Update k8s client-go to v6.0.0 (#1340)

* Update k8s client-go to v6.0.0

This fix updates k8s client-go to v6.0.0 as CoreDNS is supported
in 1.9 and v6.0.0 is the recommended version.

There are quite some massive changes that need to be made:
1. k8s.io/client-go/pkg/api/v1 has been changed to k8s.io/api/v1 (repo changed from `client-go` to `api`)
2. kubernetes.Clientset adds one extra layer, so that `kubernetes.Clientset.Services()` and like has been changed to `kubernetes.Clientset.CoreV1().Services()`

Also, we have to stick with specific commits of `k8s.io/apimachinery` and the newly introduced `k8s.io/api`
because go dep still could not figure out the right version to fetch.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

* Update vendor with `dep ensure --update` and `dep prune`

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>

vendor/golang.org/x/crypto/ssh/certs.go

@@ -340,7 +340,7 @@ func (c *CertChecker) Authenticate(conn ConnMetadata, pubKey PublicKey) (*Permis
 // the signature of the certificate.
 func (c *CertChecker) CheckCert(principal string, cert *Certificate) error {
 	if c.IsRevoked != nil && c.IsRevoked(cert) {
-		return fmt.Errorf("ssh: certicate serial %d revoked", cert.Serial)
+		return fmt.Errorf("ssh: certificate serial %d revoked", cert.Serial)
 	}
 
 	for opt := range cert.CriticalOptions {

vendor/golang.org/x/crypto/ssh/certs_test.go

@@ -6,10 +6,15 @@ package ssh
 
 import (
 	"bytes"
+	"crypto/ecdsa"
+	"crypto/elliptic"
 	"crypto/rand"
+	"net"
 	"reflect"
 	"testing"
 	"time"
+
+	"golang.org/x/crypto/ssh/testdata"
 )
 
 // Cert generated by ssh-keygen 6.0p1 Debian-4.
@@ -220,3 +225,111 @@ func TestHostKeyCert(t *testing.T) {
 		}
 	}
 }
+
+func TestCertTypes(t *testing.T) {
+	var testVars = []struct {
+		name string
+		keys func() Signer
+	}{
+		{
+			name: CertAlgoECDSA256v01,
+			keys: func() Signer {
+				s, _ := ParsePrivateKey(testdata.PEMBytes["ecdsap256"])
+				return s
+			},
+		},
+		{
+			name: CertAlgoECDSA384v01,
+			keys: func() Signer {
+				s, _ := ParsePrivateKey(testdata.PEMBytes["ecdsap384"])
+				return s
+			},
+		},
+		{
+			name: CertAlgoECDSA521v01,
+			keys: func() Signer {
+				s, _ := ParsePrivateKey(testdata.PEMBytes["ecdsap521"])
+				return s
+			},
+		},
+		{
+			name: CertAlgoED25519v01,
+			keys: func() Signer {
+				s, _ := ParsePrivateKey(testdata.PEMBytes["ed25519"])
+				return s
+			},
+		},
+		{
+			name: CertAlgoRSAv01,
+			keys: func() Signer {
+				s, _ := ParsePrivateKey(testdata.PEMBytes["rsa"])
+				return s
+			},
+		},
+		{
+			name: CertAlgoDSAv01,
+			keys: func() Signer {
+				s, _ := ParsePrivateKey(testdata.PEMBytes["dsa"])
+				return s
+			},
+		},
+	}
+
+	k, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
+	if err != nil {
+		t.Fatalf("error generating host key: %v", err)
+	}
+
+	signer, err := NewSignerFromKey(k)
+	if err != nil {
+		t.Fatalf("error generating signer for ssh listener: %v", err)
+	}
+
+	conf := &ServerConfig{
+		PublicKeyCallback: func(c ConnMetadata, k PublicKey) (*Permissions, error) {
+			return new(Permissions), nil
+		},
+	}
+	conf.AddHostKey(signer)
+
+	for _, m := range testVars {
+		t.Run(m.name, func(t *testing.T) {
+
+			c1, c2, err := netPipe()
+			if err != nil {
+				t.Fatalf("netPipe: %v", err)
+			}
+			defer c1.Close()
+			defer c2.Close()
+
+			go NewServerConn(c1, conf)
+
+			priv := m.keys()
+			if err != nil {
+				t.Fatalf("error generating ssh pubkey: %v", err)
+			}
+
+			cert := &Certificate{
+				CertType: UserCert,
+				Key:      priv.PublicKey(),
+			}
+			cert.SignCert(rand.Reader, priv)
+
+			certSigner, err := NewCertSigner(cert, priv)
+			if err != nil {
+				t.Fatalf("error generating cert signer: %v", err)
+			}
+
+			config := &ClientConfig{
+				User:            "user",
+				HostKeyCallback: func(h string, r net.Addr, k PublicKey) error { return nil },
+				Auth:            []AuthMethod{PublicKeys(certSigner)},
+			}
+
+			_, _, _, err = NewClientConn(c2, "", config)
+			if err != nil {
+				t.Fatalf("error connecting: %v", err)
+			}
+		})
+	}
+}

