chore: upgrade kubebuilder version to v3.10.0 (#18)

nakamasato · Jul 27, 2023 · 5f155e7 · 5f155e7
1 parent b46de05
commit 5f155e7
Show file tree

Hide file tree

Showing 23 changed files with 172 additions and 111 deletions.
diff --git a/.update-readme.sh b/.update-readme.sh
@@ -13,7 +13,7 @@ if [ $# -eq 0 ]; then
 	exit 1
 fi
 
-if [[ ! "$1" =~ ^v[0-9].[0-9].[0-9]$ ]];then
+if [[ ! "$1" =~ ^v[0-9]+.[0-9]+.[0-9]+$ ]];then
 	echo "kubebuilder version format '$1' is invalid"
 	get_latest_release "kubernetes-sigs/kubebuilder"
 	exit 1
@@ -25,7 +25,7 @@ KUBEBUILDER_VERSION=$1
 # get versions
 
 export $(grep CERT_MANAGER_VERSION= .upgrade-version.sh)
-$(grep 'export KUSTOMIZE_VERSION=' .upgrade-version.sh)
+KUSTOMIZE_VERSION=$(bin/kustomize version)
 GO_VERSION_CLI_RESULT=$(go version)
 GO_VERSION=$(echo ${GO_VERSION_CLI_RESULT} | sed 's/go version \(go[^\s]*\) [^\s]*/\1/')
 
@@ -34,7 +34,7 @@ gsed -i "s/.*Docker Engine.*/1. Docker Engine: $(docker version | grep -A 2 Serv
 gsed -i "s#\[go\](https://github.com/golang/go):.*#[go](https://github.com/golang/go): [${GO_VERSION}](https://github.com/golang/go/releases/${GO_VERSION})#g" README.md
 gsed -i "s#\[kubebuilder\](https://github.com/kubernetes-sigs/kubebuilder):.*#[kubebuilder](https://github.com/kubernetes-sigs/kubebuilder): [${KUBEBUILDER_VERSION}](https://github.com/kubernetes-sigs/kubebuilder/releases/${KUBEBUILDER_VERSION})#g" README.md
 K8S_VERSION=$(kubectl version --output=json | jq -r .serverVersion.gitVersion)
-gsed -i "s#\[Kubernetes\](https://github.com/kubernetes/kubernetes):.*#[Kubernetes](https://github.com/kubernetes/kubernetes):[${K8S_VERSION}](https://github.com/kubernetes/kubernetes/releases/tag/${K8S_VERSION})#g" README.md
+gsed -i "s#\[Kubernetes\](https://github.com/kubernetes/kubernetes):.*#[Kubernetes](https://github.com/kubernetes/kubernetes): [${K8S_VERSION}](https://github.com/kubernetes/kubernetes/releases/tag/${K8S_VERSION})#g" README.md
 KIND_VERSION=$(kind version | sed 's/kind \(v[0-9\.]*\) .*/\1/')
 gsed -i "s#\[kind\](https://github.com/kubernetes-sigs/kind):.*#[kind](https://github.com/kubernetes-sigs/kind): [${KIND_VERSION}](https://github.com/kubernetes-sigs/kind/releases/tag/${KIND_VERSION})#g" README.md
 gsed -i "s#\[kustomize](https://github.com/kubernetes-sigs/kustomize):.*#[kustomize](https://github.com/kubernetes-sigs/kustomize): [${KUSTOMIZE_VERSION}](https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2F${KUSTOMIZE_VERSION})#g" README.md

diff --git a/.upgrade-version.sh b/.upgrade-version.sh
@@ -2,12 +2,12 @@
 
 set -eux
 
-PASSWORD_CONTROLLER_GO_FILE=controllers/password_controller.go
+PASSWORD_CONTROLLER_GO_FILE=internal/controller/password_controller.go
 PASSWORD_GO_TYPE_FILE=api/v1alpha1/password_types.go
 PASSWORD_WEBHOOK_FILE=api/v1alpha1/password_webhook.go
 SAMPLE_YAML_FILE=config/samples/secret_v1alpha1_password.yaml
 CERT_MANAGER_VERSION=v1.8.0
-export KUSTOMIZE_VERSION=v4.5.5
+export CONTROLLER_TOOLS_VERSION=v0.12.0 # https://github.com/kubernetes-sigs/kubebuilder/issues/3316
 
 pre-commit
 get_latest_release() {
@@ -55,7 +55,8 @@ KEEP_FILES=(
     renovate.json
 )
 
