🐛 Manager leader election: Don't reset restcfg UserAgent #1401

alvaroaleman · 2021-02-27T17:42:52Z

In pkg.LeaderElection.NewResourceLock we call rest.AddUserAgent
which resets the restcfgs useragent and sets it to the default one plus
a suffix. This resets whatever was originally set as UserAgent and since
we do not copy our restcfg before passing it in there, this leads to the
UserAgent being set to the leader-election one globally.

In pkg.LeaderElection.NewResourceLock we call rest.AddUserAgent which resets the restcfgs useragent and sets it to the default one plus a suffix. This resets whatever was originally set as UserAgent and since we do not copy our restcfg before passing it in there, this leads to the UserAgent being set to the leader-election one globally.

The default user-agentis $0/$version, which is pretty useless because it always ends up being app.binary/$version. This PR changes that instead be the components name which is useful for: * Audit log: We can now both use the user-agent or SA to identify components * ManagedFields: Managed fields now have the correct fieldOwner set This allows for example the use of `kubectl-blame`: ``` $ k blame prowjob ebb68c01-792b-11eb-a360-96cd908b0bc6 apiVersion: prow.k8s.io/v1 kind: ProwJob metadata: horologium (Update 2021-02-27 13:45:11 -0500) annotations: horologium (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/job: echo-test creationTimestamp: "2021-02-27T18:45:11Z" generation: 4 horologium (Update 2021-02-27 13:45:11 -0500) labels: horologium (Update 2021-02-27 13:45:11 -0500) created-by-prow: "true" app.binary (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/build-id: "1365734741038338048" app.binary (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/id: ebb68c01-792b-11eb-a360-96cd908b0bc6 horologium (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/job: echo-test horologium (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/type: periodic name: ebb68c01-792b-11eb-a360-96cd908b0bc6 namespace: prow resourceVersion: "144661945" uid: 63f44066-411e-4ff3-9ab4-97ddb2ce636d horologium (Update 2021-02-27 13:45:11 -0500) spec: horologium (Update 2021-02-27 13:45:11 -0500) agent: kubernetes horologium (Update 2021-02-27 13:45:11 -0500) cluster: default horologium (Update 2021-02-27 13:45:11 -0500) decoration_config: horologium (Update 2021-02-27 13:45:11 -0500) gcs_configuration: horologium (Update 2021-02-27 13:45:11 -0500) bucket: s3://prow-logs horologium (Update 2021-02-27 13:45:11 -0500) path_strategy: explicit horologium (Update 2021-02-27 13:45:11 -0500) s3_credentials_secret: s3-credentials horologium (Update 2021-02-27 13:45:11 -0500) utility_images: horologium (Update 2021-02-27 13:45:11 -0500) clonerefs: gcr.io/k8s-prow/clonerefs:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) entrypoint: gcr.io/k8s-prow/entrypoint:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) initupload: gcr.io/k8s-prow/initupload:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) sidecar: gcr.io/k8s-prow/sidecar:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) job: echo-test horologium (Update 2021-02-27 13:45:11 -0500) namespace: test-pods horologium (Update 2021-02-27 13:45:11 -0500) pod_spec: horologium (Update 2021-02-27 13:45:11 -0500) containers: horologium (Update 2021-02-27 13:45:11 -0500) - command: horologium (Update 2021-02-27 13:45:11 -0500) - /bin/sleep horologium (Update 2021-02-27 13:45:11 -0500) - 1m horologium (Update 2021-02-27 13:45:11 -0500) image: alpine horologium (Update 2021-02-27 13:45:11 -0500) name: "" horologium (Update 2021-02-27 13:45:11 -0500) resources: {} horologium (Update 2021-02-27 13:45:11 -0500) report: true horologium (Update 2021-02-27 13:45:11 -0500) type: periodic horologium (Update 2021-02-27 13:45:11 -0500) status: app.binary (Update 2021-02-27 13:45:11 -0500) build_id: "1365734741038338048" app.binary (Update 2021-02-27 13:45:11 -0500) description: Job triggered. app.binary (Update 2021-02-27 13:45:11 -0500) pendingTime: "2021-02-27T18:45:11Z" app.binary (Update 2021-02-27 13:45:11 -0500) pod_name: ebb68c01-792b-11eb-a360-96cd908b0bc6 app.binary (Update 2021-02-27 13:45:11 -0500) prev_report_states: app.binary (Update 2021-02-27 13:45:11 -0500) gcsk8sreporter: pending app.binary (Update 2021-02-27 13:45:11 -0500) gcsreporter: pending horologium (Update 2021-02-27 13:45:11 -0500) startTime: "2021-02-27T18:45:11Z" app.binary (Update 2021-02-27 13:45:11 -0500) state: pending app.binary (Update 2021-02-27 13:45:11 -0500) url: https://prow.tld/view/s3/s3/prow-logs/logs/echo-test/1365734741038338048 Note: Due to a bug in controller-runtime, this doesn't work for a client that comes from a Manager that has leader election enabled, like planks prowjob client above: kubernetes-sigs/controller-runtime#1401 I will bump the dependency ASAP once the upstream fix is in.

The default user-agentis $0/$version, which is pretty useless because it always ends up being app.binary/$version. This PR changes that instead be the components name which is useful for: * Audit log: We can now both use the user-agent or SA to identify components * ManagedFields: Managed fields now have the correct fieldOwner set This allows for example the use of `kubectl-blame`: ``` $ k blame prowjob ebb68c01-792b-11eb-a360-96cd908b0bc6 apiVersion: prow.k8s.io/v1 kind: ProwJob metadata: horologium (Update 2021-02-27 13:45:11 -0500) annotations: horologium (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/job: echo-test creationTimestamp: "2021-02-27T18:45:11Z" generation: 4 horologium (Update 2021-02-27 13:45:11 -0500) labels: horologium (Update 2021-02-27 13:45:11 -0500) created-by-prow: "true" app.binary (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/build-id: "1365734741038338048" app.binary (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/id: ebb68c01-792b-11eb-a360-96cd908b0bc6 horologium (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/job: echo-test horologium (Update 2021-02-27 13:45:11 -0500) prow.k8s.io/type: periodic name: ebb68c01-792b-11eb-a360-96cd908b0bc6 namespace: prow resourceVersion: "144661945" uid: 63f44066-411e-4ff3-9ab4-97ddb2ce636d horologium (Update 2021-02-27 13:45:11 -0500) spec: horologium (Update 2021-02-27 13:45:11 -0500) agent: kubernetes horologium (Update 2021-02-27 13:45:11 -0500) cluster: default horologium (Update 2021-02-27 13:45:11 -0500) decoration_config: horologium (Update 2021-02-27 13:45:11 -0500) gcs_configuration: horologium (Update 2021-02-27 13:45:11 -0500) bucket: s3://prow-logs horologium (Update 2021-02-27 13:45:11 -0500) path_strategy: explicit horologium (Update 2021-02-27 13:45:11 -0500) s3_credentials_secret: s3-credentials horologium (Update 2021-02-27 13:45:11 -0500) utility_images: horologium (Update 2021-02-27 13:45:11 -0500) clonerefs: gcr.io/k8s-prow/clonerefs:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) entrypoint: gcr.io/k8s-prow/entrypoint:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) initupload: gcr.io/k8s-prow/initupload:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) sidecar: gcr.io/k8s-prow/sidecar:v20200608-16190316cf horologium (Update 2021-02-27 13:45:11 -0500) job: echo-test horologium (Update 2021-02-27 13:45:11 -0500) namespace: test-pods horologium (Update 2021-02-27 13:45:11 -0500) pod_spec: horologium (Update 2021-02-27 13:45:11 -0500) containers: horologium (Update 2021-02-27 13:45:11 -0500) - command: horologium (Update 2021-02-27 13:45:11 -0500) - /bin/sleep horologium (Update 2021-02-27 13:45:11 -0500) - 1m horologium (Update 2021-02-27 13:45:11 -0500) image: alpine horologium (Update 2021-02-27 13:45:11 -0500) name: "" horologium (Update 2021-02-27 13:45:11 -0500) resources: {} horologium (Update 2021-02-27 13:45:11 -0500) report: true horologium (Update 2021-02-27 13:45:11 -0500) type: periodic horologium (Update 2021-02-27 13:45:11 -0500) status: app.binary (Update 2021-02-27 13:45:11 -0500) build_id: "1365734741038338048" app.binary (Update 2021-02-27 13:45:11 -0500) description: Job triggered. app.binary (Update 2021-02-27 13:45:11 -0500) pendingTime: "2021-02-27T18:45:11Z" app.binary (Update 2021-02-27 13:45:11 -0500) pod_name: ebb68c01-792b-11eb-a360-96cd908b0bc6 app.binary (Update 2021-02-27 13:45:11 -0500) prev_report_states: app.binary (Update 2021-02-27 13:45:11 -0500) gcsk8sreporter: pending app.binary (Update 2021-02-27 13:45:11 -0500) gcsreporter: pending horologium (Update 2021-02-27 13:45:11 -0500) startTime: "2021-02-27T18:45:11Z" app.binary (Update 2021-02-27 13:45:11 -0500) state: pending app.binary (Update 2021-02-27 13:45:11 -0500) url: https://prow.tld/view/s3/s3/prow-logs/logs/echo-test/1365734741038338048 ``` Note: Due to a bug in controller-runtime, this doesn't work for a client that comes from a Manager that has leader election enabled, like planks prowjob client above: kubernetes-sigs/controller-runtime#1401 I will bump the dependency ASAP once the upstream fix is in.

