diff --git a/go.mod b/go.mod index 889f15a..19cd84f 100644 --- a/go.mod +++ b/go.mod @@ -6,8 +6,8 @@ require ( github.com/go-logr/logr v1.4.1 github.com/kr/text v0.2.0 github.com/maxbrunsfeld/counterfeiter/v6 v6.8.1 - github.com/onsi/ginkgo/v2 v2.14.0 - github.com/onsi/gomega v1.30.0 + github.com/onsi/ginkgo/v2 v2.17.3 + github.com/onsi/gomega v1.33.1 github.com/operator-framework/operator-lib v0.12.0 github.com/operator-framework/operator-registry v1.35.0 github.com/prometheus/client_golang v1.18.0 @@ -18,7 +18,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.8.4 - golang.org/x/text v0.14.0 + golang.org/x/text v0.15.0 k8s.io/api v0.28.5 k8s.io/apiextensions-apiserver v0.28.5 k8s.io/apimachinery v0.28.5 @@ -26,7 +26,7 @@ require ( k8s.io/kubectl v0.28.5 k8s.io/utils v0.0.0-20240102154912-e7106e64919e sigs.k8s.io/controller-runtime v0.16.3 - sigs.k8s.io/kubebuilder/v3 v3.12.0 + sigs.k8s.io/kubebuilder/v3 v3.15.0 sigs.k8s.io/yaml v1.4.0 ) @@ -44,7 +44,7 @@ require ( github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/swag v0.22.4 // indirect - github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gobuffalo/flect v1.0.2 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect @@ -53,7 +53,7 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20230907193218-d3ddc7976beb // indirect + github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect github.com/google/uuid v1.4.0 // indirect github.com/h2non/filetype v1.1.3 // indirect github.com/h2non/go-is-svg v0.0.0-20160927212452-35e8c4b0612c // indirect @@ -85,19 +85,20 @@ require ( go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.25.0 // indirect golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect - golang.org/x/mod v0.14.0 // indirect - golang.org/x/net v0.20.0 // indirect + golang.org/x/mod v0.17.0 // indirect + golang.org/x/net v0.25.0 // indirect golang.org/x/oauth2 v0.15.0 // indirect - golang.org/x/sys v0.16.0 // indirect - golang.org/x/term v0.16.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.20.0 // indirect + golang.org/x/term v0.20.0 // indirect golang.org/x/time v0.5.0 // indirect - golang.org/x/tools v0.17.0 // indirect + golang.org/x/tools v0.21.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect google.golang.org/appengine v1.6.8 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20231120223509-83a465c0220f // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0 // indirect google.golang.org/grpc v1.60.1 // indirect - google.golang.org/protobuf v1.31.0 // indirect + google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect gopkg.in/yaml.v2 v2.4.0 // indirect diff --git a/go.sum b/go.sum index 3c842a0..3fb2e2e 100644 --- a/go.sum +++ b/go.sum @@ -102,8 +102,8 @@ github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU= github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gobuffalo/flect v1.0.2 h1:eqjPGSo2WmjgY2XlpGwo2NXgL3RucAKo4k4qQMNA5sA= github.com/gobuffalo/flect v1.0.2/go.mod h1:A5msMlrHtLqh9umBSnvabjsMrCcCpAyzglnDvkbYKHs= github.com/gofrs/uuid v3.3.0+incompatible h1:8K4tyRfvU1CYPgJsveYFQMhpFd/wXNM7iK6rR7UHz84= @@ -129,8 +129,8 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20230907193218-d3ddc7976beb h1:LCMfzVg3sflxTs4UvuP4D8CkoZnfHLe2qzqgDn/4OHs= -github.com/google/pprof v0.0.0-20230907193218-d3ddc7976beb/go.mod h1:czg5+yv1E0ZGTi6S6vVK1mke0fV+FaUhNGcd6VRS9Ik= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4= github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/handlers v1.4.2 h1:0QniY0USkHQ1RGCLfKxeNHK9bkDHGRYGNDFBCS+YARg= @@ -202,10 +202,10 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus= github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw= -github.com/onsi/ginkgo/v2 v2.14.0 h1:vSmGj2Z5YPb9JwCWT6z6ihcUvDhuXLc3sJiqd3jMKAY= -github.com/onsi/ginkgo/v2 v2.14.0/go.mod h1:JkUdW7JkN0V6rFvsHcJ478egV3XH9NxpD27Hal/PhZw= -github.com/onsi/gomega v1.30.0 h1:hvMK7xYz4D3HapigLTeGdId/NcfQx1VHMJc60ew99+8= -github.com/onsi/gomega v1.30.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/ginkgo/v2 v2.17.3 h1:oJcvKpIb7/8uLpDDtnQuf18xVnwKp8DTD7DQ6gTd/MU= +github.com/onsi/ginkgo/v2 v2.17.3/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0-rc4 h1:oOxKUJWnFC4YGHCCMNql1x4YaDfYBTS5Y4x/Cgeo1E0= @@ -270,7 +270,6 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= @@ -336,8 +335,8 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.14.0 h1:dGoOF9QVLYng8IHTm7BAyWqCqSheQ5pYWGhzW00YJr0= -golang.org/x/mod v0.14.