chore: Bump up kubernetes/client-go from v0.17.17 to v0.20.5

go.mod

@@ -6,10 +6,10 @@ require (
 	github.com/spf13/cobra v1.1.1
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.7.0
-	k8s.io/api v0.17.17
-	k8s.io/apiextensions-apiserver v0.17.17
-	k8s.io/apimachinery v0.17.17
-	k8s.io/cli-runtime v0.17.17
-	k8s.io/client-go v0.17.17
+	k8s.io/api v0.20.5
+	k8s.io/apiextensions-apiserver v0.20.5
+	k8s.io/apimachinery v0.20.5
+	k8s.io/cli-runtime v0.20.5
+	k8s.io/client-go v0.20.5
 	k8s.io/klog v1.0.0
 )

pkg/cmd/access_checker.go

@@ -1,7 +1,10 @@
 package cmd
 
 import (
+	"context"
+
 	authz "k8s.io/api/authorization/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	clientauthz "k8s.io/client-go/kubernetes/typed/authorization/v1"
 )
 
@@ -35,7 +38,7 @@ func (ac *accessChecker) IsAllowedTo(verb, resource, namespace string) (bool, er
 		},
 	}
 
-	sar, err := ac.client.Create(sar)
+	sar, err := ac.client.Create(context.Background(), sar, metav1.CreateOptions{})
 	if err != nil {
 		return false, err
 	}

pkg/cmd/access_checker_test.go

@@ -2,13 +2,14 @@ package cmd
 
 import (
 	"errors"
+	"testing"
+
 	"github.com/stretchr/testify/assert"
 	authz "k8s.io/api/authorization/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/kubernetes/fake"
 	clientauthz "k8s.io/client-go/kubernetes/typed/authorization/v1"
 	clienttesting "k8s.io/client-go/testing"
-	"testing"
 )
 
 func TestIsAllowed(t *testing.T) {

pkg/cmd/list.go

@@ -1,6 +1,7 @@
 package cmd
 
 import (
+	"context"
 	"errors"
 	"flag"
 	"fmt"
@@ -11,7 +12,7 @@ import (
 	core "k8s.io/api/core/v1"
 	rbac "k8s.io/api/rbac/v1"
 	apimeta "k8s.io/apimachinery/pkg/api/meta"
-	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	clioptions "k8s.io/cli-runtime/pkg/genericclioptions"
 	"k8s.io/client-go/kubernetes"
@@ -335,12 +336,13 @@ func (w *WhoCan) CheckAPIAccess(action Action) ([]string, error) {
 
 	var checks []check
 	var warnings []string
+	ctx := context.Background()
 
 	// Determine which checks need to be executed.
 	if action.Namespace == "" {
 		checks = append(checks, check{"list", "namespaces", ""})
 
-		nsList, err := w.clientNamespace.List(meta.ListOptions{})
+		nsList, err := w.clientNamespace.List(ctx, metav1.ListOptions{})
 		if err != nil {
 			return nil, fmt.Errorf("listing namespaces: %v", err)
 		}
@@ -377,7 +379,8 @@ func (w *WhoCan) CheckAPIAccess(action Action) ([]string, error) {
 
 // GetRolesFor returns a set of names of Roles matching the specified Action.
 func (w *WhoCan) getRolesFor(action resolvedAction) (roles, error) {
-	rl, err := w.clientRBAC.Roles(action.Namespace).List(meta.ListOptions{})
+	ctx := context.Background()
+	rl, err := w.clientRBAC.Roles(action.Namespace).List(ctx, metav1.ListOptions{})
 	if err != nil {
 		return nil, err
 	}
@@ -397,7 +400,8 @@ func (w *WhoCan) getRolesFor(action resolvedAction) (roles, error) {
 
 // GetClusterRolesFor returns a set of names of ClusterRoles matching the specified Action.
 func (w *WhoCan) getClusterRolesFor(action resolvedAction) (clusterRoles, error) {
-	crl, err := w.clientRBAC.ClusterRoles().List(meta.ListOptions{})
+	ctx := context.Background()
+	crl, err := w.clientRBAC.ClusterRoles().List(ctx, metav1.ListOptions{})
 	if err != nil {
 		return nil, err
 	}
@@ -420,8 +424,8 @@ func (w *WhoCan) getRoleBindings(action resolvedAction, roleNames roles, cluster
 	if action.Namespace == core.NamespaceAll {
 		return
 	}
-
-	list, err := w.clientRBAC.RoleBindings(action.Namespace).List(meta.ListOptions{})
+	ctx := context.Background()
+	list, err := w.clientRBAC.RoleBindings(action.Namespace).List(ctx, metav1.ListOptions{})
 	if err != nil {
 		return
 	}
@@ -443,7 +447,8 @@ func (w *WhoCan) getRoleBindings(action resolvedAction, roleNames roles, cluster
 
