Prepare for 0.3.0

.github/workflows/ci.yaml

@@ -16,118 +16,108 @@ name: Validate PRs
 
 on:
   pull_request:
-    branches: [ main ]
+    branches: [main]
 
 jobs:
   go:
     name: Check go sources
     runs-on: ubuntu-latest
     steps:
-    -
-      name: Check out code into the Go module directory
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
-    - 
-      name: Set up Go 1.x
-      uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
-      with:
-        go-version-file: 'go.mod'
-    -
-      name: Cache go modules
-      id: cache-mod
-      uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
-      with:
-        path: ~/go/pkg/mod
-        key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
-        restore-keys: |
-          ${{ runner.os }}-go-
-    -
-      name: Download dependencies
-      run: go mod download
-      if: steps.cache-mod.outputs.cache-hit != 'true'
-    -
-      name: Check go mod status
-      run: |
-        go mod tidy
-        if [[ ! -z $(git status -s) ]]
-        then
-          echo "Go mod state is not clean: $(git status -s)"
-          exit 1
-        fi
-    -
-      name: Check format
-      run: |
-        go get -u github.com/google/addlicense
-        go install github.com/google/addlicense
-        go get -u golang.org/x/tools/cmd/goimports
-        go install golang.org/x/tools/cmd/goimports
-        git reset HEAD --hard
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Set up Go 1.x
+        uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
+        with:
+          go-version-file: "go.mod"
+      - name: Cache go modules
+        id: cache-mod
+        uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
+        with:
+          path: ~/go/pkg/mod
+          key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-
+      - name: Download dependencies
+        run: go mod download
+        if: steps.cache-mod.outputs.cache-hit != 'true'
+      - name: Check go mod status
+        run: |
+          go mod tidy
+          if [[ ! -z $(git status -s) ]]
+          then
+            echo "Go mod state is not clean: $(git status -s)"
+            exit 1
+          fi
+      - name: Check format
+        run: |
+          go get -u github.com/google/addlicense@dc31ac9ffcca99c9457226366135701794b128c0
+          go install github.com/google/addlicense@dc31ac9ffcca99c9457226366135701794b128c0
+          go get -u golang.org/x/tools/cmd/goimports@0cc407e63f5fdd71499c32afa4c54382c5b48d71
+          go install golang.org/x/tools/cmd/goimports@0cc407e63f5fdd71499c32afa4c54382c5b48d71
+          git reset HEAD --hard
 
-        make fmt
-        if [[ ! -z $(git status -s) ]]
-        then
-          echo "not well formatted sources found during make fmt: $(git --no-pager diff)"
-          exit 1
-        fi
+          make fmt
+          if [[ ! -z $(git status -s) ]]
+          then
+            echo "not well formatted sources found during make fmt: $(git --no-pager diff)"
+            exit 1
+          fi
 
-        make fmt_license
-        if [[ ! -z $(git status -s) ]]
-        then
-          echo "not well formatted sources found during make fmt_license: $(git status -s)"
-          exit 1
-        fi
-    -
-      name: Check code generation
-      run: make generate
-    -
-      name: Check CRD manifest generation
-      run: make manifests
-    -
-      name: Run unit tests
-      run: make test
-    - 
-      name: Upload coverage to Codecov
-      uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
+          make fmt_license
+          if [[ ! -z $(git status -s) ]]
+          then
+            echo "not well formatted sources found during make fmt_license: $(git status -s)"
+            exit 1
+          fi
+      - name: Check code generation
+        run: make generate
+      - name: Check CRD manifest generation
+        run: make manifests
+      - name: Run unit tests
+        run: make test
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
 
