diff --git a/go.mod b/go.mod index 062c661..fc3f58e 100644 --- a/go.mod +++ b/go.mod @@ -6,8 +6,8 @@ require ( github.com/go-logr/logr v1.4.1 github.com/kr/text v0.2.0 github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1 - github.com/onsi/ginkgo/v2 v2.17.1 - github.com/onsi/gomega v1.33.0 + github.com/onsi/ginkgo/v2 v2.17.3 + github.com/onsi/gomega v1.33.1 github.com/operator-framework/operator-lib v0.13.0 github.com/operator-framework/operator-registry v1.39.0 github.com/prometheus/client_golang v1.19.0 @@ -18,7 +18,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.8.4 - golang.org/x/text v0.14.0 + golang.org/x/text v0.15.0 k8s.io/api v0.29.3 k8s.io/apiextensions-apiserver v0.29.3 k8s.io/apimachinery v0.29.3 @@ -26,7 +26,7 @@ require ( k8s.io/kubectl v0.29.3 k8s.io/utils v0.0.0-20240102154912-e7106e64919e sigs.k8s.io/controller-runtime v0.17.2 - sigs.k8s.io/kubebuilder/v3 v3.14.2 + sigs.k8s.io/kubebuilder/v3 v3.15.0 sigs.k8s.io/yaml v1.4.0 ) @@ -44,7 +44,7 @@ require ( github.com/go-openapi/jsonpointer v0.20.2 // indirect github.com/go-openapi/jsonreference v0.20.4 // indirect github.com/go-openapi/swag v0.22.9 // indirect - github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gobuffalo/flect v1.0.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -53,7 +53,7 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20230907193218-d3ddc7976beb // indirect + github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect github.com/google/uuid v1.6.0 // indirect github.com/h2non/filetype v1.1.3 // indirect github.com/h2non/go-is-svg v0.0.0-20160927212452-35e8c4b0612c // indirect @@ -85,13 +85,13 @@ require ( go.uber.org/zap v1.26.0 // indirect golang.org/x/exp v0.0.0-20240213143201-ec583247a57a // indirect golang.org/x/mod v0.17.0 // indirect - golang.org/x/net v0.24.0 // indirect + golang.org/x/net v0.25.0 // indirect golang.org/x/oauth2 v0.17.0 // indirect golang.org/x/sync v0.7.0 // indirect - golang.org/x/sys v0.19.0 // indirect - golang.org/x/term v0.19.0 // indirect + golang.org/x/sys v0.20.0 // indirect + golang.org/x/term v0.20.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.20.0 // indirect + golang.org/x/tools v0.21.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240213162025-012b6fc9bca9 // indirect diff --git a/go.sum b/go.sum index 1744889..3cb52a9 100644 --- a/go.sum +++ b/go.sum @@ -96,8 +96,8 @@ github.com/go-openapi/jsonreference v0.20.4 h1:bKlDxQxQJgwpUSgOENiMPzCTBVuc7vTdX github.com/go-openapi/jsonreference v0.20.4/go.mod h1:5pZJyJP2MnYCpoeoMAql78cCHauHj0V9Lhc506VOpw4= github.com/go-openapi/swag v0.22.9 h1:XX2DssF+mQKM2DHsbgZK74y/zj4mo9I99+89xUmuZCE= github.com/go-openapi/swag v0.22.9/go.mod h1:3/OXnFfnMAwBD099SwYRk7GD3xOrr1iL7d/XNLXVVwE= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gobuffalo/flect v1.0.2 h1:eqjPGSo2WmjgY2XlpGwo2NXgL3RucAKo4k4qQMNA5sA= github.com/gobuffalo/flect v1.0.2/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= @@ -121,8 +121,8 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20230907193218-d3ddc7976beb h1:LCMfzVg3sflxTs4UvuP4D8CkoZnfHLe2qzqgDn/4OHs= -github.com/google/pprof v0.0.0-20230907193218-d3ddc7976beb/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/handlers v1.5.2 h1:cLTUSsNkgcwhgRqvCNmdbRWG0A3N4F+M2nWKdScwyEE= @@ -190,10 +190,10 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/onsi/ginkgo/v2 v2.17.1 h1:V++EzdbhI4ZV4ev0UTIj0PzhzOcReJFyJaLjtSF55M8= -github.com/onsi/ginkgo/v2 v2.17.1/go.mod h1:llBI3WDLL9Z6taip6f33H76YcWtJv+7R3HigUjbIBOs= -github.com/onsi/gomega v1.33.0 h1:snPCflnZrpMsy94p4lXVEkHo12lmPnc3vY5XBbreexE= -github.com/onsi/gomega v1.33.0/go.mod h1:+925n5YtiFsLzzafLUHzVMBpvvRAzrydIBiSIxjX3wY= +github.com/onsi/ginkgo/v2 v2.17.3 h1:oJcvKpIb7/8uLpDDtnQuf18xVnwKp8DTD7DQ6gTd/MU= +github.com/onsi/ginkgo/v2 v2.17.3/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc6 h1:XDqvyKsJEbRtATzkgItUqBA7QHk58yxX1Ov9HERHNqU= @@ -262,7 +262,6 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= @@ -326,8 +325,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= -golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/exp v0.0.0-20240213143201-ec583247a57a h1:HinSgX1tJRX3KsL//Gxynpw5CTOAIPhgL4W8PNiIpVE= golang.org/x/exp v0.0.0-20240213143201-ec583247a57a/go.mod h1:CxmFvTBINI24O/j8iY7H1xHzx2i4OsyguNBmN/uPtqc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -341,8 +340,8 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= -golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= +golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.17.0 h1:6m3ZPmLEFdVxKKWnKq4VqZ60gutO35zm+zrAHVmHyDQ= golang.org/x/oauth2 v0.17.0/go.mod h1:OzPDGQiuQMguemayvdylqddI7qcD9lnSDb+1FiwQ5HA= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -359,18 +358,18 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= -golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= -golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= +golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -378,8 +377,8 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= -golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= +golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw= +golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -439,8 +438,8 @@ sigs.k8s.io/controller-runtime v0.17.2 h1:FwHwD1CTUemg0pW2otk7/U5/i5m2ymzvOXdbeG sigs.k8s.io/controller-runtime v0.17.2/go.mod h1:+MngTvIQQQhfXtwfdGw/UOQ/aIaqsYywfCINOtwMO/s= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/kubebuilder/v3 