vendor/golang.org/x/crypto/ssh/server.go

@@ -256,7 +256,7 @@ func (s *connection) serverHandshake(config *ServerConfig) (*Permissions, error)
 func isAcceptableAlgo(algo string) bool {
 	switch algo {
 	case KeyAlgoRSA, KeyAlgoDSA, KeyAlgoECDSA256, KeyAlgoECDSA384, KeyAlgoECDSA521, KeyAlgoED25519,
-		CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01:
+		CertAlgoRSAv01, CertAlgoDSAv01, CertAlgoECDSA256v01, CertAlgoECDSA384v01, CertAlgoECDSA521v01, CertAlgoED25519v01:
 		return true
 	}
 	return false

vendor/golang.org/x/sys/unix/syscall_bsd_test.go

@@ -10,6 +10,7 @@ import (
 	"os/exec"
 	"runtime"
 	"testing"
+	"time"
 
 	"golang.org/x/sys/unix"
 )
@@ -50,6 +51,28 @@ func TestGetfsstat(t *testing.T) {
 	}
 }
 
+func TestSelect(t *testing.T) {
+	err := unix.Select(0, nil, nil, nil, &unix.Timeval{Sec: 0, Usec: 0})
+	if err != nil {
+		t.Fatalf("Select: %v", err)
+	}
+
+	dur := 250 * time.Millisecond
+	tv := unix.NsecToTimeval(int64(dur))
+	start := time.Now()
+	err = unix.Select(0, nil, nil, nil, &tv)
+	took := time.Since(start)
+	if err != nil {
+		t.Fatalf("Select: %v", err)
+	}
+
+	// On some BSDs the actual timeout might also be slightly less than the requested.
+	// Add an acceptable margin to avoid flaky tests.
+	if took < dur*2/3 {
+		t.Errorf("Select: timeout should have been at least %v, got %v", dur, took)
+	}
+}
+
 func TestSysctlRaw(t *testing.T) {
 	if runtime.GOOS == "openbsd" {
 		t.Skip("kern.proc.pid does not exist on OpenBSD")

vendor/golang.org/x/sys/unix/syscall_freebsd.go

@@ -293,7 +293,6 @@ func Listxattr(file string, dest []byte) (sz int, err error) {
 
 	// FreeBSD won't allow you to list xattrs from multiple namespaces
 	s := 0
-	var e error
 	for _, nsid := range [...]int{EXTATTR_NAMESPACE_USER, EXTATTR_NAMESPACE_SYSTEM} {
 		stmp, e := ExtattrListFile(file, nsid, uintptr(d), destsiz)
 