-rm -rf api config controllers hack bin bundle
+sudo rm -rf bin
+rm -rf api config controllers hack bin bundle cmd internal
 for f in `ls` .dockerignore .gitignore; do
     if [[ ! " ${KEEP_FILES[*]} " =~ " ${f} " ]] && [ -f "$f" ]; then
         rm $f
@@ -100,6 +101,7 @@ git add .
 pre-commit run -a || true
 git commit -am "[kubebuilder] Init project"
 
+
 echo "======== INIT PROJECT COMPLETED ==========="
 
 # 2. [kubebuilder] Create API Password (Controller & Resource)
@@ -140,7 +142,7 @@ gsed -i "/PasswordSpec defines/ r tmpfile" $PASSWORD_GO_TYPE_FILE
 rm tmpfile
 
 ## fmt
-KUSTOMIZE_VERSION=4.5.5 make install
+make install
 # Check if Foo field is removed in CRD
 test "$(kubectl get crd passwords.secret.example.com -o jsonpath='{.spec.versions[].schema.openAPIV3Schema.properties.spec}' | jq '.properties == null')" = "true"
 
@@ -480,9 +482,9 @@ gsed -i '0,/apiVersion/s/apiVersion/#apiVersion/' config/default/webhookcainject
 
 gsed -i 's/#- ..\/webhook/- ..\/webhook/g' config/default/kustomization.yaml
 gsed -i 's/#- ..\/certmanager/- ..\/certmanager/g' config/default/kustomization.yaml
-gsed -i 's/#- manager_webhook_patch.yaml/- manager_webhook_patch.yaml/g' config/default/kustomization.yaml
-gsed -i 's/#- webhookcainjection_patch.yaml/- webhookcainjection_patch.yaml/g' config/default/kustomization.yaml
-gsed -i -e '/CERTIFICATE_NAMESPACE/,+25 s/#//' config/default/kustomization.yaml
+gsed -i 's/#- manager_webhook_patch.yaml/- manager_webhook_patch.yaml/g' config/default/kustomization.yaml # To enable webhook, uncomment all the sections with [WEBHOOK] prefix
+gsed -i 's/#- webhookcainjection_patch.yaml/- webhookcainjection_patch.yaml/g' config/default/kustomization.yaml  # To enable cert-manager uncomment all sections with 'CERTMANAGER' prefix.
+gsed -i -e '/#replacements:/,+96 s/#//' config/default/kustomization.yaml # To enable cert-manager uncomment all sections with 'CERTMANAGER' prefix.
 gsed -i 's/#- patches/- patches/g' config/crd/kustomization.yaml
 
 make install
@@ -499,9 +501,6 @@ while [ "$(kubectl get po -n cert-manager -o 'jsonpath={.items[*].status.contain
 done
 echo "cert-manager is ready"
 
-if [ -f bin/kustomize ]; then
-	rm bin/kustomize
-fi
 IMG=password-operator:webhook
 make docker-build IMG=$IMG
 kind load docker-image $IMG

diff --git a/Dockerfile b/Dockerfile
@@ -12,16 +12,16 @@ COPY go.sum go.sum
 RUN go mod download
 
 # Copy the go source
-COPY main.go main.go
+COPY cmd/main.go cmd/main.go
 COPY api/ api/
-COPY controllers/ controllers/
+COPY internal/controller/ internal/controller/
 
 # Build
 # the GOARCH has not a default value to allow the binary be built according to the host where the command
 # was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO
 # the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore,
 # by leaving it empty we can ensure that the container and binary shipped on it will have the same platform.
-RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager main.go
+RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details

diff --git a/Makefile b/Makefile
@@ -2,7 +2,7 @@
 # Image URL to use all building/pushing image targets
 IMG ?= controller:latest
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
-ENVTEST_K8S_VERSION = 1.26.0
+ENVTEST_K8S_VERSION = 1.26.1
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -62,11 +62,11 @@ test: manifests generate fmt vet envtest ## Run tests.
 