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= @@ -346,8 +345,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.20.0 h1:aCL9BSgETF1k+blQaYUBx9hJ9LOGP3gAVemcZlf1Kpo= -golang.org/x/net v0.20.0/go.mod h1:z8BVo6PvndSri0LbOE3hAn0apkU+1YvI6E70E9jsnvY= +golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -355,8 +354,8 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ= -golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= @@ -367,18 +366,18 @@ golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= -golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.16.0 h1:m+B6fahuftsE9qjo0VWp2FW0mB3MTJvR0BaMQrq0pmE= -golang.org/x/term v0.16.0/go.mod h1:yn7UURbUtPyrVJPGPq404EukNFxcm/foM+bV/bfcDsY= +golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= @@ -388,8 +387,8 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.17.0 h1:FvmRgNOcs3kOa+T20R1uhfP9F6HgG2mfxDv1vrx1Htc= -golang.org/x/tools v0.17.0/go.mod h1:xsh6VxdV005rRVaS6SSAf9oiAqljS7UZUacMZ8Bnsps= +golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw= +golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= @@ -408,8 +407,8 @@ google.golang.org/grpc v1.60.1 h1:26+wFr+cNqSGFcOXcabYC0lUVJVRa2Sb2ortSK7VrEU= google.golang.org/grpc v1.60.1/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM= google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8= -google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= @@ -454,8 +453,8 @@ sigs.k8s.io/controller-runtime v0.16.3 h1:2TuvuokmfXvDUamSx1SuAOO3eTyye+47mJCigw sigs.k8s.io/controller-runtime v0.16.3/go.mod h1:j7bialYoSn142nv9sCOJmQgDXQXxnroFU4VnX/brVJ0= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= -sigs.k8s.io/kubebuilder/v3 v3.12.0 h1:POh46v+T2wPGzAzcIE/eKlwZr17nn+R49elJg2Wz2qU= -sigs.k8s.io/kubebuilder/v3 v3.12.0/go.mod h1:ZJZ6jpjhh0skfehrYl7b8X/SCozhfLAU7IYV8ZN/f3s= +sigs.k8s.io/kubebuilder/v3 v3.15.0 h1:lQxVDKw6BM9il4jXAbeFuEnfNC1/W1GwIC75Bwogq0c= +sigs.k8s.io/kubebuilder/v3 v3.15.0/go.mod h1:/QwYUyLicWiNcdMAmV5lfWoslWz9Ro9L+AK8UQrQxbI= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= sigs.k8s.io/structured-merge-diff/v4 v4.2.3/go.mod h1:qjx8mGObPmV2aSZepjQjbmb2ihdVs8cGKBraizNC69E= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= diff --git a/hack/generate/samples/ansible/advanced_molecule.go b/hack/generate/samples/ansible/advanced_molecule.go index 8059f31..b9772fd 100644 --- a/hack/generate/samples/ansible/advanced_molecule.go +++ b/hack/generate/samples/ansible/advanced_molecule.go @@ -70,15 +70,17 @@ func ImplementAdvancedMolecule(sample sample.Sample, image string) { "size: 3") pkg.CheckError("updating spec of inventorytest sample", err) + log.Info("enabling metrics in the manager") + err = kbutil.ReplaceInFile( + filepath.Join(sample.Dir(), "config", "default", "kustomization.yaml"), + "#- path: manager_metrics_patch.yaml", "- path: manager_metrics_patch.yaml") + pkg.CheckError("enabling metrics endpoint", err) + removeFixmeFromPlaybooks(sample.Dir(), sample.GVKs()) updatePlaybooks(sample.Dir()) addMocksFromTestdata(sample.Dir(), sample.CommandContext()) updateDockerfile(sample.Dir()) updateConfig(sample.Dir()) - - // Replace kustomize version to v5.2.1 to enable running the - // tests on a mac with Apple Silicon - replaceKustomizeVersion(sample.Dir(), "v5.2.1") } func updateConfig(dir string) { @@ -120,7 +122,7 @@ func updateConfig(dir string) { log.Info("adding manager arg") const ansibleVaultArg = ` - - --ansible-args='--vault-password-file /opt/ansible/pwd.yml'` + - --ansible-args='--vault-password-file /opt/ansible/pwd.yml'` err = kbutil.InsertCode( filepath.Join(dir, "config", "manager", "manager.yaml"), "- --leader-election-id=advanced-molecule-operator", @@ -143,7 +145,7 @@ func updateConfig(dir string) { const managerAuthArgs = ` - "--ansible-args='--vault-password-file /opt/ansible/pwd.yml'"` err = kbutil.InsertCode( - filepath.Join(dir, "config", "default", "manager_auth_proxy_patch.yaml"), + filepath.Join(dir, "config", "default", "manager_metrics_patch.yaml"), "- \"--leader-elect\"", managerAuthArgs) pkg.CheckError("adding vaulting args to the proxy auth", err) @@ -198,7 +200,6 @@ func addMocksFromTestdata(dir string, cc command.CommandContext) { cmd = exec.Command("cp", filepath.Join(testDataAbsPath, "/playbooks/finalizerconcurrencyfinalizer.yml"), filepath.Join(dir, "playbooks/finalizerconcurrencyfinalizer.yml")) _, err = cc.Run(cmd) pkg.CheckError("adding finalizer for finalizerconccurencytest", err) - } func updateDockerfile(dir string) { diff --git a/hack/generate/samples/ansible/memcached.go b/hack/generate/samples/ansible/memcached.go index 3185175..e7cfc24 100644 --- a/hack/generate/samples/ansible/memcached.go +++ b/hack/generate/samples/ansible/memcached.go @@ -40,10 +40,6 @@ func ImplementMemcached(sample