alvaroaleman · 2021-03-01T14:09:12Z

/assign @vincepri

vincepri

/lgtm
/milestone v0.9.x

k8s-ci-robot · 2021-03-01T15:53:14Z

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: alvaroaleman, vincepri

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

~~OWNERS~~ [alvaroaleman,vincepri]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Feb 27, 2021

k8s-ci-robot requested review from gerred and pwittrock February 27, 2021 17:43

k8s-ci-robot added approved Indicates a PR has been approved by an approver from all required OWNERS files. size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Feb 27, 2021

alvaroaleman force-pushed the fix-sa branch from f108e81 to 51f0fde Compare February 27, 2021 18:34

alvaroaleman mentioned this pull request Feb 27, 2021

🐛 [release-0.8]: Manager leader election: Don't reset restcfg UserAgent #1402

Merged

alvaroaleman mentioned this pull request Feb 27, 2021

Prow: Set proper user-agent in config kubernetes/test-infra#21067

Merged

k8s-ci-robot assigned vincepri Mar 1, 2021

vincepri approved these changes Mar 1, 2021

View reviewed changes

k8s-ci-robot added this to the v0.9.x milestone Mar 1, 2021

k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Mar 1, 2021

k8s-ci-robot merged commit da5d0bc into kubernetes-sigs:master Mar 1, 2021

m-messiah mentioned this pull request Sep 22, 2023

✨ Add UserAgentID option to the manager #2506

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

🐛 Manager leader election: Don't reset restcfg UserAgent #1401

🐛 Manager leader election: Don't reset restcfg UserAgent #1401

alvaroaleman commented Feb 27, 2021

alvaroaleman commented Mar 1, 2021

vincepri left a comment

k8s-ci-robot commented Mar 1, 2021

🐛 Manager leader election: Don't reset restcfg UserAgent #1401

🐛 Manager leader election: Don't reset restcfg UserAgent #1401

Conversation

alvaroaleman commented Feb 27, 2021

alvaroaleman commented Mar 1, 2021

vincepri left a comment

Choose a reason for hiding this comment

k8s-ci-robot commented Mar 1, 2021