refactor: delete custom entities

CHANGELOG.md

@@ -72,14 +72,20 @@ Adding a new version? You'll need three changes:
 - Disabled non-functioning mesh reporting when `--watch-namespaces` flag set.
  [#3336](https:/Kong/kubernetes-ingress-controller/pull/3336)
 
+### Deprecated
+
+- `kong-custom-entities-secret` flag has been marked as deprecated and will be
+ removed in 3.0.
+ [#3262](https:/Kong/kubernetes-ingress-controller/pull/3262)
+
 ## [2.8.1]
 
 > Release date: 2022-01-04
 
 ### Fixed
 
 - When `CombinedRoutes` is turned on, translator will replace each occurrence of
- `*` in `Ingress`'s host to `_` in kong route names because `*` is not
+  `*` in `Ingress`'s host to `_` in kong route names because `*` is not
  allowed in kong route names.
  [#3312](https:/Kong/kubernetes-ingress-controller/pull/3312)
 - Fix an issue with `CombinedRoutes`, which caused the controller to fail when
@@ -2161,15 +2167,15 @@ Please read the changelog and test in your environment.
  [#92](https:/Kong/kubernetes-ingress-controller/pull/92)
 
 
-## [v0.0.5]
+## [0.0.5]
 
 > Release date: 2018/06/02
 
 #### Added
 
  - Add support for Kong Enterprise Edition 0.32 and above
 
-## [v0.0.4] and prior
+## [0.0.4] and prior
 
  - The initial versions were rapildy iterated to deliver
  a working ingress controller.

internal/dataplane/deckgen/deckgen.go

@@ -1,7 +1,6 @@
 package deckgen
 
 import (
- "bytes"
  "crypto/sha256"
  "encoding/json"
  "fmt"
@@ -10,24 +9,15 @@ import (
  "github.com/kong/go-kong/kong"
 )
 
-// GenerateSHA generates a SHA256 checksum of the (targetContent, customEntities) tuple, with the purpose of change
-// detection.
-func GenerateSHA(targetContent *file.Content,
- customEntities []byte,
-) ([]byte, error) {
- var buffer bytes.Buffer
-
+// GenerateSHA generates a SHA256 checksum of targetContent, with the purpose
+// of change detection.
+func GenerateSHA(targetContent *file.Content) ([]byte, error) {
  jsonConfig, err := json.Marshal(targetContent)
  if err != nil {
  return nil, fmt.Errorf("marshaling Kong declarative configuration to JSON: %w", err)
  }
- buffer.Write(jsonConfig)
-
- if customEntities != nil {
- buffer.Write(customEntities)
- }
 
- shaSum := sha256.Sum256(buffer.Bytes())
+ shaSum := sha256.Sum256(jsonConfig)
  return shaSum[:], nil
 }
 

internal/dataplane/kong_client.go

@@ -384,7 +384,6 @@ func (c *KongClient) Update(ctx context.Context) error {
  c.skipCACertificates,
  targetConfig,
  c.kongConfig.FilterTags,
- nil,
  c.lastConfigSHA,
  c.prometheusMetrics,
  )

internal/dataplane/sendconfig/sendconfig.go

@@ -32,7 +32,7 @@ const initialHash = "00000000000000000000000000000000"
 // Sendconfig - Public Functions
 // -----------------------------------------------------------------------------
 
-// PerformUpdate writes `targetContent` and `customEntities` to Kong Admin API specified by `kongConfig`.
+// PerformUpdate writes `targetContent` to Kong Admin API specified by `kongConfig`.
 func PerformUpdate(ctx context.Context,
  log logrus.FieldLogger,
  kongConfig *Kong,
@@ -41,11 +41,10 @@ func PerformUpdate(ctx context.Context,
  skipCACertificates bool,
  targetContent *file.Content,
  selectorTags []string,
- customEntities []byte,
  oldSHA []byte,
  promMetrics *metrics.CtrlFuncMetrics,
 ) ([]byte, error) {
- newSHA, err := deckgen.GenerateSHA(targetContent, customEntities)
+ newSHA, err := deckgen.GenerateSHA(targetContent)
  if err != nil {
  return oldSHA, err
  }
@@ -79,7 +78,7 @@ func PerformUpdate(ctx context.Context,
  timeStart := time.Now()
  if inMemory {
  metricsProtocol = metrics.ProtocolDBLess
- err = onUpdateInMemoryMode(ctx, log, targetContent, customEntities, kongConfig)
+ err = onUpdateInMemoryMode(ctx, log, targetContent, kongConfig)
  } else {
  metricsProtocol = metrics.ProtocolDeck
  err = onUpdateDBMode(ctx, targetContent, kongConfig, selectorTags, skipCACertificates)
@@ -116,68 +115,17 @@ func PerformUpdate(ctx context.Context,
 // Sendconfig - Private Functions
 // -----------------------------------------------------------------------------
 
