chore: upgrade credentialprovider-api-version to v1

cmd/acr-credential-provider/plugin.go

@@ -29,7 +29,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 	"k8s.io/kubelet/pkg/apis/credentialprovider/install"
-	"k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1"
+	v1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 
 	"sigs.k8s.io/cloud-provider-azure/pkg/credentialprovider"
 )
@@ -55,7 +55,7 @@ func NewCredentialProvider(plugin credentialprovider.CredentialProvider) *ExecPl
 }
 
 // Run executes the credential provider plugin. Required information for the plugin request (in
-// the form of v1alpha1.CredentialProviderRequest) is provided via stdin from the kubelet.
+// the form of v1.CredentialProviderRequest) is provided via stdin from the kubelet.
 // The CredentialProviderResponse, containing the username/password required for pulling
 // the provided image, will be sent back to the kubelet via stdout.
 func (e *ExecPlugin) Run(ctx context.Context) error {
@@ -73,7 +73,7 @@ func (e *ExecPlugin) runPlugin(ctx context.Context, r io.Reader, w io.Writer, ar
 		return err
 	}
 
-	if gvk.GroupVersion() != v1alpha1.SchemeGroupVersion {
+	if gvk.GroupVersion() != v1.SchemeGroupVersion {
 		return fmt.Errorf("group version %s is not supported", gvk.GroupVersion())
 	}
 
@@ -109,8 +109,8 @@ func (e *ExecPlugin) runPlugin(ctx context.Context, r io.Reader, w io.Writer, ar
 	return nil
 }
 
-func decodeRequest(data []byte) (*v1alpha1.CredentialProviderRequest, error) {
-	obj, gvk, err := codecs.UniversalDecoder(v1alpha1.SchemeGroupVersion).Decode(data, nil, nil)
+func decodeRequest(data []byte) (*v1.CredentialProviderRequest, error) {
+	obj, gvk, err := codecs.UniversalDecoder(v1.SchemeGroupVersion).Decode(data, nil, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -119,26 +119,26 @@ func decodeRequest(data []byte) (*v1alpha1.CredentialProviderRequest, error) {
 		return nil, fmt.Errorf("kind was %q, expected CredentialProviderRequest", gvk.Kind)
 	}
 
-	if gvk.Group != v1alpha1.GroupName {
-		return nil, fmt.Errorf("group was %q, expected %s", gvk.Group, v1alpha1.GroupName)
+	if gvk.Group != v1.GroupName {
+		return nil, fmt.Errorf("group was %q, expected %s", gvk.Group, v1.GroupName)
 	}
 
-	request, ok := obj.(*v1alpha1.CredentialProviderRequest)
+	request, ok := obj.(*v1.CredentialProviderRequest)
 	if !ok {
 		return nil, fmt.Errorf("unable to convert %T to *CredentialProviderRequest", obj)
 	}
 
 	return request, nil
 }
 
-func encodeResponse(response *v1alpha1.CredentialProviderResponse) ([]byte, error) {
+func encodeResponse(response *v1.CredentialProviderResponse) ([]byte, error) {
 	mediaType := "application/json"
 	info, ok := runtime.SerializerInfoForMediaType(codecs.SupportedMediaTypes(), mediaType)
 	if !ok {
 		return nil, fmt.Errorf("unsupported media type %q", mediaType)
 	}
 
-	encoder := codecs.EncoderForVersion(info.Serializer, v1alpha1.SchemeGroupVersion)
+	encoder := codecs.EncoderForVersion(info.Serializer, v1.SchemeGroupVersion)
 	data, err := runtime.Encode(encoder, response)
 	if err != nil {
 		return nil, fmt.Errorf("failed to encode response: %w", err)

cmd/acr-credential-provider/plugin_test.go

@@ -24,17 +24,17 @@ import (
 	"time"
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1"
+	v1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 )
 