 .PHONY: build
 build: manifests generate fmt vet ## Build manager binary.
-	go build -o bin/manager main.go
+	go build -o bin/manager cmd/main.go
 
 .PHONY: run
 run: manifests generate fmt vet ## Run a controller from your host.
-	go run ./main.go
+	go run ./cmd/main.go
 
 # If you wish built the manager image targeting other platforms you can use the --platform flag.
 # (i.e. docker build --platform linux/arm64 ). However, you must enable docker buildKit for it.
@@ -132,8 +132,8 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
 ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
-KUSTOMIZE_VERSION ?= v3.8.7
-CONTROLLER_TOOLS_VERSION ?= v0.11.1
+KUSTOMIZE_VERSION ?= v5.0.0
+CONTROLLER_TOOLS_VERSION ?= v0.11.3
 
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize
@@ -143,7 +143,7 @@ $(KUSTOMIZE): $(LOCALBIN)
 		echo "$(LOCALBIN)/kustomize version is not expected $(KUSTOMIZE_VERSION). Removing it before installing."; \
 		rm -rf $(LOCALBIN)/kustomize; \
 	fi
-	test -s $(LOCALBIN)/kustomize || { curl -Ss $(KUSTOMIZE_INSTALL_SCRIPT) | bash -s -- $(subst v,,$(KUSTOMIZE_VERSION)) $(LOCALBIN); }
+	test -s $(LOCALBIN)/kustomize || { curl -Ss $(KUSTOMIZE_INSTALL_SCRIPT) --output install_kustomize.sh && bash install_kustomize.sh $(subst v,,$(KUSTOMIZE_VERSION)) $(LOCALBIN); rm install_kustomize.sh; }
 
 .PHONY: controller-gen
 controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. If wrong version is installed, it will be overwritten.

diff --git a/PROJECT b/PROJECT
@@ -4,7 +4,7 @@
 # More info: https://book.kubebuilder.io/reference/project-config.html
 domain: example.com
 layout:
-- go.kubebuilder.io/v3
+- go.kubebuilder.io/v4
 projectName: password-operator
 repo: example.com/password-operator
 resources:

diff --git a/README.md b/README.md
@@ -2,12 +2,12 @@
 Example Kubernetes Operator project created with kubebuilder, which manages a CRD `Password` and generates a configurable password.
 
 ## Versions
-1. Docker Engine: 20.10.20
+1. Docker Engine: 24.0.2
 1. [go](https://github.com/golang/go): [go1.19](https://github.com/golang/go/releases/go1.19)
-1. [kubebuilder](https://github.com/kubernetes-sigs/kubebuilder): [v3.9.0](https://github.com/kubernetes-sigs/kubebuilder/releases/v3.9.0)
-1. [Kubernetes](https://github.com/kubernetes/kubernetes):[v1.25.3](https://github.com/kubernetes/kubernetes/releases/tag/v1.25.3)
+1. [kubebuilder](https://github.com/kubernetes-sigs/kubebuilder): [v3.10.0](https://github.com/kubernetes-sigs/kubebuilder/releases/v3.10.0)
+1. [Kubernetes](https://github.com/kubernetes/kubernetes): [v1.25.3](https://github.com/kubernetes/kubernetes/releases/tag/v1.25.3)
 1. [kind](https://github.com/kubernetes-sigs/kind): [v0.17.0](https://github.com/kubernetes-sigs/kind/releases/tag/v0.17.0)
-1. [kustomize](https://github.com/kubernetes-sigs/kustomize): [v4.5.5](https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv4.5.5)
+1. [kustomize](https://github.com/kubernetes-sigs/kustomize): [v5.0.0](https://github.com/kubernetes-sigs/kustomize/releases/tag/kustomize%2Fv5.0.0)
 1. [cert-manager](https://github.com/cert-manager/cert-manager): [v1.8.0](https://github.com/cert-manager/cert-manager/releases/tag/v1.8.0)
 