v3.14.2 h1:LMZW8Y5eItnP4kh9tpp4Gs2Gd5V3DgLgzbNnXfMAShY= -sigs.k8s.io/kubebuilder/v3 v3.14.2/go.mod h1:gEZM8SUkewOQnpRDiewh4gmbQ1FMkT/CDlMddOg053M= +sigs.k8s.io/kubebuilder/v3 v3.15.0 h1:lQxVDKw6BM9il4jXAbeFuEnfNC1/W1GwIC75Bwogq0c= +sigs.k8s.io/kubebuilder/v3 v3.15.0/go.mod h1:/QwYUyLicWiNcdMAmV5lfWoslWz9Ro9L+AK8UQrQxbI= sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4= sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= diff --git a/hack/generate/samples/ansible/advanced_molecule.go b/hack/generate/samples/ansible/advanced_molecule.go index ae77ce0..fa8faa7 100644 --- a/hack/generate/samples/ansible/advanced_molecule.go +++ b/hack/generate/samples/ansible/advanced_molecule.go @@ -70,6 +70,12 @@ func ImplementAdvancedMolecule(sample sample.Sample, image string) { "size: 3") pkg.CheckError("updating spec of inventorytest sample", err) + log.Info("enabling metrics in the manager") + err = kbutil.UncommentCode( + filepath.Join(sample.Dir(), "config", "default", "kustomization.yaml"), + "#- path: manager_metrics_patch.yaml", "#") + pkg.CheckError("enabling metrics endpoint", err) + removeFixmeFromPlaybooks(sample.Dir(), sample.GVKs()) updatePlaybooks(sample.Dir()) addMocksFromTestdata(sample.Dir(), sample.CommandContext()) @@ -116,7 +122,7 @@ func updateConfig(dir string) { log.Info("adding manager arg") const ansibleVaultArg = ` - - --ansible-args='--vault-password-file /opt/ansible/pwd.yml'` + - --ansible-args='--vault-password-file /opt/ansible/pwd.yml'` err = kbutil.InsertCode( filepath.Join(dir, "config", "manager", "manager.yaml"), "- --leader-election-id=advanced-molecule-operator", @@ -139,7 +145,7 @@ func updateConfig(dir string) { const managerAuthArgs = ` - "--ansible-args='--vault-password-file /opt/ansible/pwd.yml'"` err = kbutil.InsertCode( - filepath.Join(dir, "config", "default", "manager_auth_proxy_patch.yaml"), + filepath.Join(dir, "config", "default", "manager_metrics_patch.yaml"), "- \"--leader-elect\"", managerAuthArgs) pkg.CheckError("adding vaulting args to the proxy auth", err) @@ -194,7 +200,6 @@ func addMocksFromTestdata(dir string, cc command.CommandContext) { cmd = exec.Command("cp", filepath.Join(testDataAbsPath, "/playbooks/finalizerconcurrencyfinalizer.yml"), filepath.Join(dir, "playbooks/finalizerconcurrencyfinalizer.yml")) _, err = cc.Run(cmd) pkg.CheckError("adding finalizer for finalizerconccurencytest", err) - } func updateDockerfile(dir string) { diff --git a/hack/generate/samples/ansible/memcached_molecule.go b/hack/generate/samples/ansible/memcached_molecule.go index 66fd97d..7685d15 100644 --- a/hack/generate/samples/ansible/memcached_molecule.go +++ b/hack/generate/samples/ansible/memcached_molecule.go @@ -29,7 +29,6 @@ import ( ) func ImplementMemcachedMolecule(sample sample.Sample, image string) { - for _, gvk := range sample.GVKs() { moleculeTaskPath := filepath.Join(sample.Dir(), "molecule", "default", "tasks", fmt.Sprintf("%s_test.yml", strings.ToLower(gvk.Kind))) @@ -73,7 +72,6 @@ func ImplementMemcachedMolecule(sample sample.Sample, image string) { fixmeAssert, "") pkg.CheckError(fmt.Sprintf("replacing %s_test.yml", strings.ToLower(gvk.Kind)), err) } - } log.Info("replacing project Dockerfile to use ansible base image with the dev tag") @@ -125,4 +123,10 @@ func ImplementMemcachedMolecule(sample sample.Sample, image string) { err = kbutil.InsertCode(filepath.Join(sample.Dir(), "config", "testing", "kustomization.yaml"), "patchesStrategicMerge:", fmt.Sprintf("\n- %s", watchNamespacePatchFileName)) pkg.CheckError("inserting in kustomization.yaml", err) + + log.Info("enabling metrics in the manager") + err = kbutil.UncommentCode( + filepath.Join(sample.Dir(), "config", "default", "kustomization.yaml"), + "#- path: manager_metrics_patch.yaml", "#") + pkg.CheckError("enabling metrics endpoint", err) } diff --git a/internal/ansible/apiserver/apiserver.go b/internal/ansible/apiserver/apiserver.go index dca20ab..2b035fb 100644 --- a/internal/ansible/apiserver/apiserver.go +++ b/internal/ansible/apiserver/apiserver.go @@ -73,5 +73,4 @@ func metricsHandler(w http.ResponseWriter, r *http.Request) { default: http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) } - } diff --git a/internal/ansible/controller/reconcile.go b/internal/ansible/controller/reconcile.go index cc0e3a5..6502599 100644 --- a/internal/ansible/controller/reconcile.go +++ b/internal/ansible/controller/reconcile.go @@ -293,7 +293,6 @@ func (r *AnsibleOperatorReconciler) printAnsibleResult(result runner.RunResult, } func (r *AnsibleOperatorReconciler) markRunning(ctx context.Context, nn types.NamespacedName, u *unstructured.Unstructured) error { - // Get the latest resource to prevent updating a stale status. if err := r.APIReader.Get(ctx, nn, u); err != nil { return err @@ -326,7 +325,6 @@ func (r *AnsibleOperatorReconciler) markRunning(ctx context.Context, nn types.Na // i.e Annotations that could be incorrect func (r *AnsibleOperatorReconciler) markError(ctx context.Context, nn types.NamespacedName, u *unstructured.Unstructured, failureMessage string) error { - logger := logf.Log.WithName("markError") // Immediately update metrics with failed reconciliation, since Get() // may fail. @@ -368,7 +366,6 @@ func (r *AnsibleOperatorReconciler) markError(ctx context.Context, nn types.Name func (r *AnsibleOperatorReconciler) markDone(ctx context.Context, nn types.NamespacedName, u *unstructured.Unstructured, statusEvent