sample.Sample, image string) { addingMoleculeMockData(sample.Dir(), sample.Name(), gvk) } } - - // Replace kustomize version to v5.2.1 to enable running the - // tests on a mac with Apple Silicon - replaceKustomizeVersion(sample.Dir(), "v5.2.1") } // addingMoleculeMockData will customize the molecule data @@ -77,12 +73,3 @@ func addingAnsibleTask(dir string, gvk schema.GroupVersionKind) { "# TODO(user): Add fields here", "size: 1") pkg.CheckError("updating sample CR", err) } - -// replaceKustomizeVersion will replace the kustomize version used in the -// Makefile to the version specified -func replaceKustomizeVersion(dir string, version string) { - err := kbutil.ReplaceInFile(filepath.Join(dir, "Makefile"), - "curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.1.1/kustomize_v5.1.1_$(OS)_$(ARCH).tar.gz | \\", - fmt.Sprintf("curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/%s/kustomize_%s_$(OS)_$(ARCH).tar.gz | \\", version, version)) - pkg.CheckError(fmt.Sprintf("replacing kustomize version to %s", version), err) -} diff --git a/hack/generate/samples/ansible/memcached_molecule.go b/hack/generate/samples/ansible/memcached_molecule.go index 66fd97d..5782abb 100644 --- a/hack/generate/samples/ansible/memcached_molecule.go +++ b/hack/generate/samples/ansible/memcached_molecule.go @@ -29,7 +29,6 @@ import ( ) func ImplementMemcachedMolecule(sample sample.Sample, image string) { - for _, gvk := range sample.GVKs() { moleculeTaskPath := filepath.Join(sample.Dir(), "molecule", "default", "tasks", fmt.Sprintf("%s_test.yml", strings.ToLower(gvk.Kind))) @@ -73,7 +72,6 @@ func ImplementMemcachedMolecule(sample sample.Sample, image string) { fixmeAssert, "") pkg.CheckError(fmt.Sprintf("replacing %s_test.yml", strings.ToLower(gvk.Kind)), err) } - } log.Info("replacing project Dockerfile to use ansible base image with the dev tag") @@ -125,4 +123,10 @@ func ImplementMemcachedMolecule(sample sample.Sample, image string) { err = kbutil.InsertCode(filepath.Join(sample.Dir(), "config", "testing", "kustomization.yaml"), "patchesStrategicMerge:", fmt.Sprintf("\n- %s", watchNamespacePatchFileName)) pkg.CheckError("inserting in kustomization.yaml", err) + + log.Info("enabling metrics in the manager") + err = kbutil.ReplaceInFile( + filepath.Join(sample.Dir(), "config", "default", "kustomization.yaml"), + "#- path: manager_metrics_patch.yaml", "- path: manager_metrics_patch.yaml") + pkg.CheckError("enabling metrics endpoint", err) } diff --git a/internal/ansible/apiserver/apiserver.go b/internal/ansible/apiserver/apiserver.go index dca20ab..2b035fb 100644 --- a/internal/ansible/apiserver/apiserver.go +++ b/internal/ansible/apiserver/apiserver.go @@ -73,5 +73,4 @@ func metricsHandler(w http.ResponseWriter, r *http.Request) { default: http.Error(w, "Method not allowed", http.StatusMethodNotAllowed) } - } diff --git a/internal/ansible/controller/reconcile.go b/internal/ansible/controller/reconcile.go index cc0e3a5..6502599 100644 --- a/internal/ansible/controller/reconcile.go +++ b/internal/ansible/controller/reconcile.go @@ -293,7 +293,6 @@ func (r *AnsibleOperatorReconciler) printAnsibleResult(result runner.RunResult, } func (r *AnsibleOperatorReconciler) markRunning(ctx context.Context, nn types.NamespacedName, u *unstructured.Unstructured) error { - // Get the latest resource to prevent updating a stale status. if err := r.APIReader.Get(ctx, nn, u); err != nil { return err @@ -326,7 +325,6 @@ func (r *AnsibleOperatorReconciler) markRunning(ctx context.Context, nn types.Na // i.e Annotations that could be incorrect func (r *AnsibleOperatorReconciler) markError(ctx context.Context, nn types.NamespacedName, u *unstructured.Unstructured, failureMessage string) error { - logger := logf.Log.WithName("markError") // Immediately update metrics with failed reconciliation, since Get() // may fail. @@ -368,7 +366,6 @@ func (r *AnsibleOperatorReconciler) markError(ctx context.Context, nn types.Name func (r *AnsibleOperatorReconciler) markDone(ctx context.Context, nn types.NamespacedName, u *unstructured.Unstructured, statusEvent eventapi.StatusJobEvent, failureMessages eventapi.FailureMessages) error { - logger := logf.Log.WithName("markDone") // Get the latest resource to prevent updating a stale status. if err := r.APIReader.Get(ctx, nn, u); err != nil { diff --git a/internal/ansible/controller/reconcile_test.go b/internal/ansible/controller/reconcile_test.go index d705f01..7c2bfb3 100644 --- a/internal/ansible/controller/reconcile_test.go +++ b/internal/ansible/controller/reconcile_test.go @@ -82,7 +82,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -152,7 +152,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventRunnerOnFailed, Created: eventapi.EventTime{Time: eventTime}, EventData: map[string]interface{}{ @@ -161,7 +161,7 @@ func TestReconcile(t *testing.T) { }, }, }, - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -230,7 +230,7 @@ func TestReconcile(t *testing.T) { ManageStatus: false, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventRunnerOnFailed, Created: eventapi.EventTime{Time: eventTime}, EventData: map[string]interface{}{ @@ -239,7 +239,7 @@ func TestReconcile(t *testing.T) { }, }, }, - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -271,7 +271,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -353,7 +353,7 @@ func TestReconcile(t *testing.T) { ManageStatus: true, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, @@ -408,7 +408,7 @@ func TestReconcile(t *testing.T) { ReconcilePeriod: 5 * time.Second, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Created: eventapi.EventTime{Time: eventTime}, }, }, @@ -458,7 +458,7 @@ func TestReconcile(t *testing.T) { ManageStatus: false, Runner: &fake.Runner{ JobEvents: []eventapi.JobEvent{ - eventapi.JobEvent{ + { Event: eventapi.EventPlaybookOnStats, Created: eventapi.EventTime{Time: eventTime}, }, diff --git a/internal/ansible/paramconv/paramconv.go b/internal/ansible/paramconv/paramconv.go index 4e28383..fd53dbd 100644 --- a/internal/ansible/paramconv/paramconv.go +++ b/internal/ansible/paramconv/paramconv.go @@ -82,7 +82,6 @@ func ToCamel(s string) string { // If the last character of the special word is an "s" (i.e plural of the word // found in wordMapping), it is considered a part of that word and will be capitalized. func preprocessWordMapping(value string) string { - for _, word := range wordMapping { idx := strings.Index(value, word) if idx >= 0 { diff --git a/internal/ansible/proxy/cache_response.go b/internal/ansible/proxy/cache_response.go index e874fc4..12807e0 100644 --- a/internal/ansible/proxy/cache_response.go +++ b/internal/ansible/proxy/cache_response.go @@ -75,7 +75,7 @@ func (c *cacheResponseHandler) ServeHTTP(w http.ResponseWriter, req *http.Reques } if c.restMapper == nil { - c.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{schema.GroupVersion{ + c.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{{ Group: r.APIGroup, Version: r.APIVersion, }}) @@ -153,7 +153,6 @@ func (c *cacheResponseHandler) ServeHTTP(w http.ResponseWriter, req *http.Reques // skipCacheLookup - determine if we should skip the cache lookup func (c *cacheResponseHandler) skipCacheLookup(r *k8sRequest.RequestInfo, gvk schema.GroupVersionKind, req *http.Request) bool { - skip := matchesRegexp(req.URL.String(), c.skipPathRegexp) if skip { return true diff --git a/internal/ansible/proxy/inject_owner.go b/internal/ansible/proxy/inject_owner.go index 98d9c26..901c9b3 100644 --- a/internal/ansible/proxy/inject_owner.go +++ b/internal/ansible/proxy/inject_owner.go @@ -69,7 +69,7 @@ func (i *injectOwnerReferenceHandler) ServeHTTP(w http.ResponseWriter, req *http } if i.restMapper == nil { - i.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{schema.GroupVersion{ + i.restMapper = meta.NewDefaultRESTMapper([]schema.GroupVersion{{ Group: r.APIGroup, Version: r.APIVersion, }}) diff --git a/internal/ansible/proxy/proxy.go b/internal/ansible/proxy/proxy.go index 31aa04b..d9801b9 100644 --- a/internal/ansible/proxy/proxy.go +++ b/internal/ansible/proxy/proxy.go @@ -198,7 +198,6 @@ func addWatchToController(owner kubeconfig.NamespacedOwnerReference, cMap *contr m := fmt.Sprintf("Could not get rest mapping for: %v", resource.GroupVersionKind()) log.Error(err, m) return err - } ownerGV, err := schema.ParseGroupVersion(owner.APIVersion) if err != nil { diff --git a/internal/ansible/proxy/requestfactory/requestinfo.go b/internal/ansible/proxy/requestfactory/requestinfo.go index 5d3d73b..8b40ba5 100644 --- a/internal/ansible/proxy/requestfactory/requestinfo.go +++ b/internal/ansible/proxy/requestfactory/requestinfo.go @@ -173,7 +173,6 @@ func (r *RequestInfoFactory) NewRequestInfo(req *http.Request) (*RequestInfo, er requestInfo.Verb = currentParts[0] currentParts = currentParts[1:] - } else { switch req.Method { case "POST": diff --git a/internal/ansible/runner/runner.go b/internal/ansible/runner/runner.go index 95d19ed..3b47308 100644 --- a/internal/ansible/runner/runner.go +++ b/internal/ansible/runner/runner.go @@ -294,7 +294,6 @@ func (r *runner) Run(ident string, u *unstructured.Unstructured, kubeconfig stri if err = os.Symlink(currentRun, latestArtifacts); err != nil { logger.Error(err, "Error symlinking latest artifacts") } - }() return &runResult{ diff --git a/internal/ansible/runner/runner_test.go b/internal/ansible/runner/runner_test.go index 3a35e21..3f0eb5d 100644 --- a/internal/ansible/runner/runner_test.go +++ b/internal/ansible/runner/runner_test.go @@ -185,7 +185,6 @@ func TestNew(t *testing.T) { if _, ok := parameters[tc.desiredObjectKey]; !ok { t.Fatalf("Did not find expected objKey %v in parameters %+v", tc.desiredObjectKey, parameters) } - } if testRunnerStruct.GVK != testWatch.GroupVersionKind { diff --git a/internal/ansible/watches/watches.go b/internal/ansible/watches/watches.go index 300bfe0..6d03de4 100644 --- a/internal/ansible/watches/watches.go +++ b/internal/ansible/watches/watches.go @@ -499,5 +499,4 @@ func getIntegerEnvMaxReconcile(envVarMaxWorker, envVarMaxReconciler string, defV } } return val - } diff --git a/internal/ansible/watches/watches_test.go b/internal/ansible/watches/watches_test.go index 88291a9..eede4e9 100644 --- a/internal/ansible/watches/watches_test.go +++ b/internal/ansible/watches/watches_test.go @@ -138,7 +138,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo twoSeconds := metav1.Duration{Duration: time.Second * 2} validWatches := []Watch{ - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -152,7 +152,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo SnakeCaseParameters: true, MarkUnsafe: false, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -163,7 +163,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ReconcilePeriod: twoSeconds, MarkUnsafe: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -180,7 +180,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Vars: map[string]interface{}{"sentinel": "finalizer_running"}, }, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -192,7 +192,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo WatchDependentResources: true, WatchClusterScopedResources: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -202,7 +202,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ReconcilePeriod: zeroSeconds, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -211,7 +211,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Playbook: validTemplate.ValidPlaybook, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -220,7 +220,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Playbook: validTemplate.ValidPlaybook, ManageStatus: false, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -229,7 +229,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Playbook: validTemplate.ValidPlaybook, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -243,7 +243,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Vars: map[string]interface{}{"sentinel": "finalizer_running"}, }, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -256,7 +256,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Vars: map[string]interface{}{"sentinel": "finalizer_running"}, }, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -266,7 +266,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, MaxConcurrentReconciles: 1, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -276,7 +276,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, MaxConcurrentReconciles: 1, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -286,7 +286,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, MaxConcurrentReconciles: 4, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -296,7 +296,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, AnsibleVerbosity: 2, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -306,7 +306,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, AnsibleVerbosity: 2, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -316,7 +316,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, AnsibleVerbosity: 4, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -326,7 +326,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo ManageStatus: true, Vars: map[string]interface{}{"sentinel": "reconciling"}, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -335,7 +335,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo Role: filepath.Join(cwd, "testdata", "ansible_collections", "nameSpace", "collection", "roles", "someRole"), ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -361,7 +361,7 @@ func TestLoad(t *testing.T) { //nolint:gocyclo }, ManageStatus: true, }, - Watch{ + { GroupVersionKind: schema.GroupVersionKind{ Version: "v1alpha1", Group: "app.example.com", @@ -494,7 +494,6 @@ func TestLoad(t *testing.T) { //nolint:gocyclo } for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { - // Test Load