upgrade to latest dependencies (#781)

knative-automation · web-flow · commit d03a10dca958 · 2024-10-22T06:05:00.000Z
bumping knative.dev/networking 0561079...60e29ff:
  &gt; 60e29ff upgrade to latest dependencies (# 1015)
  &gt; a3d4663 upgrade to latest dependencies (# 1012)
bumping knative.dev/pkg 59c22a1...9b9d535:
  &gt; 9b9d535 Fix `WEBHOOK_DISABLE_NAMESPACE_OWNERSHIP` env-var (# 3108)
  &gt; 4af9a0d Add `WEBHOOK_DISABLE_NAMESPACE_OWNERSHIP` env-var (# 3106)
  &gt; 95b4b97 upgrade to latest dependencies (# 3104)

Signed-off-by: Knative Automation &lt;automation@knative.team&gt;
diff --git a/go.mod b/go.mod
@@ -21,8 +21,8 @@ require (
 	k8s.io/code-generator v0.30.3
 	k8s.io/utils v0.0.0-20240711033017-18e509b52bc8
 	knative.dev/hack v0.0.0-20241010131451-05b2fb30cb4d
-	knative.dev/networking v0.0.0-20241014132131-0561079d4264
-	knative.dev/pkg v0.0.0-20241014065030-59c22a189949
+	knative.dev/networking v0.0.0-20241022012959-60e29ff520dc
+	knative.dev/pkg v0.0.0-20241021183759-9b9d535af5ad
 	sigs.k8s.io/gateway-api v1.1.0
 	sigs.k8s.io/yaml v1.4.0
 )
diff --git a/go.sum b/go.sum
@@ -680,10 +680,10 @@ k8s.io/utils v0.0.0-20240711033017-18e509b52bc8 h1:pUdcCO1Lk/tbT5ztQWOBi5HBgbBP1
 k8s.io/utils v0.0.0-20240711033017-18e509b52bc8/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
 knative.dev/hack v0.0.0-20241010131451-05b2fb30cb4d h1:aCfX7kwkvgGxXXGbso5tLqdwQmzBkJ9d+EIRwksKTvk=
 knative.dev/hack v0.0.0-20241010131451-05b2fb30cb4d/go.mod h1:R0ritgYtjLDO9527h5vb5X6gfvt5LCrJ55BNbVDsWiY=
-knative.dev/networking v0.0.0-20241014132131-0561079d4264 h1:wHk7kQ+qypQtO0AR18X2u4sZFoTqC4ljymV0WgPhTS0=
-knative.dev/networking v0.0.0-20241014132131-0561079d4264/go.mod h1:0wgKY3Vn+tt80IFMs4aciY82H3hWgkNGEpxDAaEVCi4=
-knative.dev/pkg v0.0.0-20241014065030-59c22a189949 h1:7ZH7J7mzyYqhbOMEEs5ipi0PL5/rgQo+ciyLDKvIuag=
-knative.dev/pkg v0.0.0-20241014065030-59c22a189949/go.mod h1:HywcanTb6dH8j9AbDOVhHX65R+Dstdq+5pYHH64TcQs=
+knative.dev/networking v0.0.0-20241022012959-60e29ff520dc h1:0d9XXRLlyuHfINZLlYqo/BYe/+chqqNBMLKJldjTbtw=
+knative.dev/networking v0.0.0-20241022012959-60e29ff520dc/go.mod h1:G56j6VCLzfaN9yZ4IqfNyN4c3U1czvhUmKeZX4UjQ8Q=
+knative.dev/pkg v0.0.0-20241021183759-9b9d535af5ad h1:Nrjtr2H168rJeamH4QdyLMV1lEKHejNhaj1ymgQMfLk=
+knative.dev/pkg v0.0.0-20241021183759-9b9d535af5ad/go.mod h1:StJI72GWcm/iErmk4RqFJiOo8RLbVqPbHxUqeVwAzeo=
 rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8=
 rsc.io/quote/v3 v3.1.0/go.mod h1:yEA65RcK8LyAZtP9Kv3t0HmxON59tX3rD+tICJqUlj0=
 rsc.io/sampler v1.3.0/go.mod h1:T1hPZKmBbMNahiBKFy5HrXp6adAjACjK9JXDnKaTXpA=
diff --git a/vendor/knative.dev/pkg/webhook/configmaps/controller.go b/vendor/knative.dev/pkg/webhook/configmaps/controller.go
@@ -46,6 +46,12 @@ func NewAdmissionController(
 	secretInformer := secretinformer.Get(ctx)
 	options := webhook.GetOptions(ctx)
 