eventapi.StatusJobEvent, failureMessages eventapi.FailureMessages) error { - logger := logf.Log.WithName("markDone") // Get the latest resource to prevent updating a stale status. if err := r.APIReader.Get(ctx, nn, u); err != nil { diff --git a/internal/ansible/controller/reconcile_test.go b/internal/ansible/controller/reconcile_test.go index d705f01..7c2bfb3 100644 --- a/internal/ansible/controller/reconcile_test.go +++ b/internal/ansible/controller/reconcile_test.go @@ -82,7 +82,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -152,7 +152,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventRunnerOnFailed, Created: eventapi.EventTime{Time: eventTime}, EventData: map[string]interface{}{ @@ -161,7 +161,7 @@ func TestReconcile(t *testing.T) { }, }, }, - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -230,7 +230,7 @@ func TestReconcile(t *testing.T) { ManageStatus: false, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventRunnerOnFailed, Created: eventapi.EventTime{Time: eventTime}, EventData: map[string]interface{}{ @@ -239,7 +239,7 @@ func TestReconcile(t *testing.T) { }, }, }, - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -271,7 +271,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -353,7 +353,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -408,7 +408,7 @@ func TestReconcile(t *testing.T) { ReconcilePeriod: 5 * time.Second, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Created: eventapi.EventTime{Time: eventTime}, }, }, @@ -458,7 +458,7 @@ func TestReconcile(t *testing.T) { ManageStatus: false, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, diff --git a/internal/ansible/flags/flag.go b/internal/ansible/flags/flag.go index f05ed1d..b50ccef 100644 --- a/internal/ansible/flags/flag.go +++ b/internal/ansible/flags/flag.go @@ -49,10 +49,6 @@ type Flags struct { EnableHTTP2 bool SecureMetrics bool - // Path to a controller-runtime componentconfig file. - // If this is empty, use default values. - ManagerConfigPath string - // If not nil, used to deduce which flags were set in the CLI. flagSet *pflag.FlagSet } @@ -112,14 +108,6 @@ func (f *Flags) AddTo(flagSet *pflag.FlagSet) { "Maximum number of concurrent reconciles for controllers. Overridden by environment variable.", ) - // Controller manager flags. - flagSet.StringVar(&f.ManagerConfigPath, - "config", - "", - "The controller will load its initial configuration from this file. "+ - "Omit this flag to use the default configuration values. "+ - "Command-line flags override configuration from this file.", - ) // TODO(2.0.0): remove flagSet.StringVar(&f.MetricsBindAddress, "metrics-addr", diff --git a/internal/ansible/paramconv/paramconv.go b/internal/ansible/paramconv/paramconv.go index 4e28383..fd53dbd 100644 --- a/internal/ansible/paramconv/paramconv.go +++ b/internal/ansible/paramconv/paramconv.go @@ -82,7 +82,6 @@ func ToCamel(s string) string { // If the last character of the special word is an "s" (i.e plural of the word // found in wordMapping), it is considered a part of that word and will be capitalized. func preprocessWordMapping(value string) string { - for _, word := range wordMapping { idx := strings.Index(value, word) if idx >= 0 { diff --git a/internal/ansible/proxy/cache_response.go b/internal/ansible/proxy/cache_response.go index e874fc4..12807e0 100644 --- a/internal/ansible/proxy/cache_response.go +++ b/internal/ansible/proxy/cache_response.go @@ -75,7 +75,7 @@ func (c *cacheResponseHandler) ServeHTTP(w http.ResponseWriter, req *http.Reques } if c.restMapper == nil { - c.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{schema.GroupVersion{ + c.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{{ Group: r.APIGroup, Version: r.APIVersion, }}) @@ -153,7 +153,6 @@ func (c *cacheResponseHandler) ServeHTTP(w http.ResponseWriter, req *http.Reques // skipCacheLookup - determine if we should skip the cache lookup func (c *cacheResponseHandler) skipCacheLookup(r *k8sRequest.RequestInfo, gvk schema.GroupVersionKind, req *http.Request) bool { - skip := matchesRegexp(req.URL.String(), c.skipPathRegexp) if skip { return true diff --git a/internal/ansible/proxy/inject_owner.go b/internal/ansible/proxy/inject_owner.go index 98d9c26..901c9b3 100644 --- a/internal/ansible/proxy/inject_owner.go +++ b/internal/ansible/proxy/inject_owner.go @@ -69,7 +69,7 @@ func (i *injectOwnerReferenceHandler) ServeHTTP(w http.ResponseWriter, req *http } if i.restMapper == nil { - i.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{schema.GroupVersion{ + i.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{{ Group: r.APIGroup, Version: r.APIVersion, }}) diff --git a/internal/ansible/proxy/proxy.go b/internal/ansible/proxy/proxy.go index 31aa04b..d9801b9 100644 --- a/internal/ansible/proxy/proxy.go +++ b/internal/ansible/proxy/proxy.go @@ -198,7 +198,6 @@ func addWatchToController(owner kubeconfig.NamespacedOwnerReference, cMap *contr m := fmt.Sprintf("Could not get rest mapping for: %v", resource.GroupVersionKind()) log.Error(err, m) return err - } ownerGV, err := schema.ParseGroupVersion(owner.APIVersion) if err != nil { diff --git a/internal/ansible/proxy/requestfactory/requestinfo.go b/internal/ansible/proxy/requestfactory/requestinfo.go index 5d3d73b..8b40ba5 100644 --- a/internal/ansible/proxy/requestfactory/requestinfo.go +++ b/internal/ansible/proxy/requestfactory/requestinfo.go @@ -173,7 +173,6 @@ func (r *RequestInfoFactory) NewRequestInfo(req *http.Request) (*RequestInfo, er requestInfo.Verb = currentParts[0] currentParts = currentParts[1:] - } else { switch req.Method { case "POST": diff --git a/internal/ansible/runner/runner.go b/internal/ansible/runner/runner.go index 95d19ed..3b47308 100644 --- a/internal/ansible/runner/runner.go +++ b/internal/ansible/runner/runner.go @@ -294,7 +294,6 @@ func (r *runner) Run(ident string, u *unstructured.Unstructured, kubeconfig stri if err = os.Symlink(currentRun, latestArtifacts); err != nil { logger.Error(err, "Error symlinking latest artifacts") } - }() return &runResult{ diff --git a/internal/ansible/runner/runner_test.go b/internal/ansible/runner/runner_test.go index 3a35e21..3f0eb5d 100644 --- a/internal/ansible/runner/runner_test.go +++ b/internal/ansible/runner/runner_test.go @@ -185,7 +185,6 @@ func TestNew(t *testing.T) { if _, ok := parameters[tc.desiredObjectKey]; !ok { t.Fatalf("Did not find expected objKey %v in parameters %+v", tc.desiredObjectKey, parameters) } - } if testRunnerStruct.GVK != testWatch.GroupVersionKind { diff --git a/internal/ansible/watches/watches.go b/internal/ansible/watches/watches.go index 300bfe0..6d03de4 100644 --- a/internal/ansible/watches/watches.go +++ b/internal/ansible/watches/watches.go @@ -499,5 +499,4 @@ func getIntegerEnvMaxReconcile(envVarMaxWorker, envVarMaxReconciler string, defV } } return val - } diff --git a/internal/ansible/watches/watches_test.go b/internal/ansible/watches/watches_test.go index 88291a9..eede4e9 100644 --- a/internal/ansible/watches/watches_test.go +++ b/internal/ansible/watches/watches_test.go @@ -138,7 +138,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo twoSeconds := metav1.Duration{Duration: time.Second * 2} validWatches := []Watch{ - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -152,7 +152,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo SnakeCaseParameters: true, MarkUnsafe: false, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -163,7 +163,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ReconcilePeriod: twoSeconds, MarkUnsafe: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -180,7 +180,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Vars: map[string]interface{}{"sentinel": "finalizer_running"}, }, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -192,7 +192,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo WatchDependentResources: true, WatchClusterScopedResources: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -202,7 +202,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ReconcilePeriod: zeroSeconds, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -211,7 +211,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Playbook: validTemplate.ValidPlaybook, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -220,7 +220,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Playbook: validTemplate.ValidPlaybook, ManageStatus: false, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -229,7 +229,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Playbook: validTemplate.ValidPlaybook, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -243,7 +243,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Vars: map[string]interface{}{"sentinel": "finalizer_running"}, }, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -256,7 +256,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Vars: map[string]interface{}{"sentinel": "finalizer_running"}, }, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -266,7 +266,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, MaxConcurrentReconciles: 1, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -276,7 +276,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, MaxConcurrentReconciles: 1, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -286,7 +286,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, MaxConcurrentReconciles: 4, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -296,7 +296,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, AnsibleVerbosity: 2, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -306,7 +306,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, AnsibleVerbosity: 2, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -316,7 +316,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, AnsibleVerbosity: 4, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -326,7 +326,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, Vars: map[string]interface{}{"sentinel": "reconciling"}, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -335,7 +335,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Role: filepath.Join(cwd, "testdata", "ansible_collections", "nameSpace", "collection", "roles", "someRole"), ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -361,7 +361,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo }, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -494,7 +494,6 @@ func TestLoad(t *testing.T) { //nolint:gocyclo } for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - // Test Load with ANSIBLE_ROLES_PATH var if tc.shouldSetAnsibleRolePathEnvVar { anisbleEnvVar := "path/invalid:/path/invalid/myroles:" + wd @@ -502,7 +501,6 @@ func TestLoad(t *testing.T) { //nolint:gocyclo defer os.Unsetenv("ANSIBLE_ROLES_PATH") } if tc.shouldSetAnsibleCollectionPathEnvVar { - ansibleCollectionPathEnv := filepath.Join(wd, "testdata") os.Setenv("ANSIBLE_COLLECTIONS_PATH", ansibleCollectionPathEnv) defer