-    - name: Run Gosec Security Scanner
-      run: |
-        go install github.com/securego/gosec/v2/cmd/gosec@v2.14.0
-        make gosec
-        if [[ $? != 0 ]]
-        then
-          echo "gosec scanner failed to run "
-          exit 1
-        fi   
+      - name: Run Gosec Security Scanner
+        run: |
+          go install github.com/securego/gosec/v2/cmd/gosec@1af1d5bb49259b62e45c505db397dd2ada5d74f8
+          make gosec
+          if [[ $? != 0 ]]
+          then
+            echo "gosec scanner failed to run "
+            exit 1
+          fi
 
-    - name: Upload SARIF file
-      uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # 2.22.5
-      with:
-        # Path to SARIF file relative to the root of the repository
-        sarif_file: gosec.sarif
+      - name: Upload SARIF file
+        uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # 2.22.5
+        with:
+          # Path to SARIF file relative to the root of the repository
+          sarif_file: gosec.sarif
 
   operator-build:
     name: Check operator container image build
     runs-on: ubuntu-latest
 
     steps:
-    - name: Check out code into the Go module directory
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
-    - name: Set up QEMU # Enables arm64 image building
-      uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
+      - name: Set up QEMU # Enables arm64 image building
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
 
-    - name: Check if operator docker build is working
-      run: make docker-buildx-build
+      - name: Check if operator docker build is working
+        run: make docker-buildx-build
 
   operator-bundle-build:
     name: Check operator bundle build
     runs-on: ubuntu-latest
 
     steps:
-    - name: Check out code into the Go module directory
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
-    - name: Set up QEMU # Enables arm64 image building
-      uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
-    
-    - name: Build the operator's bundle image
-      run: make docker-bundle-buildx-build
+      - name: Set up QEMU # Enables arm64 image building
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
+
+      - name: Build the operator's bundle image
+        run: make docker-bundle-buildx-build

.github/workflows/dockerimage-push.yaml

@@ -16,43 +16,43 @@ name: Next Dockerimage
 
 on:
   push:
-    branches: [ main ]
+    branches: [main]
 
 jobs:
   push-operator-image:
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout registry-operator source code
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
-
-    - name: Set up QEMU # Enables arm64 image building
-      uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
-
-    - name: Login to Quay.io
-      uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
-      with:
-        registry: quay.io
-        username: ${{ secrets.QUAY_USERNAME }}
-        password: ${{ secrets.QUAY_PASSWORD }}
-
-    - name: Build and push Operator with Docker Buildx
-      run: "make docker-buildx-push"
-        
+      - name: Checkout registry-operator source code
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+
+      - name: Set up QEMU # Enables arm64 image building
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
+
+      - name: Login to Quay.io
+        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
+
+      - name: Build and push Operator with Docker Buildx
+        run: "make docker-buildx-push"
+
   push-operator-bundle:
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout registry-operator source code
-      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
+      - name: Checkout registry-operator source code
+        uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
 
-    - name: Set up QEMU # Enables arm64 image building
-      uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
+      - name: Set up QEMU # Enables arm64 image building
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #v3.0.0
 
-    - name: Login to Quay.io
-      uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
-      with:
-        registry: quay.io
-        username: ${{ secrets.QUAY_USERNAME }}
-        password: ${{ secrets.QUAY_PASSWORD }}
+      - name: Login to Quay.io
+        uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc # v2.2.0
+        with:
+          registry: quay.io
+          username: ${{ secrets.QUAY_USERNAME }}
+          password: ${{ secrets.QUAY_PASSWORD }}
 
-    - name: Build and push bundle with Docker Buildx
-      run: "make docker-bundle-buildx-push"
+      - name: Build and push bundle with Docker Buildx
+        run: "make docker-bundle-buildx-push"

.github/workflows/release-pr.yaml

@@ -31,7 +31,7 @@ jobs:
           go-version-file: 'go.mod'
       - name: Run Gosec Security Scanner
         run: |
-          go install github.com/securego/gosec/v2/cmd/gosec@v2.14.0
+          go install github.com/securego/gosec/v2/cmd/gosec@1af1d5bb49259b62e45c505db397dd2ada5d74f8
           make gosec
           if [[ $? != 0 ]]
           then

CONTRIBUTING.md

@@ -15,6 +15,7 @@ contribution. See the [DCO](DCO) file for details.
 