-func renderConfigWithCustomEntities(log logrus.FieldLogger, state *file.Content,
- customEntitiesJSONBytes []byte,
-) ([]byte, error) {
- var kongCoreConfig []byte
- var err error
-
- kongCoreConfig, err = json.Marshal(state)
- if err != nil {
- return nil, fmt.Errorf("marshaling kong config into json: %w", err)
- }
-
- // fast path
- if len(customEntitiesJSONBytes) == 0 {
- return kongCoreConfig, nil
- }
-
- // slow path
- mergeMap := map[string]interface{}{}
- var result []byte
- var customEntities map[string]interface{}
-
- // unmarshal core config into the merge map
- err = json.Unmarshal(kongCoreConfig, &mergeMap)
- if err != nil {
- return nil, fmt.Errorf("unmarshalling kong config into map[string]interface{}: %w", err)
- }
-
- // unmarshal custom entities config into the merge map
- err = json.Unmarshal(customEntitiesJSONBytes, &customEntities)
- if err != nil {
- // do not error out when custom entities are messed up
- log.WithError(err).Error("failed to unmarshal custom entities from secret data")
- } else {
- for k, v := range customEntities {
- if _, exists := mergeMap[k]; !exists {
- mergeMap[k] = v
- }
- }
- }
-
- // construct the final configuration
- result, err = json.Marshal(mergeMap)
- if err != nil {
- err = fmt.Errorf("marshaling final config into JSON: %w", err)
- return nil, err
- }
-
- return result, nil
-}
-
 func onUpdateInMemoryMode(ctx context.Context,
  log logrus.FieldLogger,
  state *file.Content,
- customEntities []byte,
  kongConfig *Kong,
 ) error {
  // Kong will error out if this is set
  state.Info = nil
  // Kong errors out if `null`s are present in `config` of plugins
  deckgen.CleanUpNullsInPluginConfigs(state)
 
- config, err := renderConfigWithCustomEntities(log, state, customEntities)
+ config, err := json.Marshal(state)
  if err != nil {
  return fmt.Errorf("constructing kong configuration: %w", err)
  }

internal/dataplane/sendconfig/sendconfig_test.go

@@ -5,127 +5,16 @@ import (
  "fmt"
  "net"
  "net/http"
- "reflect"
  "testing"
 
- "github.com/kong/deck/file"
  deckutils "github.com/kong/deck/utils"
  "github.com/kong/go-kong/kong"
- "github.com/sirupsen/logrus"
  "github.com/stretchr/testify/assert"
  "github.com/stretchr/testify/require"
 
  "github.com/kong/kubernetes-ingress-controller/v2/internal/metrics"
 )
 