os.Unsetenv("ANSIBLE_COLLECTIONS_PATH") @@ -865,7 +863,6 @@ func TestGetPossibleRolePaths(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - if len(tt.args.rolesEnv) > 0 { os.Setenv("ANSIBLE_ROLES_PATH", tt.args.rolesEnv) defer os.Unsetenv("ANSIBLE_ROLES_PATH") diff --git a/internal/cmd/ansible-operator/run/cmd.go b/internal/cmd/ansible-operator/run/cmd.go index 20c0f65..1eeda68 100644 --- a/internal/cmd/ansible-operator/run/cmd.go +++ b/internal/cmd/ansible-operator/run/cmd.go @@ -27,7 +27,6 @@ import ( "github.com/go-logr/logr" "github.com/spf13/cobra" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" - ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/cache" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/client/config" @@ -97,17 +96,6 @@ func run(cmd *cobra.Command, f *flags.Flags) { options manager.Options err error ) - if f.ManagerConfigPath != "" { - // TODO: option to load from config file is deprecated. This will also be removed from here when - // componentConfig option is removed. - // - // Refer: https://github.com/kubernetes-sigs/controller-runtime/issues/895 - cfgLoader := ctrl.ConfigFile().AtPath(f.ManagerConfigPath) //nolint:staticcheck - if options, err = options.AndFrom(cfgLoader); err != nil { //nolint:staticcheck - log.Error(err, "Unable to load the manager config file") - os.Exit(1) - } - } exitIfUnsupported(options) cfg, err := config.GetConfig() diff --git a/internal/util/bundleutil/bundleutil.go b/internal/util/bundleutil/bundleutil.go index eb75456..7d5012e 100644 --- a/internal/util/bundleutil/bundleutil.go +++ b/internal/util/bundleutil/bundleutil.go @@ -195,7 +195,6 @@ func copyOperatorManifests(src, dest string) error { // BuildBundleImage builds the bundle image with the provided command or using // docker build command. func (meta *BundleMetaData) BuildBundleImage(tag string) error { - img := fmt.Sprintf("%s:%s", meta.BaseImage, tag) // switch back to current working directory, so that subsequent diff --git a/internal/util/k8sutil/api.go b/internal/util/k8sutil/api.go index 92a3134..8163bfe 100644 --- a/internal/util/k8sutil/api.go +++ b/internal/util/k8sutil/api.go @@ -37,7 +37,6 @@ func GetCustomResourceDefinitions(crdsDir string) ( v1crds []apiextv1.CustomResourceDefinition, v1beta1crds []apiextv1beta1.CustomResourceDefinition, err error) { - infos, err := os.ReadDir(crdsDir) if err != nil { return nil, nil, err @@ -98,7 +97,6 @@ func GetCustomResourceDefinitions(crdsDir string) ( } crGVKSet[gvk] = struct{}{} } - } if err = scanner.Err(); err != nil { return nil, nil, fmt.Errorf("error scanning %s: %w", path, err) diff --git a/pkg/plugins/ansible/v1/init.go b/pkg/plugins/ansible/v1/init.go index 235e63e..1821ac2 100644 --- a/pkg/plugins/ansible/v1/init.go +++ b/pkg/plugins/ansible/v1/init.go @@ -108,8 +108,7 @@ func (p *initSubcommand) InjectConfig(c config.Config) error { } func (p *initSubcommand) Scaffold(fs machinery.Filesystem) error { - - if err := addInitCustomizations(p.config.GetProjectName(), p.config.IsComponentConfig()); err != nil { + if err := addInitCustomizations(p.config.GetProjectName()); err != nil { return fmt.Errorf("error updating init manifests: %s", err) } @@ -152,41 +151,34 @@ func (p *initSubcommand) PostScaffold() error { } // addInitCustomizations will perform the required customizations for this plugin on the common base -func addInitCustomizations(projectName string, componentConfig bool) error { +func addInitCustomizations(projectName string) error { + roleFile := filepath.Join("config", "rbac", "role.yaml") + + // We have our own base role file, so we remove the default one + if err := os.Remove(roleFile); err != nil && !os.IsNotExist(err) { + return err + } + managerFile := filepath.Join("config", "manager", "manager.yaml") - managerProxyPatchFile := filepath.Join("config", "default", "manager_auth_proxy_patch.yaml") + managerMetricsPatchFile := filepath.Join("config", "default", "manager_metrics_patch.yaml") // todo: we ought to use afero instead. Replace this methods to insert/update // by https://github.com/kubernetes-sigs/kubebuilder/pull/2119 // Add leader election - if componentConfig { - err := util.InsertCode(managerFile, - "- /manager", - fmt.Sprintf("\n args:\n - --leader-election-id=%s", projectName)) - if err != nil { - return err - } - err = util.InsertCode(managerProxyPatchFile, - "memory: 64Mi", - fmt.Sprintf("\n - name: manager\n args:\n - \"--leader-election-id=%s\"", projectName)) - if err != nil { - return err - } - } else { - err := util.InsertCode(managerFile, - "--leader-elect", - fmt.Sprintf("\n - --leader-election-id=%s", projectName)) - if err != nil { - return err - } - err = util.InsertCode(managerProxyPatchFile, - "- \"--leader-elect\"", - fmt.Sprintf("\n - \"--leader-election-id=%s\"", projectName)) - if err != nil { - return err - } + err := util.InsertCode(managerFile, + "--leader-elect", + fmt.Sprintf("\n - --leader-election-id=%s", projectName)) + if err != nil { + return err + } + + err = util.InsertCode(managerMetricsPatchFile, + "- \"--metrics-bind-address=0.0.0.0:8080\"", + fmt.Sprintf("\n - \"--leader-elect\"\n - \"--leader-election-id=%s\"\n - \"--health-probe-bind-address=:6789\"", projectName)) + if err != nil { + return err } // update default resource request and limits with bigger values @@ -208,7 +200,7 @@ func addInitCustomizations(projectName string, componentConfig bool) error { memory: 256Mi ` - err := util.ReplaceInFile(managerFile, resourcesLimitsFragment, resourcesLimitsAnsibleFragment) + err = util.ReplaceInFile(managerFile, resourcesLimitsFragment, resourcesLimitsAnsibleFragment) if err != nil { return err } @@ -226,29 +218,11 @@ func addInitCustomizations(projectName string, componentConfig bool) error { // replace the default ports because ansible has been using another one // todo: remove it when we be able to change the port for the default one // issue: https://github.com/operator-framework/ansible-operator-plugins/issues/4331 - err = util.ReplaceInFile(managerFile, "port: 8081", "port: 6789") + err = util.ReplaceInFile(managerFile, "8081", "6789") if err != nil { return err } - if componentConfig { - managerConfigFile := filepath.Join("config", "manager", "controller_manager_config.yaml") - err = util.ReplaceInFile(managerConfigFile, "8081", "6789") - if err != nil { - return err - } - // Remove the webhook option for the componentConfig since webhooks are not supported by ansible - err = util.ReplaceInFile(managerConfigFile, "webhook:\n port: 9443", "") - if err != nil { - return err - } - } else { - err = util.ReplaceInFile(managerProxyPatchFile, "8081", "6789") - if err != nil { - return err - } - } - // Remove the call to the command as manager. Helm/Ansible has not been exposing this entrypoint // todo: provide the manager entrypoint for helm/ansible and then remove it const command = `command: diff --git a/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go b/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go index 95bbd09..9d699a3 100644 --- a/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go +++ b/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go @@ -53,7 +53,7 @@ namePrefix: osdk- patchesStrategicMerge: - manager_image.yaml - debug_logs_patch.yaml -- ../default/manager_auth_proxy_patch.yaml +- ../default/manager_metrics_patch.yaml apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization diff --git a/pkg/plugins/util/cleanup.go b/pkg/plugins/util/cleanup.go index 69a9631..a4944e1 100644 --- a/pkg/plugins/util/cleanup.go +++ b/pkg/plugins/util/cleanup.go @@ -21,14 +21,12 @@ import ( "os" "path/filepath" - kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" - log "github.com/sirupsen/logrus" + kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" ) // RemoveKustomizeCRDManifests removes items in config/crd relating to CRD conversion webhooks. func RemoveKustomizeCRDManifests() error { - pathsToRemove := []string{ filepath.Join("config", "crd", "kustomizeconfig.yaml"), } @@ -60,7 +58,6 @@ func RemoveKustomizeCRDManifests() error { // UpdateKustomizationsInit updates certain parts of or removes entire kustomization.yaml files // that are either not used by certain Init plugins or are created by preceding Init plugins. func UpdateKustomizationsInit() error { - defaultKFile := filepath.Join("config", "default", "kustomization.yaml") if err := kbutil.ReplaceInFile(defaultKFile, ` @@ -192,7 +189,6 @@ func UpdateKustomizationsInit() error { // UpdateKustomizationsCreateAPI updates certain parts of or removes entire kustomization.yaml files // that are either not used by certain CreateAPI plugins or are created by preceding CreateAPI plugins. func UpdateKustomizationsCreateAPI() error { - crdKFile := filepath.Join("config", "crd", "kustomization.yaml") if crdKBytes, err := os.ReadFile(crdKFile); err != nil && !errors.Is(err, os.ErrNotExist) { log.Debugf("Error reading kustomization for substitution: %v", err) diff --git a/pkg/testutils/command/command.go b/pkg/testutils/command/command.go index e1821c0..5e352c9 100644 --- a/pkg/testutils/command/command.go +++ b/pkg/testutils/command/command.go @@ -69,7 +69,6 @@ func NewGenericCommandContext(opts ...GenericCommandContextOptions) *GenericComm // Run runs a given command and will append any extra paths to the configured directory func (gcc *GenericCommandContext) Run(cmd *exec.Cmd, path ...string) ([]byte, error) { - dir := strings.Join(append([]string{gcc.dir}, path...), "/") // make the directory if it does not already exist if dir != "" { diff --git a/pkg/testutils/e2e/metrics/helpers.go b/pkg/testutils/e2e/metrics/helpers.go index 4a8c1fb..7247818 100644 --- a/pkg/testutils/e2e/metrics/helpers.go +++ b/pkg/testutils/e2e/metrics/helpers.go @@ -1,59 +1,25 @@ package metrics import ( - "encoding/base64" "fmt" - "strings" "time" "github.com/onsi/ginkgo/v2" "github.com/onsi/gomega" + "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/kubernetes" "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/sample" - "github.com/operator-framework/ansible-operator-plugins/test/common" ) // GetMetrics creates a pod with the permissions to `curl` metrics. It will then return the output of the `curl` pod func GetMetrics(sample sample.Sample, kubectl kubernetes.Kubectl, metricsClusterRoleBindingName string) string { - ginkgo.By("granting permissions to access the metrics and read the token") - out, err := kubectl.Command("create", "clusterrolebinding", metricsClusterRoleBindingName, - fmt.Sprintf("--clusterrole=%s-metrics-reader", sample.Name()), - fmt.Sprintf("--serviceaccount=%s:%s", kubectl.Namespace(), kubectl.ServiceAccount())) - fmt.Println("OUT --", out) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - - // As of Kubernetes 1.24 a ServiceAccount no longer has a ServiceAccount token secret autogenerated. We have to create it manually here - ginkgo.By("Creating the ServiceAccount token") - secretFile, err := common.GetSASecret(kubectl.ServiceAccount(), sample.Dir()) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - gomega.Eventually(func() error { - out, err = kubectl.Apply(true, "-f", secretFile) - fmt.Println("OUT -- ", out) - return err - }, time.Minute, time.Second).Should(gomega.Succeed()) - - ginkgo.By("reading the metrics token") - // Filter token query by service account in case more than one exists in a namespace. - query := fmt.Sprintf(`{.items[?