 In order to show your agreement with the DCO you should include at the end of the commit message,
 the following line:
+
 ```console
 Signed-off-by: Firstname Lastname <[email protected]>
 ```
@@ -25,21 +26,24 @@ Once you set your user.name and user.email in your git config, you can sign your
 
 ### Issues
 
-If you spot a problem with the **devfile registry operator**, [search if an issue already exists](https://github.com/devfile/api/issues?q=is%3Aissue+is%3Aopen+label%3Aarea%2Fregistry). 
+If you spot a problem with the **devfile registry operator**, [search if an issue already exists](https://github.com/devfile/api/issues?q=is%3Aissue+is%3Aopen+label%3Aarea%2Fregistry).
 
 If a related issue doesn't exist, you can open a new issue using a relevant [issue form](https://github.com/devfile/api/issues/new/choose). You can tag Devfile Registry Operator related issues with the `/area registry` text in your issue.
 
 ### Development
 
 #### First Time Setup
+
 1. Install prerequisites: see [Requirements section in README](README.md#requirements).
 
 2. Fork and clone this repository.
 
 3. Open the folder in the IDE of your choice (VS Code with Go extension, or GoLand is recommended)
 
 #### Build and Run the Operator
+
 The Makefile currently supports both Docker and Podman. To run the proper command replace `<engine>` with either `podman` or `docker` depending on your container engine.
+
 1. Log in to an OpenShift or Kubernetes cluster
 
 2. Run `export IMG=<operator-image>` where `<operator-image>` is the image repository to where you would like to push the image (e.g. `quay.io/user/registry-operator:latest`).
@@ -60,7 +64,7 @@ The Makefile currently supports both Docker and Podman. To run the proper comman
 
 By default, http/2 on the webhook server is disabled due to [CVE-2023-44487](https://github.com/advisories/GHSA-qppj-fm5r-hxr3).
 
-If you want to enable http/2 for the webhook server, build with `ENABLE_WEBHOOK_HTTP2=true make <engine>-build` or with 
+If you want to enable http/2 for the webhook server, build with `ENABLE_WEBHOOK_HTTP2=true make <engine>-build` or with
 `ENABLE_WEBHOOK_HTTP2=true make run` if running locally.
 
 ##### Using other platforms
@@ -124,15 +128,18 @@ You can use `make <engine>-build` to build your own image, `make <engine>-push`
 <!--
 Will need to be updated after the completion of https://github.com/devfile/api/issues/1523
 -->
+
 In order for `make test-integration` to properly run you must first ensure your environment is prepared for the operator. The following steps should be done **before** running `make test-integration` and
 these commands should be run from the root of the repository where the [`Makefile`](Makefile) is located.
+
 1. Run `make install-cert` and wait for pods in the `cert-manager` namespace to be running before moving to step 2.
 2. Run `make install && make deploy` and wait until pods in the `registry-operator-system` namespace are running before proceeding to step 3.
 3. Run `make test-integration` or `IMG=<your-operator-image> make test-integration` to run the integration tests.
 
 ### Submitting Pull Request
 
 **Note:** All commits must be signed off with the footer:
+
 ```
 Signed-off-by: First Lastname <[email protected]>
 ```

VERSION

@@ -1 +1 @@
-0.1.4
+0.3.0

bundle.Dockerfile

@@ -1,17 +1,3 @@
-#
-# Copyright Red Hat
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
 FROM scratch
 
 # Core bundle labels.
@@ -20,7 +6,7 @@ LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
 LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
 LABEL operators.operatorframework.io.bundle.package.v1=registry-operator
 LABEL operators.operatorframework.io.bundle.channels.v1=beta
-LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.28.0
+LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.36.0
 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
 LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3