 ## Getting Started

diff --git a/api/v1alpha1/webhook_suite_test.go b/api/v1alpha1/webhook_suite_test.go
@@ -28,7 +28,7 @@ import (
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 
-	admissionv1beta1 "k8s.io/api/admission/v1beta1"
+	admissionv1 "k8s.io/api/admission/v1"
 	//+kubebuilder:scaffold:imports
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/client-go/rest"
@@ -78,7 +78,7 @@ var _ = BeforeSuite(func() {
 	err = AddToScheme(scheme)
 	Expect(err).NotTo(HaveOccurred())
 
-	err = admissionv1beta1.AddToScheme(scheme)
+	err = admissionv1.AddToScheme(scheme)
 	Expect(err).NotTo(HaveOccurred())
 
 	//+kubebuilder:scaffold:scheme

diff --git a/main.go → cmd/main.go b/main.go → cmd/main.go
@@ -32,7 +32,7 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 
 	secretv1alpha1 "example.com/password-operator/api/v1alpha1"
-	"example.com/password-operator/controllers"
+	"example.com/password-operator/internal/controller"
 	//+kubebuilder:scaffold:imports
 )
 
@@ -89,7 +89,7 @@ func main() {
 		os.Exit(1)
 	}
 
-	if err = (&controllers.PasswordReconciler{
+	if err = (&controller.PasswordReconciler{
 		Client: mgr.GetClient(),
 		Scheme: mgr.GetScheme(),
 	}).SetupWithManager(mgr); err != nil {

diff --git a/config/certmanager/certificate.yaml b/config/certmanager/certificate.yaml
@@ -5,8 +5,8 @@ apiVersion: cert-manager.io/v1
 kind: Issuer
 metadata:
   labels:
-    app.kubernetes.io/name: issuer
-    app.kubernetes.io/instance: selfsigned-issuer
+    app.kubernetes.io/name: certificate
+    app.kubernetes.io/instance: serving-cert
     app.kubernetes.io/component: certificate
     app.kubernetes.io/created-by: password-operator
     app.kubernetes.io/part-of: password-operator
@@ -29,10 +29,10 @@ metadata:
   name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
   namespace: system
 spec:
-  # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
+  # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
   dnsNames:
-  - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
-  - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
+  - SERVICE_NAME.SERVICE_NAMESPACE.svc
+  - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
   issuerRef:
     kind: Issuer
     name: selfsigned-issuer

diff --git a/config/certmanager/kustomizeconfig.yaml b/config/certmanager/kustomizeconfig.yaml
@@ -1,16 +1,8 @@
-# This configuration is for teaching kustomize how to update name ref and var substitution
+# This configuration is for teaching kustomize how to update name ref substitution
 nameReference:
 - kind: Issuer
   group: cert-manager.io
   fieldSpecs:
   - kind: Certificate
     group: cert-manager.io
     path: spec/issuerRef/name
-
-varReference:
-- kind: Certificate
-  group: cert-manager.io
-  path: spec/commonName
-- kind: Certificate
-  group: cert-manager.io
-  path: spec/dnsNames
diff --git a/config/crd/bases/secret.example.com_passwords.yaml b/config/crd/bases/secret.example.com_passwords.yaml
@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.11.1
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.12.0
   name: passwords.secret.example.com
 spec:
   group: secret.example.com

diff --git a/config/crd/patches/cainjection_in_passwords.yaml b/config/crd/patches/cainjection_in_passwords.yaml
@@ -3,5 +3,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE/CERTIFICATE_NAME
   name: passwords.secret.example.com