 // GetClusterRoleBindings returns the ClusterRoleBindings that refer to the given sef of ClusterRole names.
 func (w *WhoCan) getClusterRoleBindings(clusterRoleNames clusterRoles) (clusterRoleBindings []rbac.ClusterRoleBinding, err error) {
-	list, err := w.clientRBAC.ClusterRoleBindings().List(meta.ListOptions{})
+	ctx := context.Background()
+	list, err := w.clientRBAC.ClusterRoleBindings().List(ctx, metav1.ListOptions{})
 	if err != nil {
 		return
 	}

pkg/cmd/list_test.go

@@ -9,7 +9,7 @@ import (
 	"github.com/stretchr/testify/mock"
 	"github.com/stretchr/testify/require"
 	core "k8s.io/api/core/v1"
-	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/client-go/kubernetes/fake"
@@ -268,10 +268,10 @@ func TestWhoCan_CheckAPIAccess(t *testing.T) {
 		list := &core.NamespaceList{
 			Items: []core.Namespace{
 				{
-					ObjectMeta: meta.ObjectMeta{Name: FooNs},
+					ObjectMeta: metav1.ObjectMeta{Name: FooNs},
 				},
 				{
-					ObjectMeta: meta.ObjectMeta{Name: BarNs},
+					ObjectMeta: metav1.ObjectMeta{Name: BarNs},
 				},
 			},
 		}
@@ -366,7 +366,7 @@ func TestWhoCan_GetRolesFor(t *testing.T) {
 	action := resolvedAction{Action: Action{Verb: "list", Resource: "services"}}
 
 	viewServicesRole := rbac.Role{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name: "view-services",
 		},
 		Rules: []rbac.PolicyRule{
@@ -378,7 +378,7 @@ func TestWhoCan_GetRolesFor(t *testing.T) {
 	}
 
 	viewPodsRole := rbac.Role{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name: "view-pods",
 		},
 		Rules: []rbac.PolicyRule{
@@ -425,7 +425,7 @@ func TestWhoCan_GetClusterRolesFor(t *testing.T) {
 	action := resolvedAction{Action: Action{Verb: "get", Resource: "/logs"}}
 
 	getLogsRole := rbac.ClusterRole{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name: "get-logs",
 		},
 		Rules: []rbac.PolicyRule{
@@ -437,7 +437,7 @@ func TestWhoCan_GetClusterRolesFor(t *testing.T) {
 	}
 
 	getApiRole := rbac.ClusterRole{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name: "get-api",
 		},
 		Rules: []rbac.PolicyRule{
@@ -484,7 +484,7 @@ func TestWhoCan_GetRoleBindings(t *testing.T) {
 	clusterRoleNames := map[string]struct{}{"view-configmaps": {}}
 
 	viewPodsBnd := rbac.RoleBinding{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name:      "view-pods-bnd",
 			Namespace: namespace,
 		},
@@ -495,7 +495,7 @@ func TestWhoCan_GetRoleBindings(t *testing.T) {
 	}
 
 	viewConfigMapsBnd := rbac.RoleBinding{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name: "view-configmaps-bnd",
 		},
 		RoleRef: rbac.RoleRef{
@@ -532,11 +532,10 @@ func TestWhoCan_GetRoleBindings(t *testing.T) {
 
 func TestWhoCan_GetClusterRoleBindings(t *testing.T) {
 	client := fake.NewSimpleClientset()
-
 	clusterRoleNames := map[string]struct{}{"get-healthz": {}}
 
 	getLogsBnd := rbac.ClusterRoleBinding{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name: "get-logs-bnd",
 		},
 		RoleRef: rbac.RoleRef{
@@ -546,7 +545,7 @@ func TestWhoCan_GetClusterRoleBindings(t *testing.T) {
 	}
 
 	getHealthzBnd := rbac.ClusterRoleBinding{
-		ObjectMeta: meta.ObjectMeta{
+		ObjectMeta: metav1.ObjectMeta{
 			Name: "get-healthz-bnd",
 		},
 		RoleRef: rbac.RoleRef{

pkg/cmd/namespace_validator.go

@@ -1,7 +1,9 @@
 package cmd
 
 import (
+	"context"
 	"fmt"
+
 	core "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
 	meta "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -29,7 +31,8 @@ func NewNamespaceValidator(client clientcore.NamespaceInterface) NamespaceValida
 
 func (w *namespaceValidator) Validate(name string) error {
 	if name != core.NamespaceAll {
-		ns, err := w.client.Get(name, meta.GetOptions{})
+		ctx := context.Background()
+		ns, err := w.client.Get(ctx, name, meta.GetOptions{})
 		if err != nil {
 			if statusErr, ok := err.(*errors.StatusError); ok &&
 				statusErr.Status().Reason == meta.StatusReasonNotFound {

pkg/cmd/namespace_validator_test.go

@@ -2,6 +2,8 @@ package cmd
 
 import (
 	"errors"
+	"testing"
+
 	"github.com/stretchr/testify/assert"
 	v1 "k8s.io/api/core/v1"
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
@@ -10,7 +12,6 @@ import (
 	"k8s.io/client-go/kubernetes/fake"
 	v12 "k8s.io/client-go/kubernetes/typed/core/v1"
 	k8stesting "k8s.io/client-go/testing"
-	"testing"
 )
 
 func TestNamespaceValidator_Validate(t *testing.T) {