+	// if this environment variable is set, it overrides the value in the Options
+	disableNamespaceOwnership := webhook.DisableNamespaceOwnershipFromEnv()
+	if disableNamespaceOwnership != nil {
+		options.DisableNamespaceOwnership = *disableNamespaceOwnership
+	}
+
 	key := types.NamespacedName{Name: name}
 
 	wh := &reconciler{
diff --git a/vendor/knative.dev/pkg/webhook/env.go b/vendor/knative.dev/pkg/webhook/env.go
@@ -32,6 +32,8 @@ const (
 	secretNameEnvKey = "WEBHOOK_SECRET_NAME" //nolint:gosec // This is not a hardcoded credential
 
 	tlsMinVersionEnvKey = "WEBHOOK_TLS_MIN_VERSION"
+
+	disableNamespaceOwnershipEnvKey = "WEBHOOK_DISABLE_NAMESPACE_OWNERSHIP"
 )
 
 // PortFromEnv returns the webhook port set by portEnvKey, or default port if env var is not set.
@@ -82,3 +84,15 @@ func TLSMinVersionFromEnv(defaultTLSMinVersion uint16) uint16 {
 		panic(fmt.Sprintf("the environment variable %q has to be either '1.2' or '1.3'", tlsMinVersionEnvKey))
 	}
 }
+
+func DisableNamespaceOwnershipFromEnv() *bool {
+	disableNamespaceOwnership := os.Getenv(disableNamespaceOwnershipEnvKey)
+	if disableNamespaceOwnership == "" {
+		return nil
+	}
+	disableNamespaceOwnershipBool, err := strconv.ParseBool(disableNamespaceOwnership)
+	if err != nil {
+		panic(fmt.Sprintf("failed to convert the environment variable %q : %v", disableNamespaceOwnershipEnvKey, err))
+	}
+	return &disableNamespaceOwnershipBool
+}
diff --git a/vendor/knative.dev/pkg/webhook/webhook.go b/vendor/knative.dev/pkg/webhook/webhook.go
@@ -81,8 +81,10 @@ type Options struct {
 	// before shutting down.
 	GracePeriod time.Duration
 
-	// DisableNamespaceOwnership configures whether the webhook adds an owner reference for the SYSTEM_NAMESPACE
-	// Disabling this is useful when you expect the webhook configuration to be managed by something other than knative
+	// DisableNamespaceOwnership configures if the SYSTEM_NAMESPACE is added as an owner reference to the
+	// webhook configuration resources. Overridden by the WEBHOOK_DISABLE_NAMESPACE_OWNERSHIP environment variable.
+	// Disabling can be useful to avoid breaking systems that expect ownership to indicate a true controller
+	// relationship: https://github.com/knative/serving/issues/15483
 	DisableNamespaceOwnership bool
 
 	// ControllerOptions encapsulates options for creating a new controller,
diff --git a/vendor/modules.txt b/vendor/modules.txt
@@ -910,7 +910,7 @@ k8s.io/utils/trace
 # knative.dev/hack v0.0.0-20241010131451-05b2fb30cb4d
 ## explicit; go 1.21
 knative.dev/hack
-# knative.dev/networking v0.0.0-20241014132131-0561079d4264
+# knative.dev/networking v0.0.0-20241022012959-60e29ff520dc
 ## explicit; go 1.22.0
 knative.dev/networking/config
 knative.dev/networking/pkg
@@ -954,7 +954,7 @@ knative.dev/networking/test/test_images/runtime/handlers
 knative.dev/networking/test/test_images/timeout
 knative.dev/networking/test/test_images/wsserver
 knative.dev/networking/test/types
-# knative.dev/pkg v0.0.0-20241014065030-59c22a189949
+# knative.dev/pkg v0.0.0-20241021183759-9b9d535af5ad
 ## explicit; go 1.22.0
 knative.dev/pkg/apis
 knative.dev/pkg/apis/duck