with ANSIBLE_ROLES_PATH var if tc.shouldSetAnsibleRolePathEnvVar { anisbleEnvVar := "path/invalid:/path/invalid/myroles:" + wd @@ -502,7 +501,6 @@ func TestLoad(t *testing.T) { //nolint:gocyclo defer os.Unsetenv("ANSIBLE_ROLES_PATH") } if tc.shouldSetAnsibleCollectionPathEnvVar { - ansibleCollectionPathEnv := filepath.Join(wd, "testdata") os.Setenv("ANSIBLE_COLLECTIONS_PATH", ansibleCollectionPathEnv) defer os.Unsetenv("ANSIBLE_COLLECTIONS_PATH") @@ -865,7 +863,6 @@ func TestGetPossibleRolePaths(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - if len(tt.args.rolesEnv) > 0 { os.Setenv("ANSIBLE_ROLES_PATH", tt.args.rolesEnv) defer os.Unsetenv("ANSIBLE_ROLES_PATH") diff --git a/internal/util/bundleutil/bundleutil.go b/internal/util/bundleutil/bundleutil.go index eb75456..7d5012e 100644 --- a/internal/util/bundleutil/bundleutil.go +++ b/internal/util/bundleutil/bundleutil.go @@ -195,7 +195,6 @@ func copyOperatorManifests(src, dest string) error { // BuildBundleImage builds the bundle image with the provided command or using // docker build command. func (meta *BundleMetaData) BuildBundleImage(tag string) error { - img := fmt.Sprintf("%s:%s", meta.BaseImage, tag) // switch back to current working directory, so that subsequent diff --git a/internal/util/k8sutil/api.go b/internal/util/k8sutil/api.go index 92a3134..8163bfe 100644 --- a/internal/util/k8sutil/api.go +++ b/internal/util/k8sutil/api.go @@ -37,7 +37,6 @@ func GetCustomResourceDefinitions(crdsDir string) ( v1crds []apiextv1.CustomResourceDefinition, v1beta1crds []apiextv1beta1.CustomResourceDefinition, err error) { - infos, err := os.ReadDir(crdsDir) if err != nil { return nil, nil, err @@ -98,7 +97,6 @@ func GetCustomResourceDefinitions(crdsDir string) ( } crGVKSet[gvk] = struct{}{} } - } if err = scanner.Err(); err != nil { return nil, nil, fmt.Errorf("error scanning %s: %w", path, err) diff --git a/pkg/plugins/ansible/v1/init.go b/pkg/plugins/ansible/v1/init.go index 235e63e..12618a1 100644 --- a/pkg/plugins/ansible/v1/init.go +++ b/pkg/plugins/ansible/v1/init.go @@ -108,7 +108,6 @@ func (p *initSubcommand) InjectConfig(c config.Config) error { } func (p *initSubcommand) Scaffold(fs machinery.Filesystem) error { - if err := addInitCustomizations(p.config.GetProjectName(), p.config.IsComponentConfig()); err != nil { return fmt.Errorf("error updating init manifests: %s", err) } @@ -153,8 +152,15 @@ func (p *initSubcommand) PostScaffold() error { // addInitCustomizations will perform the required customizations for this plugin on the common base func addInitCustomizations(projectName string, componentConfig bool) error { + roleFile := filepath.Join("config", "rbac", "role.yaml") + + // We have our own base role file, so we remove the default one + if err := os.Remove(roleFile); err != nil && !os.IsNotExist(err) { + return err + } + managerFile := filepath.Join("config", "manager", "manager.yaml") - managerProxyPatchFile := filepath.Join("config", "default", "manager_auth_proxy_patch.yaml") + managerMetricsPatchFile := filepath.Join("config", "default", "manager_metrics_patch.yaml") // todo: we ought to use afero instead. Replace this methods to insert/update // by https://github.com/kubernetes-sigs/kubebuilder/pull/2119 @@ -163,32 +169,26 @@ func addInitCustomizations(projectName string, componentConfig bool) error { if componentConfig { err := util.InsertCode(managerFile, "- /manager", - fmt.Sprintf("\n args:\n - --leader-election-id=%s", projectName)) - if err != nil { - return err - } - - err = util.InsertCode(managerProxyPatchFile, - "memory: 64Mi", - fmt.Sprintf("\n - name: manager\n args:\n - \"--leader-election-id=%s\"", projectName)) + fmt.Sprintf("\n args:\n - --leader-election-id=%s", projectName)) if err != nil { return err } } else { err := util.InsertCode(managerFile, "--leader-elect", - fmt.Sprintf("\n - --leader-election-id=%s", projectName)) - if err != nil { - return err - } - err = util.InsertCode(managerProxyPatchFile, - "- \"--leader-elect\"", - fmt.Sprintf("\n - \"--leader-election-id=%s\"", projectName)) + fmt.Sprintf("\n - --leader-election-id=%s", projectName)) if err != nil { return err } } + err := util.InsertCode(managerMetricsPatchFile, + "- \"--metrics-bind-address=0.0.0.0:8080\"", + fmt.Sprintf("\n - \"--leader-elect\"\n - \"--leader-election-id=%s\"\n - \"--health-probe-bind-address=:6789\"", projectName)) + if err != nil { + return err + } + // update default resource request and limits with bigger values const resourcesLimitsFragment = ` resources: limits: @@ -208,7 +208,7 @@ func addInitCustomizations(projectName string, componentConfig