remove global variable dependency from admission plugins

[deads2k]

Adds an admission plugin initializer that passes a set of FeatureGates to the admission plugins during initialization that can then be used to set bool values and avoid coupling global variables together.

func (a *admissionPlugin) InspectFeatureGates(features featuregate.FeatureGate){
    a.myFeatureIsOn = features.Enabled("my-feature")
}

/kind cleanup
/priority important-soon
@kubernetes/sig-api-machinery-pr-reviews

@ravisantoshgudimetla this is how to remove the global dep from admission plugins

NONE

[liggitt]

pass in feature.DefaultFeatureGate, not the mutable one? (comment applies everywhere)

[liggitt]

Trying to think what the implications of this are... having multiple feature gate instances floating around seems bad. Are we overriding this with our existing util featureGate buckets anywhere?

[deads2k]

Trying to think what the implications of this are... having multiple feature gate instances floating around seems bad. Are we overriding this with our existing util featureGate buckets anywhere?

kube-apiserver does. I could choose to reference the on in the apiserver package.

[liggitt]

fixing the feature gate impl to error if an unregistered feature is interrogated seems like a good path forward. #84865

[liggitt]

it is a little strange that the default here will not have the generic apiserver features registered

[deads2k]

it is a little strange that the default here will not have the generic apiserver features registered

to my knowledge, our recommend options don't include featuregates

[liggitt]

kubernetes/staging/src/k8s.io/apiserver/pkg/features/kube_features.go

Lines 157 to 167 in 62f66ea

	APIResponseCompression: {Default: true, PreRelease: featuregate.Beta},
	APIListChunking: {Default: true, PreRelease: featuregate.Beta},
	DryRun: {Default: true, PreRelease: featuregate.Beta},
	RemainingItemCount: {Default: true, PreRelease: featuregate.Beta},
	ServerSideApply: {Default: true, PreRelease: featuregate.Beta},
	StorageVersionHash: {Default: true, PreRelease: featuregate.Beta},
	WinOverlay: {Default: false, PreRelease: featuregate.Alpha},
	WinDSR: {Default: false, PreRelease: featuregate.Alpha},
	WatchBookmark: {Default: true, PreRelease: featuregate.GA, LockToDefault: true},
	RequestManagement: {Default: false, PreRelease: featuregate.Alpha},
	RemoveSelfLink: {Default: false, PreRelease: featuregate.Alpha},

those?

[deads2k]

We have them defined, but we don't actually expose a way to wire them to options in the genericapiserver. Or at least I don't remember them in recommendedoptions

[liggitt]

they're not wired to flags, but the API server still checks them in handlers, etc, so if they're not registered, I'm pretty sure the API server wouldn't run

[yue9944882]

/retest

[deads2k]

asdf

[deads2k]

Updated to use the featuregate defined in apiserver that is abused by so many others because it sits high in the stack. Left a comment for future developers to ponder their choices.

[liggitt]

/approve

one unit test failure, lgtm otherwise

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: deads2k, liggitt

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• cmd/kube-apiserver/OWNERS [deads2k,liggitt]
• pkg/kubeapiserver/OWNERS [deads2k,liggitt]
• plugin/pkg/admission/OWNERS [deads2k,liggitt]
• staging/src/k8s.io/apiserver/OWNERS [deads2k,liggitt]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[liggitt]

/lgtm

[liggitt]

/lgtm

[fejta-bot]

/retest
This bot automatically retries jobs that failed/flaked on approved PRs (send feedback to fejta).

Review the full test history for this PR.

Silence the bot with an /lgtm cancel or /hold comment for consistent failures.

[k8s-ci-robot]

New changes are detected. LGTM label has been removed.

[deads2k]

updated per comment, retagging.

[deads2k]

/retest

[liggitt]

diff -Naupr -x _output /home/prow/go/src/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD /tmp/verify-bazel.qguOOd/go/src/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD
--- /home/prow/go/src/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD	2019-11-12 13:14:11.728674466 +0000
+++ /tmp/verify-bazel.qguOOd/go/src/k8s.io/kubernetes/plugin/pkg/admission/noderestriction/BUILD	2019-11-12 13:15:34.733658705 +0000
@@ -53,6 +53,7 @@ go_test(
         "//staging/src/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/runtime/schema:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/types:go_default_library",
+        "//staging/src/k8s.io/apimachinery/pkg/util/runtime:go_default_library",
         "//staging/src/k8s.io/apimachinery/pkg/util/sets:go_default_library",
         "//staging/src/k8s.io/apiserver/pkg/admission:go_default_library",
         "//staging/src/k8s.io/apiserver/pkg/authentication/user:go_default_library",

Run ./hack/update-bazel.sh

[k8s-ci-robot]

New changes are detected. LGTM label has been removed.

[k8s-ci-robot]

@deads2k: The following test failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
pull-kubernetes-node-e2e-containerd	83f6f27	link	/test pull-kubernetes-node-e2e-containerd

Full PR test history. Your PR dashboard. Please help us cut down on flakes by linking to an open issue when you hit one in your PR.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.