 type fakePlugin struct {
 }
 
-func (f *fakePlugin) GetCredentials(ctx context.Context, image string, args []string) (*v1alpha1.CredentialProviderResponse, error) {
-	return &v1alpha1.CredentialProviderResponse{
-		CacheKeyType:  v1alpha1.RegistryPluginCacheKeyType,
+func (f *fakePlugin) GetCredentials(ctx context.Context, image string, args []string) (*v1.CredentialProviderResponse, error) {
+	return &v1.CredentialProviderResponse{
+		CacheKeyType:  v1.RegistryPluginCacheKeyType,
 		CacheDuration: &metav1.Duration{Duration: 10 * time.Minute},
-		Auth: map[string]v1alpha1.AuthConfig{
+		Auth: map[string]v1.AuthConfig{
 			"*.registry.io": {
 				Username: "user",
 				Password: "password",
@@ -52,26 +52,26 @@ func Test_runPlugin(t *testing.T) {
 	}{
 		{
 			name: "successful test case",
-			in:   bytes.NewBufferString(`{"kind":"CredentialProviderRequest","apiVersion":"credentialprovider.kubelet.k8s.io/v1alpha1","image":"test.registry.io/foobar"}`),
-			expectedOut: []byte(`{"kind":"CredentialProviderResponse","apiVersion":"credentialprovider.kubelet.k8s.io/v1alpha1","cacheKeyType":"Registry","cacheDuration":"10m0s","auth":{"*.registry.io":{"username":"user","password":"password"}}}
+			in:   bytes.NewBufferString(`{"kind":"CredentialProviderRequest","apiVersion":"credentialprovider.kubelet.k8s.io/v1","image":"test.registry.io/foobar"}`),
+			expectedOut: []byte(`{"kind":"CredentialProviderResponse","apiVersion":"credentialprovider.kubelet.k8s.io/v1","cacheKeyType":"Registry","cacheDuration":"10m0s","auth":{"*.registry.io":{"username":"user","password":"password"}}}
 `),
 			expectErr: false,
 		},
 		{
 			name:        "invalid kind",
-			in:          bytes.NewBufferString(`{"kind":"CredentialProviderFoo","apiVersion":"credentialprovider.kubelet.k8s.io/v1alpha1","image":"test.registry.io/foobar"}`),
+			in:          bytes.NewBufferString(`{"kind":"CredentialProviderFoo","apiVersion":"credentialprovider.kubelet.k8s.io/v1","image":"test.registry.io/foobar"}`),
 			expectedOut: nil,
 			expectErr:   true,
 		},
 		{
 			name:        "invalid apiVersion",
-			in:          bytes.NewBufferString(`{"kind":"CredentialProviderRequest","apiVersion":"foo.k8s.io/v1alpha1","image":"test.registry.io/foobar"}`),
+			in:          bytes.NewBufferString(`{"kind":"CredentialProviderRequest","apiVersion":"foo.k8s.io/v1","image":"test.registry.io/foobar"}`),
 			expectedOut: nil,
 			expectErr:   true,
 		},
 		{
 			name:        "empty image",
-			in:          bytes.NewBufferString(`{"kind":"CredentialProviderRequest","apiVersion":"credentialprovider.kubelet.k8s.io/v1alpha1","image":""}`),
+			in:          bytes.NewBufferString(`{"kind":"CredentialProviderRequest","apiVersion":"credentialprovider.kubelet.k8s.io/v1","image":""}`),
 			expectedOut: nil,
 			expectErr:   true,
 		},

pkg/credentialprovider/azure_credentials.go

@@ -32,7 +32,7 @@ import (
 	"github.com/Azure/go-autorest/autorest/azure"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/klog/v2"
-	"k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1"
+	v1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 )
 
 // Refer: https://github.com/kubernetes/kubernetes/blob/master/pkg/credentialprovider/azure/azure_credentials.go
@@ -50,7 +50,7 @@ var (
 // CredentialProvider is an interface implemented by the kubelet credential provider plugin to fetch
 // the username/password based on the provided image name.
 type CredentialProvider interface {
-	GetCredentials(ctx context.Context, image string, args []string) (response *v1alpha1.CredentialProviderResponse, err error)
+	GetCredentials(ctx context.Context, image string, args []string) (response *v1.CredentialProviderResponse, err error)
 }
 
 // acrProvider implements the credential provider interface for Azure Container Registry.
@@ -93,21 +93,21 @@ func newAcrProviderFromConfigReader(configReader io.Reader) (*acrProvider, error
 	}, nil
 }
 
-func (a *acrProvider) GetCredentials(ctx context.Context, image string, args []string) (*v1alpha1.CredentialProviderResponse, error) {
+func (a *acrProvider) GetCredentials(ctx context.Context, image string, args []string) (*v1.CredentialProviderResponse, error) {
 	loginServer := a.parseACRLoginServerFromImage(image)
 	if loginServer == "" {
 		klog.V(2).Infof("image(%s) is not from ACR, return empty authentication", image)
-		return &v1alpha1.CredentialProviderResponse{
-			CacheKeyType:  v1alpha1.RegistryPluginCacheKeyType,
+		return &v1.CredentialProviderResponse{
+			CacheKeyType:  v1.RegistryPluginCacheKeyType,
 			CacheDuration: &metav1.Duration{Duration: 0},
-			Auth:          map[string]v1alpha1.AuthConfig{},
+			Auth:          map[string]v1.AuthConfig{},
 		}, nil
 	}
 
-	response := &v1alpha1.CredentialProviderResponse{
-		CacheKeyType:  v1alpha1.RegistryPluginCacheKeyType,
+	response := &v1.CredentialProviderResponse{
+		CacheKeyType:  v1.RegistryPluginCacheKeyType,
 		CacheDuration: &metav1.Duration{Duration: defaultCacheTTL},
-		Auth: map[string]v1alpha1.AuthConfig{
+		Auth: map[string]v1.AuthConfig{
 			// empty username and password for anonymous ACR access
 			"*.azurecr.*": {
 				Username: "",
@@ -123,14 +123,14 @@ func (a *acrProvider) GetCredentials(ctx context.Context, image string, args []s
 			return nil, err
 		}
 
-		response.Auth[loginServer] = v1alpha1.AuthConfig{
+		response.Auth[loginServer] = v1.AuthConfig{
 			Username: username,
 			Password: password,
 		}
 	} else {
 		// Add our entry for each of the supported container registry URLs
 		for _, url := range containerRegistryUrls {
-			cred := v1alpha1.AuthConfig{
+			cred := v1.AuthConfig{
 				Username: a.config.AADClientID,
 				Password: a.config.AADClientSecret,
 			}
@@ -150,7 +150,7 @@ func (a *acrProvider) GetCredentials(ctx context.Context, image string, args []s
 			}
 
 			if !hasBeenAdded {
-				cred := v1alpha1.AuthConfig{
+				cred := v1.AuthConfig{
 					Username: a.config.AADClientID,
 					Password: a.config.AADClientSecret,
 				}