(@.metadata.annotations.kubernetes\.io/service-account\.name=="%s")].data.token}`, - kubectl.ServiceAccount(), - ) - out, err = kubectl.Get(true, "secrets") - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - fmt.Println("OUT --", out) - b64Token, err := kubectl.Get(true, "secrets", "-o=jsonpath="+query) - fmt.Println("OUT--", b64Token) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - token, err := base64.StdEncoding.DecodeString(strings.TrimSpace(b64Token)) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - gomega.Expect(len(token)).To(gomega.BeNumerically(">", 0)) - ginkgo.By("creating a curl pod") cmdOpts := []string{ "run", "curl", "--image=curlimages/curl:7.68.0", "--restart=OnFailure", "--", - "curl", "-v", "-k", "-H", fmt.Sprintf(`Authorization: Bearer %s`, token), - fmt.Sprintf("https://%s-controller-manager-metrics-service.%s.svc:8443/metrics", sample.Name(), kubectl.Namespace()), + "curl", "-v", + fmt.Sprintf("http://%s-controller-manager-metrics-service.%s.svc:8080/metrics", sample.Name(), kubectl.Namespace()), } - out, err = kubectl.CommandInNamespace(cmdOpts...) + out, err := kubectl.CommandInNamespace(cmdOpts...) fmt.Println("OUT --", out) gomega.Expect(err).NotTo(gomega.HaveOccurred()) @@ -80,7 +46,7 @@ func GetMetrics(sample sample.Sample, kubectl kubernetes.Kubectl, metricsCluster gomega.ExpectWithOffset(1, err).NotTo(gomega.HaveOccurred()) return metricsOutput } - gomega.Eventually(getCurlLogs, time.Minute, time.Second).Should(gomega.ContainSubstring("< HTTP/2 200")) + gomega.Eventually(getCurlLogs, time.Minute, time.Second).Should(gomega.ContainSubstring("< HTTP/1.1 200")) return metricsOutput } @@ -92,10 +58,5 @@ func CleanUpMetrics(kubectl kubernetes.Kubectl, metricsClusterRoleBindingName st return fmt.Errorf("encountered an error when deleting the metrics pod: %w", err) } - _, err = kubectl.Delete(false, "clusterrolebinding", metricsClusterRoleBindingName) - if err != nil { - return fmt.Errorf("encountered an error when deleting the metrics clusterrolebinding: %w", err) - } - return nil } diff --git a/test/e2e/ansible/cluster_test.go b/test/e2e/ansible/cluster_test.go index 73167d7..3fa40fa 100644 --- a/test/e2e/ansible/cluster_test.go +++ b/test/e2e/ansible/cluster_test.go @@ -22,6 +22,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "k8s.io/apimachinery/pkg/runtime/schema" kbtutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" @@ -111,9 +112,9 @@ var _ = Describe("Running ansible projects", func() { return logOutput } Eventually(managerContainerLogs, time.Minute, time.Second).Should(ContainSubstring( - "Ansible-runner exited successfully")) - Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("failed=1")) - Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("[Gathering Facts]")) + "Ansible-runner exited successfully"), "manager logs: %s", managerContainerLogs()) + Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("failed=1"), "manager logs: %s", managerContainerLogs()) + Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("[Gathering Facts]"), "manager logs: %s", managerContainerLogs()) By("ensuring no liveness probe fail events") verifyControllerProbe := func() string { diff --git a/test/e2e/ansible/suite_test.go b/test/e2e/ansible/suite_test.go index 47de4a7..e896a68 100644 --- a/test/e2e/ansible/suite_test.go +++ b/test/e2e/ansible/suite_test.go @@ -24,11 +24,11 @@ import ( "testing" "time" - kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" - . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" + "github.com/operator-framework/ansible-operator-plugins/hack/generate/samples/ansible" "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/command" "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/e2e/kind" @@ -79,7 +79,7 @@ var _ = BeforeSuite(func() { // --------------------------------------------------- By("enabling debug logging in the manager") - err = kbutil.ReplaceInFile(filepath.Join(ansibleSample.Dir(), "config", "default", "manager_auth_proxy_patch.yaml"), + err = kbutil.ReplaceInFile(filepath.Join(ansibleSample.Dir(), "config", "default", "manager_metrics_patch.yaml"), "- \"--leader-elect\"", "- \"--zap-log-level=2\"\n - \"--leader-elect\"") Expect(err).NotTo(HaveOccurred()) diff --git a/testdata/memcached-molecule-operator/config/default/kustomization.yaml b/testdata/memcached-molecule-operator/config/default/kustomization.yaml index e8ce9a3..5410415 100644 --- a/testdata/memcached-molecule-operator/config/default/kustomization.yaml +++ b/testdata/memcached-molecule-operator/config/default/kustomization.yaml @@ -22,7 +22,7 @@ resources: - ../prometheus patches: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- path: manager_auth_proxy_patch.yaml +# [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. +# More info: https://book.kubebuilder.io/reference/metrics +# If you want to expose the metric endpoint of your controller-manager uncomment the following line. +- path: manager_metrics_patch.yaml diff --git a/testdata/memcached-molecule-operator/config/default/manager_auth_proxy_patch.yaml b/testdata/memcached-molecule-operator/config/default/manager_auth_proxy_patch.yaml deleted file mode 100644 index 9e7c9f5..0000000 --- a/testdata/memcached-molecule-operator/config/default/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,40 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.16.