using dockershim is not supported, please consider using a full-fledged CRI implementation")
+ case kubetypes.RemoteContainerRuntime:
+ // No-op.
+ break
+@@ -2440,15 +2428,3 @@ func isSyncPodWorthy(event *pleg.PodLifecycleEvent) bool {
+ // ContainerRemoved doesn't affect pod state
+ return event.Type != pleg.ContainerRemoved
+ }
+-
+-// Gets the streaming server configuration to use with in-process CRI shims.
+-func getStreamingConfig(kubeCfg *kubeletconfiginternal.KubeletConfiguration, kubeDeps *Dependencies, crOptions *config.ContainerRuntimeOptions) *streaming.Config {
+- config := &streaming.Config{
+- StreamIdleTimeout: kubeCfg.StreamingConnectionIdleTimeout.Duration,
+- StreamCreationTimeout: streaming.DefaultConfig.StreamCreationTimeout,
+- SupportedRemoteCommandProtocols: streaming.DefaultConfig.SupportedRemoteCommandProtocols,
+- SupportedPortForwardProtocols: streaming.DefaultConfig.SupportedPortForwardProtocols,
+- }
+- config.Addr = net.JoinHostPort("localhost", "0")
+- return config
+-}
+diff --git a/test/e2e/framework/.import-restrictions b/test/e2e/framework/.import-restrictions
+index a60fb9d790847..1353f40df9ddf 100644
+--- a/test/e2e/framework/.import-restrictions
++++ b/test/e2e/framework/.import-restrictions
+@@ -86,16 +86,6 @@ rules:
+ - k8s.io/kubernetes/pkg/kubelet/config
+ - k8s.io/kubernetes/pkg/kubelet/configmap
+ - k8s.io/kubernetes/pkg/kubelet/container
+- - k8s.io/kubernetes/pkg/kubelet/dockershim
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/cm
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/libdocker
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/metrics
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/network
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/cni
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/hostport
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/kubenet
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/network/metrics
+- - k8s.io/kubernetes/pkg/kubelet/dockershim/remote
+ - k8s.io/kubernetes/pkg/kubelet/envvars
+ - k8s.io/kubernetes/pkg/kubelet/eviction
+ - k8s.io/kubernetes/pkg/kubelet/eviction/api