@@ -305,7 +304,6 @@ func Listxattr(file string, dest []byte) (sz int, err error) {
 		 * we don't have read permissions on, so don't ignore those errors
 		 */
 		if e != nil && e == EPERM && nsid != EXTATTR_NAMESPACE_USER {
-			e = nil
 			continue
 		} else if e != nil {
 			return s, e
@@ -319,7 +317,7 @@ func Listxattr(file string, dest []byte) (sz int, err error) {
 		d = initxattrdest(dest, s)
 	}
 
-	return s, e
+	return s, nil
 }
 
 func Flistxattr(fd int, dest []byte) (sz int, err error) {
@@ -327,11 +325,9 @@ func Flistxattr(fd int, dest []byte) (sz int, err error) {
 	destsiz := len(dest)
 
 	s := 0
-	var e error
 	for _, nsid := range [...]int{EXTATTR_NAMESPACE_USER, EXTATTR_NAMESPACE_SYSTEM} {
 		stmp, e := ExtattrListFd(fd, nsid, uintptr(d), destsiz)
 		if e != nil && e == EPERM && nsid != EXTATTR_NAMESPACE_USER {
-			e = nil
 			continue
 		} else if e != nil {
 			return s, e
@@ -345,7 +341,7 @@ func Flistxattr(fd int, dest []byte) (sz int, err error) {
 		d = initxattrdest(dest, s)
 	}
 
-	return s, e
+	return s, nil
 }
 
 func Llistxattr(link string, dest []byte) (sz int, err error) {
@@ -353,11 +349,9 @@ func Llistxattr(link string, dest []byte) (sz int, err error) {
 	destsiz := len(dest)
 
 	s := 0
-	var e error
 	for _, nsid := range [...]int{EXTATTR_NAMESPACE_USER, EXTATTR_NAMESPACE_SYSTEM} {
 		stmp, e := ExtattrListLink(link, nsid, uintptr(d), destsiz)
 		if e != nil && e == EPERM && nsid != EXTATTR_NAMESPACE_USER {
-			e = nil
 			continue
 		} else if e != nil {
 			return s, e
@@ -371,7 +365,7 @@ func Llistxattr(link string, dest []byte) (sz int, err error) {
 		d = initxattrdest(dest, s)
 	}
 
-	return s, e
+	return s, nil
 }
 
 //sys   ioctl(fd int, req uint, arg uintptr) (err error)

vendor/golang.org/x/sys/unix/syscall_linux_test.go

@@ -182,6 +182,39 @@ func TestSelect(t *testing.T) {
 	if err != nil {
 		t.Fatalf("Select: %v", err)
 	}
+
+	dur := 150 * time.Millisecond
+	tv := unix.NsecToTimeval(int64(dur))
+	start := time.Now()
+	_, err = unix.Select(0, nil, nil, nil, &tv)
+	took := time.Since(start)
+	if err != nil {
+		t.Fatalf("Select: %v", err)
+	}
+
+	if took < dur {
+		t.Errorf("Select: timeout should have been at least %v, got %v", dur, took)
+	}
+}
+
+func TestPselect(t *testing.T) {
+	_, err := unix.Pselect(0, nil, nil, nil, &unix.Timespec{Sec: 0, Nsec: 0}, nil)
+	if err != nil {
+		t.Fatalf("Pselect: %v", err)
+	}
+
+	dur := 2500 * time.Microsecond
+	ts := unix.NsecToTimespec(int64(dur))
+	start := time.Now()
+	_, err = unix.Pselect(0, nil, nil, nil, &ts, nil)
+	took := time.Since(start)
+	if err != nil {
+		t.Fatalf("Pselect: %v", err)
+	}
+
+	if took < dur {
+		t.Errorf("Pselect: timeout should have been at least %v, got %v", dur, took)
+	}
 }
 