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - ports: - - containerPort: 8443 - protocol: TCP - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - - name: manager - args: - - "--health-probe-bind-address=:6789" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" - - "--leader-election-id=memcached-molecule-operator" diff --git a/testdata/memcached-molecule-operator/config/default/manager_metrics_patch.yaml b/testdata/memcached-molecule-operator/config/default/manager_metrics_patch.yaml new file mode 100644 index 0000000..9aa84c7 --- /dev/null +++ b/testdata/memcached-molecule-operator/config/default/manager_metrics_patch.yaml @@ -0,0 +1,16 @@ +# This patch adds the args to allow exposing the metrics endpoint securely +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--metrics-bind-address=0.0.0.0:8080" + - "--leader-elect" + - "--leader-election-id=memcached-molecule-operator" + - "--health-probe-bind-address=:6789" diff --git a/testdata/memcached-molecule-operator/config/manager/manager.yaml b/testdata/memcached-molecule-operator/config/manager/manager.yaml index d4a0f23..2b60cd9 100644 --- a/testdata/memcached-molecule-operator/config/manager/manager.yaml +++ b/testdata/memcached-molecule-operator/config/manager/manager.yaml @@ -59,8 +59,10 @@ spec: # type: RuntimeDefault containers: - args: - - --leader-elect - - --leader-election-id=memcached-molecule-operator + - --leader-elect + - --leader-election-id=memcached-molecule-operator + - --health-probe-bind-address=:6789 + - --metrics-bind-address=0 image: controller:latest name: manager env: diff --git a/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml b/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml index ccd442c..5e02113 100644 --- a/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml +++ b/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml @@ -11,11 +11,8 @@ metadata: spec: endpoints: - path: /metrics - port: https - scheme: https - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - tlsConfig: - insecureSkipVerify: true + port: http # Ensure this is the name of the port that exposes HTTP metrics + scheme: http selector: matchLabels: control-plane: controller-manager diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_client_clusterrole.yaml b/testdata/memcached-molecule-operator/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 5e3faab..0000000 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: memcached-molecule-operator - app.kubernetes.io/managed-by: kustomize - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role.yaml b/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index 65c57ef..0000000 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: memcached-molecule-operator - app.kubernetes.io/managed-by: kustomize - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role_binding.yaml b/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index d1334ea..0000000 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/name: memcached-molecule-operator - app.kubernetes.io/managed-by: kustomize - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml b/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml index ef15b7b..33c9072 100644 --- a/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml @@ -9,13 +9,7 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml +- metrics_service.yaml # For each CRD, "Editor" and "Viewer" roles are scaffolded by # default, aiding admins in cluster management. Those roles are # not used by the Project itself. You can comment the following lines @@ -28,3 +22,4 @@ resources: - foo_viewer_role.yaml - memcached_editor_role.yaml - memcached_viewer_role.yaml + diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_service.yaml b/testdata/memcached-molecule-operator/config/rbac/metrics_service.yaml similarity index 86% rename from testdata/memcached-molecule-operator/config/rbac/auth_proxy_service.yaml rename to testdata/memcached-molecule-operator/config/rbac/metrics_service.yaml index 8ef67ed..5559b8a 100644 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_service.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/metrics_service.yaml @@ -9,9 +9,9 @@ metadata: namespace: system spec: ports: - - name: https - port: 8443 + - name: http + port: 8080 protocol: TCP - targetPort: https + targetPort: 8080 selector: control-plane: controller-manager diff --git a/testdata/memcached-molecule-operator/config/testing/kustomization.yaml b/testdata/memcached-molecule-operator/config/testing/kustomization.yaml index 1267637..ba56049 100644 --- a/testdata/memcached-molecule-operator/config/testing/kustomization.yaml +++ b/testdata/memcached-molecule-operator/config/testing/kustomization.yaml @@ -11,7 +11,7 @@ patchesStrategicMerge: - watch_namespace_patch.yaml - manager_image.yaml - debug_logs_patch.yaml -- ../default/manager_auth_proxy_patch.yaml +- ../default/manager_metrics_patch.yaml apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization