diff --git a/go.mod b/go.mod index e2ac5131a..e09866fce 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,6 @@ module github.com/openshift/file-integrity-operator -go 1.22.0 - -toolchain go1.22.5 +go 1.23 require ( github.com/cenkalti/backoff/v4 v4.3.0 @@ -27,6 +25,7 @@ require ( github.com/stretchr/testify v1.9.0 golang.org/x/mod v0.21.0 golang.org/x/net v0.28.0 + gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.30.3 k8s.io/apiextensions-apiserver v0.30.3 k8s.io/apimachinery v0.30.3 @@ -141,11 +140,10 @@ require ( gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect - gopkg.in/yaml.v3 v3.0.1 // indirect k8s.io/apiserver v0.30.3 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20240808142205-8e686545bdb8 // indirect - k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 // indirect + k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect ) diff --git a/go.sum b/go.sum index 9204b6b5f..f2ce29c6b 100644 --- a/go.sum +++ b/go.sum @@ -853,8 +853,8 @@ k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20240808142205-8e686545bdb8 h1:1Wof1cGQgA5pqgo8MxKPtf+qN6Sh/0JzznmeGPm1HnE= k8s.io/kube-openapi v0.0.0-20240808142205-8e686545bdb8/go.mod h1:Os6V6dZwLNii3vxFpxcNaTmH8LJJBkOTg1N0tOA0fvA= -k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1J8+AsQnQCKsi8A= -k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 h1:AZYQSJemyQB5eRxqcPky+/7EdBj0xi3g0ZcxxJ7vbWU= +k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2/go.mod h1:xDxuJ0whA3d0I4mf/C4ppKHxXynQ+fxnkmQH0vTHnuk= rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8= rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0= rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA= diff --git a/vendor/k8s.io/utils/buffer/ring_fixed.go b/vendor/k8s.io/utils/buffer/ring_fixed.go new file mode 100644 index 000000000..a104e12a3 --- /dev/null +++ b/vendor/k8s.io/utils/buffer/ring_fixed.go @@ -0,0 +1,120 @@ +/* +Copyright 2025 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package buffer + +import ( + "errors" + "io" +) + +// Compile-time check that *TypedRingFixed[byte] implements io.Writer. +var _ io.Writer = (*TypedRingFixed[byte])(nil) + +// ErrInvalidSize indicates size must be > 0 +var ErrInvalidSize = errors.New("size must be positive") + +// TypedRingFixed is a fixed-size circular buffer for elements of type T. +// Writes overwrite older data, keeping only the last N elements. +// Not thread safe. +type TypedRingFixed[T any] struct { + data []T + size int + writeCursor int + written int64 +} + +// NewTypedRingFixed creates a circular buffer with the given capacity (must be > 0). +func NewTypedRingFixed[T any](size int) (*TypedRingFixed[T], error) { + if size <= 0 { + return nil, ErrInvalidSize + } + return &TypedRingFixed[T]{ + data: make([]T, size), + size: size, + }, nil +} + +// Write writes p to the buffer, overwriting old data if needed. +func (r *TypedRingFixed[T]) Write(p []T) (int, error) { + originalLen := len(p) + r.written += int64(originalLen) + + // If the input is larger than our buffer, only keep the last 'size' elements + if originalLen > r.size { + p = p[originalLen-r.size:] + } + + // Copy data, handling wrap-around + n := len(p) + remain := r.size - r.writeCursor + if n <= remain { + copy(r.data[r.writeCursor:], p) + } else { + copy(r.data[r.writeCursor:], p[:remain]) + copy(r.data, p[remain:]) + } + + r.writeCursor = (r.writeCursor + n) % r.size + return originalLen, nil +} + +// Slice returns buffer contents in write order. Don't modify the returned slice. +func (r *TypedRingFixed[T]) Slice() []T { + if r.written == 0 { + return nil + } + + // Buffer hasn't wrapped yet + if r.written < int64(r.size) { + return r.data[:r.writeCursor] + } + + // Buffer has wrapped - need to return data in correct order + // Data from writeCursor to end is oldest, data from 0 to writeCursor is newest + if r.writeCursor == 0 { + return r.data + } + + out := make([]T, r.size) + copy(out, r.data[r.writeCursor:]) + copy(out[r.size-r.writeCursor:], r.data[:r.writeCursor]) + return out +} + +// Size returns the buffer capacity. +func (r *TypedRingFixed[T]) Size() int { + return r.size +} + +// Len returns how many elements are currently in the buffer. +func (r *TypedRingFixed[T]) Len() int { + if r.written < int64(r.size) { + return int(r.written) + } + return r.size +} + +// TotalWritten returns total elements ever written (including overwritten ones). +func (r *TypedRingFixed[T]) TotalWritten() int64 { + return r.written +} + +// Reset clears the buffer. +func (r *TypedRingFixed[T]) Reset() { + r.writeCursor = 0 + r.written = 0 +} diff --git a/vendor/k8s.io/utils/buffer/ring_growing.go b/vendor/k8s.io/utils/buffer/ring_growing.go index 86965a513..0f6d31d3e 100644 --- a/vendor/k8s.io/utils/buffer/ring_growing.go +++ b/vendor/k8s.io/utils/buffer/ring_growing.go @@ -16,31 +16,57 @@ limitations under the License. package buffer +// defaultRingSize defines the default ring size if not specified +const defaultRingSize = 16 + +// RingGrowingOptions sets parameters for [RingGrowing] and +// [TypedRingGrowing]. +type RingGrowingOptions struct { + // InitialSize is the number of pre-allocated elements in the + // initial underlying storage buffer. + InitialSize int +} + // RingGrowing is a growing ring buffer. // Not thread safe. -type RingGrowing struct { - data []interface{} +// +// Deprecated: Use TypedRingGrowing[any] instead. +type RingGrowing = TypedRingGrowing[any] + +// NewRingGrowing constructs a new RingGrowing instance with provided parameters. +// +// Deprecated: Use NewTypedRingGrowing[any] instead. +func NewRingGrowing(initialSize int) *RingGrowing { + return NewTypedRingGrowing[any](RingGrowingOptions{InitialSize: initialSize}) +} + +// TypedRingGrowing is a growing ring buffer. +// The zero value has an initial size of 0 and is ready to use. +// Not thread safe. +type TypedRingGrowing[T any] struct { + data []T n int // Size of Data beg int // First available element readable int // Number of data items available } -// NewRingGrowing constructs a new RingGrowing instance with provided parameters. -func NewRingGrowing(initialSize int) *RingGrowing { - return &RingGrowing{ - data: make([]interface{}, initialSize), - n: initialSize, +// NewTypedRingGrowing constructs a new TypedRingGrowing instance with provided parameters. +func NewTypedRingGrowing[T any](opts RingGrowingOptions) *TypedRingGrowing[T] { + return &TypedRingGrowing[T]{ + data: make([]T, opts.InitialSize), + n: opts.InitialSize, } } // ReadOne reads (consumes) first item from the buffer if it is available, otherwise returns false. -func (r *RingGrowing) ReadOne() (data interface{}, ok bool) { +func (r *TypedRingGrowing[T]) ReadOne() (data T, ok bool) { if r.readable == 0 { - return nil, false + return } r.readable-- element := r.data[r.beg] - r.data[r.beg] = nil // Remove reference to the object to help GC + var zero T + r.data[r.beg] = zero // Remove reference to the object to help GC if r.beg == r.n-1 { // Was the last element r.beg = 0 @@ -51,11 +77,14 @@ func (r *RingGrowing) ReadOne() (data interface{}, ok bool) { } // WriteOne adds an item to the end of the buffer, growing it if it is full. -func (r *RingGrowing) WriteOne(data interface{}) { +func (r *TypedRingGrowing[T]) WriteOne(data T) { if r.readable == r.n { // Time to grow newN := r.n * 2 - newData := make([]interface{}, newN) + if newN == 0 { + newN = defaultRingSize + } + newData := make([]T, newN) to := r.beg + r.readable if to <= r.n { copy(newData, r.data[r.beg:to]) @@ -70,3 +99,72 @@ func (r *RingGrowing) WriteOne(data interface{}) { r.data[(r.readable+r.beg)%r.n] = data r.readable++ } + +// Len returns the number of items in the buffer. +func (r *TypedRingGrowing[T]) Len() int { + return r.readable +} + +// Cap returns the capacity of the buffer. +func (r *TypedRingGrowing[T]) Cap() int { + return r.n +} + +// RingOptions sets parameters for [Ring]. +type RingOptions struct { + // InitialSize is the number of pre-allocated elements in the + // initial underlying storage buffer. + InitialSize int + // NormalSize is the number of elements to allocate for new storage + // buffers once the Ring is consumed and + // can shrink again. + NormalSize int +} + +// Ring is a dynamically-sized ring buffer which can grow and shrink as-needed. +// The zero value has an initial size and normal size of 0 and is ready to use. +// Not thread safe. +type Ring[T any] struct { + growing TypedRingGrowing[T] + normalSize int // Limits the size of the buffer that is kept for reuse. Read-only. +} + +// NewRing constructs a new Ring instance with provided parameters. +func NewRing[T any](opts RingOptions) *Ring[T] { + return &Ring[T]{ + growing: *NewTypedRingGrowing[T](RingGrowingOptions{InitialSize: opts.InitialSize}), + normalSize: opts.NormalSize, + } +} + +// ReadOne reads (consumes) first item from the buffer if it is available, +// otherwise returns false. When the buffer has been totally consumed and has +// grown in size beyond its normal size, it shrinks down to its normal size again. +func (r *Ring[T]) ReadOne() (data T, ok bool) { + element, ok := r.growing.ReadOne() + + if r.growing.readable == 0 && r.growing.n > r.normalSize { + // The buffer is empty. Reallocate a new buffer so the old one can be + // garbage collected. + r.growing.data = make([]T, r.normalSize) + r.growing.n = r.normalSize + r.growing.beg = 0 + } + + return element, ok +} + +// WriteOne adds an item to the end of the buffer, growing it if it is full. +func (r *Ring[T]) WriteOne(data T) { + r.growing.WriteOne(data) +} + +// Len returns the number of items in the buffer. +func (r *Ring[T]) Len() int { + return r.growing.Len() +} + +// Cap returns the capacity of the buffer. +func (r *Ring[T]) Cap() int { + return r.growing.Cap() +} diff --git a/vendor/k8s.io/utils/clock/testing/fake_clock.go b/vendor/k8s.io/utils/clock/testing/fake_clock.go index 79e11deb6..7274299ea 100644 --- a/vendor/k8s.io/utils/clock/testing/fake_clock.go +++ b/vendor/k8s.io/utils/clock/testing/fake_clock.go @@ -48,7 +48,6 @@ type fakeClockWaiter struct { stepInterval time.Duration skipIfBlocked bool destChan chan time.Time - fired bool afterFunc func() } @@ -198,12 +197,10 @@ func (f *FakeClock) setTimeLocked(t time.Time) { if w.skipIfBlocked { select { case w.destChan <- t: - w.fired = true default: } } else { w.destChan <- t - w.fired = true } if w.afterFunc != nil { @@ -224,14 +221,26 @@ func (f *FakeClock) setTimeLocked(t time.Time) { f.waiters = newWaiters } -// HasWaiters returns true if After or AfterFunc has been called on f but not yet satisfied (so you can -// write race-free tests). +// HasWaiters returns true if Waiters() returns non-0 (so you can write race-free tests). func (f *FakeClock) HasWaiters() bool { f.lock.RLock() defer f.lock.RUnlock() return len(f.waiters) > 0 } +// Waiters returns the number of "waiters" on the clock (so you can write race-free +// tests). A waiter exists for: +// - every call to After that has not yet signaled its channel. +// - every call to AfterFunc that has not yet called its callback. +// - every timer created with NewTimer which is currently ticking. +// - every ticker created with NewTicker which is currently ticking. +// - every ticker created with Tick. +func (f *FakeClock) Waiters() int { + f.lock.RLock() + defer f.lock.RUnlock() + return len(f.waiters) +} + // Sleep is akin to time.Sleep func (f *FakeClock) Sleep(d time.Duration) { f.Step(d) @@ -259,36 +268,36 @@ func (i *IntervalClock) Since(ts time.Time) time.Duration { // After is unimplemented, will panic. // TODO: make interval clock use FakeClock so this can be implemented. -func (*IntervalClock) After(d time.Duration) <-chan time.Time { +func (*IntervalClock) After(_ time.Duration) <-chan time.Time { panic("IntervalClock doesn't implement After") } // NewTimer is unimplemented, will panic. // TODO: make interval clock use FakeClock so this can be implemented. -func (*IntervalClock) NewTimer(d time.Duration) clock.Timer { +func (*IntervalClock) NewTimer(_ time.Duration) clock.Timer { panic("IntervalClock doesn't implement NewTimer") } // AfterFunc is unimplemented, will panic. // TODO: make interval clock use FakeClock so this can be implemented. -func (*IntervalClock) AfterFunc(d time.Duration, f func()) clock.Timer { +func (*IntervalClock) AfterFunc(_ time.Duration, _ func()) clock.Timer { panic("IntervalClock doesn't implement AfterFunc") } // Tick is unimplemented, will panic. // TODO: make interval clock use FakeClock so this can be implemented. -func (*IntervalClock) Tick(d time.Duration) <-chan time.Time { +func (*IntervalClock) Tick(_ time.Duration) <-chan time.Time { panic("IntervalClock doesn't implement Tick") } // NewTicker has no implementation yet and is omitted. // TODO: make interval clock use FakeClock so this can be implemented. -func (*IntervalClock) NewTicker(d time.Duration) clock.Ticker { +func (*IntervalClock) NewTicker(_ time.Duration) clock.Ticker { panic("IntervalClock doesn't implement NewTicker") } // Sleep is unimplemented, will panic. -func (*IntervalClock) Sleep(d time.Duration) { +func (*IntervalClock) Sleep(_ time.Duration) { panic("IntervalClock doesn't implement Sleep") } @@ -305,44 +314,48 @@ func (f *fakeTimer) C() <-chan time.Time { return f.waiter.destChan } -// Stop stops the timer and returns true if the timer has not yet fired, or false otherwise. +// Stop prevents the Timer from firing. It returns true if the call stops the +// timer, false if the timer has already expired or been stopped. func (f *fakeTimer) Stop() bool { f.fakeClock.lock.Lock() defer f.fakeClock.lock.Unlock() + active := false newWaiters := make([]*fakeClockWaiter, 0, len(f.fakeClock.waiters)) for i := range f.fakeClock.waiters { w := f.fakeClock.waiters[i] if w != &f.waiter { newWaiters = append(newWaiters, w) + continue } + // If timer is found, it has not been fired yet. + active = true } f.fakeClock.waiters = newWaiters - return !f.waiter.fired + return active } -// Reset resets the timer to the fake clock's "now" + d. It returns true if the timer has not yet -// fired, or false otherwise. +// Reset changes the timer to expire after duration d. It returns true if the +// timer had been active, false if the timer had expired or been stopped. func (f *fakeTimer) Reset(d time.Duration) bool { f.fakeClock.lock.Lock() defer f.fakeClock.lock.Unlock() - active := !f.waiter.fired + active := false - f.waiter.fired = false f.waiter.targetTime = f.fakeClock.time.Add(d) - var isWaiting bool for i := range f.fakeClock.waiters { w := f.fakeClock.waiters[i] if w == &f.waiter { - isWaiting = true + // If timer is found, it has not been fired yet. + active = true break } } - if !isWaiting { + if !active { f.fakeClock.waiters = append(f.fakeClock.waiters, &f.waiter) } diff --git a/vendor/k8s.io/utils/net/multi_listen.go b/vendor/k8s.io/utils/net/multi_listen.go index 7cb7795be..e5d508055 100644 --- a/vendor/k8s.io/utils/net/multi_listen.go +++ b/vendor/k8s.io/utils/net/multi_listen.go @@ -21,6 +21,7 @@ import ( "fmt" "net" "sync" + "sync/atomic" ) // connErrPair