-func TestRenderConfigWithCustomEntities(t *testing.T) {
- type args struct {
- state *file.Content
- customEntitiesJSONBytes []byte
- }
- tests := []struct {
- name string
- args args
- want []byte
- wantErr bool
- }{
- {
- name: "basic sanity test for fast-path",
- args: args{
- state: &file.Content{
- FormatVersion: "1.1",
- Services: []file.FService{
- {
- Service: kong.Service{
- Name: kong.String("foo"),
- Host: kong.String("example.com"),
- },
- },
- },
- },
- customEntitiesJSONBytes: nil,
- },
- want: []byte(`{"_format_version":"1.1","services":[{"host":"example.com","name":"foo"}]}`),
- wantErr: false,
- },
- {
- name: "does not break with random bytes in the custom entities",
- args: args{
- state: &file.Content{
- FormatVersion: "1.1",
- Services: []file.FService{
- {
- Service: kong.Service{
- Name: kong.String("foo"),
- Host: kong.String("example.com"),
- },
- },
- },
- },
- customEntitiesJSONBytes: []byte("random-bytes"),
- },
- want: []byte(`{"_format_version":"1.1","services":[{"host":"example.com","name":"foo"}]}`),
- wantErr: false,
- },
- {
- name: "custom entities cannot hijack core entities",
- args: args{
- state: &file.Content{
- FormatVersion: "1.1",
- Services: []file.FService{
- {
- Service: kong.Service{
- Name: kong.String("foo"),
- Host: kong.String("example.com"),
- },
- },
- },
- },
- customEntitiesJSONBytes: []byte(`{"services":[{"host":"rogue.example.com","name":"rogue"}]}`),
- },
- want: []byte(`{"_format_version":"1.1","services":[{"host":"example.com","name":"foo"}]}`),
- wantErr: false,
- },
- {
- name: "custom entities can be populated",
- args: args{
- state: &file.Content{
- FormatVersion: "1.1",
- Services: []file.FService{
- {
- Service: kong.Service{
- Name: kong.String("foo"),
- Host: kong.String("example.com"),
- },
- },
- },
- },
- customEntitiesJSONBytes: []byte(`{"my-custom-dao-name":` +
- `[{"name":"custom1","key1":"value1"},` +
- `{"name":"custom2","dumb":"test-value","boring-test-value-name":"really?"}]}`),
- },
- want: []byte(`{"_format_version":"1.1",` +
- `"my-custom-dao-name":[{"key1":"value1","name":"custom1"},` +
- `{"boring-test-value-name":"really?","dumb":"test-value","name":"custom2"}]` +
- `,"services":[{"host":"example.com","name":"foo"}]}`),
- wantErr: false,
- },
- }
- for _, tt := range tests {
- t.Run(tt.name, func(t *testing.T) {
- got, err := renderConfigWithCustomEntities(logrus.New(), tt.args.state, tt.args.customEntitiesJSONBytes)
- if (err != nil) != tt.wantErr {
- t.Errorf("renderConfigWithCustomEntities() error = %v, wantErr %v", err, tt.wantErr)
- return
- }
- if !reflect.DeepEqual(got, tt.want) {
- t.Errorf("renderConfigWithCustomEntities() = %v, want %v",
- string(got), string(tt.want))
- }
- })
- }
-}
-
 func TestUpdateReportingUtilities(t *testing.T) {
  assert.False(t, hasSHAUpdateAlreadyBeenReported([]byte("fake-sha")))
  assert.True(t, hasSHAUpdateAlreadyBeenReported([]byte("fake-sha")))

internal/manager/config.go

@@ -45,15 +45,14 @@ type Config struct {
  CacheSyncTimeout time.Duration
 
  // Kong Proxy configurations
- APIServerHost string
- APIServerQPS int
- APIServerBurst int
- MetricsAddr string
- ProbeAddr string
- KongAdminURL string
- ProxySyncSeconds float32
- ProxyTimeoutSeconds float32
- KongCustomEntitiesSecret string
+ APIServerHost string
+ APIServerQPS int
+ APIServerBurst int
+ MetricsAddr string
+ ProbeAddr string
+ KongAdminURL string
+ ProxySyncSeconds float32
+ ProxyTimeoutSeconds float32
 
  // Kubernetes configurations
  KubeconfigPath string
@@ -152,7 +151,9 @@ func (c *Config) FlagSet() *pflag.FlagSet {
  flagSet.Float32Var(&c.ProxyTimeoutSeconds, "proxy-timeout-seconds", dataplane.DefaultTimeoutSeconds,
  "Sets the timeout (in seconds) for all requests to Kong's Admin API.",
  )
- flagSet.StringVar(&c.KongCustomEntitiesSecret, "kong-custom-entities-secret", "", `WARNING: Does not work. It's a known issue tracked in a GitHub issue #3278.`)
+
+ _ = flagSet.String("kong-custom-entities-secret", "", "Will be removed in next major release.")
+ flagSet.MarkDeprecated("kong-custom-entities-secret", "Will be removed in next major release.") //nolint:errcheck
 
  // Kubernetes configurations
  flagSet.StringVar(&c.GatewayAPIControllerName, "gateway-api-controller-name", string(gateway.ControllerName), "The controller name to match on Gateway API resources.")