 func TestFstatat(t *testing.T) {

vendor/golang.org/x/sys/unix/syscall_solaris.go

@@ -658,6 +658,7 @@ func Poll(fds []PollFd, timeout int) (n int, err error) {
 //sys	Renameat(olddirfd int, oldpath string, newdirfd int, newpath string) (err error)
 //sys	Rmdir(path string) (err error)
 //sys	Seek(fd int, offset int64, whence int) (newoffset int64, err error) = lseek
+//sys	Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error)
 //sysnb	Setegid(egid int) (err error)
 //sysnb	Seteuid(euid int) (err error)
 //sysnb	Setgid(gid int) (err error)

vendor/golang.org/x/sys/unix/syscall_solaris_test.go

@@ -9,10 +9,31 @@ package unix_test
 import (
 	"os/exec"
 	"testing"
+	"time"
 
 	"golang.org/x/sys/unix"
 )
 
+func TestSelect(t *testing.T) {
+	err := unix.Select(0, nil, nil, nil, &unix.Timeval{Sec: 0, Usec: 0})
+	if err != nil {
+		t.Fatalf("Select: %v", err)
+	}
+
+	dur := 150 * time.Millisecond
+	tv := unix.NsecToTimeval(int64(dur))
+	start := time.Now()
+	err = unix.Select(0, nil, nil, nil, &tv)
+	took := time.Since(start)
+	if err != nil {
+		t.Fatalf("Select: %v", err)
+	}
+
+	if took < dur {
+		t.Errorf("Select: timeout should have been at least %v, got %v", dur, took)
+	}
+}
+
 func TestStatvfs(t *testing.T) {
 	if err := unix.Statvfs("", nil); err == nil {
 		t.Fatal(`Statvfs("") expected failure`)

vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go

@@ -95,6 +95,7 @@ import (
 //go:cgo_import_dynamic libc_renameat renameat "libc.so"
 //go:cgo_import_dynamic libc_rmdir rmdir "libc.so"
 //go:cgo_import_dynamic libc_lseek lseek "libc.so"
+//go:cgo_import_dynamic libc_select select "libc.so"
 //go:cgo_import_dynamic libc_setegid setegid "libc.so"
 //go:cgo_import_dynamic libc_seteuid seteuid "libc.so"
 //go:cgo_import_dynamic libc_setgid setgid "libc.so"
@@ -220,6 +221,7 @@ import (
 //go:linkname procRenameat libc_renameat
 //go:linkname procRmdir libc_rmdir
 //go:linkname proclseek libc_lseek
+//go:linkname procSelect libc_select
 //go:linkname procSetegid libc_setegid
 //go:linkname procSeteuid libc_seteuid
 //go:linkname procSetgid libc_setgid
@@ -346,6 +348,7 @@ var (
 	procRenameat,
 	procRmdir,
 	proclseek,
+	procSelect,
 	procSetegid,
 	procSeteuid,
 	procSetgid,
@@ -1264,6 +1267,14 @@ func Seek(fd int, offset int64, whence int) (newoffset int64, err error) {
 	return
 }
 
+func Select(n int, r *FdSet, w *FdSet, e *FdSet, timeout *Timeval) (err error) {
+	_, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procSelect)), 5, uintptr(n), uintptr(unsafe.Pointer(r)), uintptr(unsafe.Pointer(w)), uintptr(unsafe.Pointer(e)), uintptr(unsafe.Pointer(timeout)), 0)
+	if e1 != 0 {
+		err = e1
+	}
+	return
+}
+
 func Setegid(egid int) (err error) {
 	_, _, e1 := rawSysvicall6(uintptr(unsafe.Pointer(&procSetegid)), 1, uintptr(egid), 0, 0, 0, 0, 0)
 	if e1 != 0 {

vendor/golang.org/x/sys/unix/zsysnum_solaris_amd64.go

@@ -1,13 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build amd64,solaris
-
-package unix
-
-// TODO(aram): remove these before Go 1.3.
-const (
-	SYS_EXECVE = 59
-	SYS_FCNTL  = 62
-)