pairs conn and error which is returned by accept on sub-listeners. @@ -38,6 +39,7 @@ type multiListener struct { connCh chan connErrPair // stopCh communicates from parent to child listeners. stopCh chan struct{} + closed atomic.Bool } // compile time check to ensure *multiListener implements net.Listener @@ -150,10 +152,8 @@ func (ml *multiListener) Accept() (net.Conn, error) { // the go-routines to exit. func (ml *multiListener) Close() error { // Make sure this can be called repeatedly without explosions. - select { - case <-ml.stopCh: + if !ml.closed.CompareAndSwap(false, true) { return fmt.Errorf("use of closed network connection") - default: } // Tell all sub-listeners to stop. diff --git a/vendor/k8s.io/utils/strings/slices/slices.go b/vendor/k8s.io/utils/strings/slices/slices.go index 8e21838f2..35657a7fc 100644 --- a/vendor/k8s.io/utils/strings/slices/slices.go +++ b/vendor/k8s.io/utils/strings/slices/slices.go @@ -20,27 +20,23 @@ limitations under the License. // replace "stringslices" if the "slices" package becomes standard. package slices +import goslices "slices" + // Equal reports whether two slices are equal: the same length and all // elements equal. If the lengths are different, Equal returns false. // Otherwise, the elements are compared in index order, and the // comparison stops at the first unequal pair. -func Equal(s1, s2 []string) bool { - if len(s1) != len(s2) { - return false - } - for i, n := range s1 { - if n != s2[i] { - return false - } - } - return true -} +// +// Deprecated: use stdlib slices.Equal instead. +var Equal = goslices.Equal[[]string] // Filter appends to d each element e of s for which keep(e) returns true. // It returns the modified d. d may be s[:0], in which case the kept // elements will be stored in the same slice. // if the slices overlap in some other way, the results are unspecified. // To create a new slice with the filtered results, pass nil for d. +// +// Deprecated: use stdlib slices.DeleteFunc instead. func Filter(d, s []string, keep func(string) bool) []string { for _, n := range s { if keep(n) { @@ -51,32 +47,17 @@ func Filter(d, s []string, keep func(string) bool) []string { } // Contains reports whether v is present in s. -func Contains(s []string, v string) bool { - return Index(s, v) >= 0 -} +// +// Deprecated: use stdlib slices.Contains instead. +var Contains = goslices.Contains[[]string] // Index returns the index of the first occurrence of v in s, or -1 if // not present. -func Index(s []string, v string) int { - // "Contains" may be replaced with "Index(s, v) >= 0": - // https://github.com/golang/go/issues/45955#issuecomment-873377947 - for i, n := range s { - if n == v { - return i - } - } - return -1 -} - -// Functions below are not in https://github.com/golang/go/issues/45955 +// +// Deprecated: use stdlib slices.Index instead. +var Index = goslices.Index[[]string] // Clone returns a new clone of s. -func Clone(s []string) []string { - // https://github.com/go101/go101/wiki/There-is-not-a-perfect-way-to-clone-slices-in-Go - if s == nil { - return nil - } - c := make([]string, len(s)) - copy(c, s) - return c -} +// +// Deprecated: use stdlib slices.Clone instead. +var Clone = goslices.Clone[[]string] diff --git a/vendor/modules.txt b/vendor/modules.txt index cefab0da8..0be4ead7d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1136,8 +1136,8 @@ k8s.io/kube-openapi/pkg/schemaconv k8s.io/kube-openapi/pkg/spec3 k8s.io/kube-openapi/pkg/util/proto k8s.io/kube-openapi/pkg/validation/spec -# k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 -## explicit; go 1.18 +# k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2 +## explicit; go 1.23 k8s.io/utils/buffer k8s.io/utils/clock k8s.io/utils/clock/testing