bool) error { memory: 256Mi ` - err := util.ReplaceInFile(managerFile, resourcesLimitsFragment, resourcesLimitsAnsibleFragment) + err = util.ReplaceInFile(managerFile, resourcesLimitsFragment, resourcesLimitsAnsibleFragment) if err != nil { return err } @@ -226,7 +226,7 @@ func addInitCustomizations(projectName string, componentConfig bool) error { // replace the default ports because ansible has been using another one // todo: remove it when we be able to change the port for the default one // issue: https://github.com/operator-framework/ansible-operator-plugins/issues/4331 - err = util.ReplaceInFile(managerFile, "port: 8081", "port: 6789") + err = util.ReplaceInFile(managerFile, "8081", "6789") if err != nil { return err } @@ -242,11 +242,6 @@ func addInitCustomizations(projectName string, componentConfig bool) error { if err != nil { return err } - } else { - err = util.ReplaceInFile(managerProxyPatchFile, "8081", "6789") - if err != nil { - return err - } } // Remove the call to the command as manager. Helm/Ansible has not been exposing this entrypoint diff --git a/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go b/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go index 95bbd09..9d699a3 100644 --- a/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go +++ b/pkg/plugins/ansible/v1/scaffolds/internal/templates/config/testing/kustomization.go @@ -53,7 +53,7 @@ namePrefix: osdk- patchesStrategicMerge: - manager_image.yaml - debug_logs_patch.yaml -- ../default/manager_auth_proxy_patch.yaml +- ../default/manager_metrics_patch.yaml apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization diff --git a/pkg/plugins/util/cleanup.go b/pkg/plugins/util/cleanup.go index b704ff4..a4944e1 100644 --- a/pkg/plugins/util/cleanup.go +++ b/pkg/plugins/util/cleanup.go @@ -21,14 +21,12 @@ import ( "os" "path/filepath" - kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" - log "github.com/sirupsen/logrus" + kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" ) // RemoveKustomizeCRDManifests removes items in config/crd relating to CRD conversion webhooks. func RemoveKustomizeCRDManifests() error { - pathsToRemove := []string{ filepath.Join("config", "crd", "kustomizeconfig.yaml"), } @@ -60,7 +58,6 @@ func RemoveKustomizeCRDManifests() error { // UpdateKustomizationsInit updates certain parts of or removes entire kustomization.yaml files // that are either not used by certain Init plugins or are created by preceding Init plugins. func UpdateKustomizationsInit() error { - defaultKFile := filepath.Join("config", "default", "kustomization.yaml") if err := kbutil.ReplaceInFile(defaultKFile, ` @@ -76,12 +73,12 @@ func UpdateKustomizationsInit() error { ` # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml -#- manager_webhook_patch.yaml +#- path: manager_webhook_patch.yaml # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. # 'CERTMANAGER' needs to be enabled to use ca injection -#- webhookcainjection_patch.yaml +#- path: webhookcainjection_patch.yaml # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. # Uncomment the following replacements to add the cert-manager CA injection annotations @@ -192,7 +189,6 @@ func UpdateKustomizationsInit() error { // UpdateKustomizationsCreateAPI updates certain parts of or removes entire kustomization.yaml files // that are either not used by certain CreateAPI plugins or are created by preceding CreateAPI plugins. func UpdateKustomizationsCreateAPI() error { - crdKFile := filepath.Join("config", "crd", "kustomization.yaml") if crdKBytes, err := os.ReadFile(crdKFile); err != nil && !errors.Is(err, os.ErrNotExist) { log.Debugf("Error reading kustomization for substitution: %v", err) diff --git a/pkg/testutils/command/command.go b/pkg/testutils/command/command.go index e1821c0..5e352c9 100644 --- a/pkg/testutils/command/command.go +++ b/pkg/testutils/command/command.go @@ -69,7 +69,6 @@ func NewGenericCommandContext(opts ...GenericCommandContextOptions) *GenericComm // Run runs a given command and will append any extra paths to the configured directory func (gcc *GenericCommandContext) Run(cmd *exec.Cmd, path ...string) ([]byte, error) { - dir := strings.Join(append([]string{gcc.dir}, path...), "/") // make the directory if it does not already exist if dir != "" { diff --git a/pkg/testutils/e2e/metrics/helpers.go b/pkg/testutils/e2e/metrics/helpers.go index 4a8c1fb..7247818 100644 --- a/pkg/testutils/e2e/metrics/helpers.go +++ b/pkg/testutils/e2e/metrics/helpers.go @@ -1,59 +1,25 @@ package metrics import ( - "encoding/base64" "fmt" - "strings" "time" "github.com/onsi/ginkgo/v2" "github.com/onsi/gomega" + "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/kubernetes" "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/sample" - "github.com/operator-framework/ansible-operator-plugins/test/common" ) // GetMetrics creates a pod with the permissions to `curl` metrics. It will then return the output of the `curl` pod func GetMetrics(sample sample.Sample, kubectl kubernetes.Kubectl, metricsClusterRoleBindingName string) string { - ginkgo.By("granting permissions to access the metrics and read the token") - out, err := kubectl.Command("create", "clusterrolebinding", metricsClusterRoleBindingName, - fmt.Sprintf("--clusterrole=%s-metrics-reader", sample.Name()), - fmt.Sprintf("--serviceaccount=%s:%s", kubectl.Namespace(), kubectl.ServiceAccount())) - fmt.Println("OUT --", out) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - - // As of Kubernetes 1.24 a ServiceAccount no longer has a ServiceAccount token secret autogenerated. We have to create it manually here - ginkgo.By("Creating the ServiceAccount token") - secretFile, err := common.GetSASecret(kubectl.ServiceAccount(), sample.Dir()) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - gomega.Eventually(func() error { - out, err = kubectl.Apply(true, "-f", secretFile) - fmt.Println("OUT -- ", out) - return err - }, time.Minute, time.Second).Should(gomega.Succeed()) - - ginkgo.By("reading the metrics token") - // Filter token query by service account in case more than one exists in a namespace. - query := fmt.Sprintf(`{.items[?(@.metadata.annotations.kubernetes\.io/service-account\.name=="%s")].data.token}`, - kubectl.ServiceAccount(), - ) - out, err = kubectl.Get(true, "secrets") - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - fmt.Println("OUT --", out) - b64Token, err := kubectl.Get(true, "secrets", "-o=jsonpath="+query) - fmt.Println("OUT--", b64Token) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - token, err := base64.StdEncoding.DecodeString(strings.TrimSpace(b64Token)) - gomega.Expect(err).NotTo(gomega.HaveOccurred()) - gomega.Expect(len(token)).To(gomega.BeNumerically(">", 0)) - ginkgo.By("creating a curl pod") cmdOpts := []string{ "run", "curl", "--image=curlimages/curl:7.68.0", "--restart=OnFailure", "--", - "curl", "-v", "-k", "-H", fmt.Sprintf(`Authorization: Bearer %s`, token), - fmt.Sprintf("https://%s-controller-manager-metrics-service.%s.svc:8443/metrics", sample.Name(), kubectl.Namespace()), + "curl", "-v", + fmt.Sprintf("http://%s-controller-manager-metrics-service.%s.svc:8080/metrics", sample.Name(), kubectl.Namespace()), } - out, err = kubectl.CommandInNamespace(cmdOpts...) + out, err := kubectl.CommandInNamespace(cmdOpts...) fmt.Println("OUT --", out) gomega.Expect(err).NotTo(gomega.HaveOccurred()) @@ -80,7 +46,7 @@ func GetMetrics(sample sample.Sample, kubectl kubernetes.Kubectl, metricsCluster gomega.ExpectWithOffset(1, err).NotTo(gomega.HaveOccurred()) return metricsOutput } - gomega.Eventually(getCurlLogs, time.Minute, time.Second).Should(gomega.ContainSubstring("< HTTP/2 200")) + gomega.Eventually(getCurlLogs, time.Minute, time.Second).Should(gomega.ContainSubstring("< HTTP/1.1 200")) return metricsOutput } @@ -92,10 +58,5 @@ func CleanUpMetrics(kubectl kubernetes.Kubectl, metricsClusterRoleBindingName st return fmt.Errorf("encountered an error when deleting the metrics pod: %w", err) } - _, err = kubectl.Delete(false, "clusterrolebinding", metricsClusterRoleBindingName) - if err != nil { - return fmt.Errorf("encountered an error when deleting the metrics clusterrolebinding: %w", err) - } - return nil } diff --git a/test/e2e/ansible/cluster_test.go b/test/e2e/ansible/cluster_test.go index 73167d7..3fa40fa 100644 --- a/test/e2e/ansible/cluster_test.go +++ b/test/e2e/ansible/cluster_test.go @@ -22,6 +22,7 @@ import ( . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + "k8s.io/apimachinery/pkg/runtime/schema" kbtutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" @@ -111,9 +112,9 @@ var _ = Describe("Running ansible projects", func() { return logOutput } Eventually(managerContainerLogs, time.Minute, time.Second).Should(ContainSubstring( - "Ansible-runner exited successfully")) - Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("failed=1")) - Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("[Gathering Facts]")) + "Ansible-runner exited successfully"), "manager logs: %s", managerContainerLogs()) + Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("failed=1"), "manager logs: %s", managerContainerLogs()) + Eventually(managerContainerLogs, time.Minute, time.Second).ShouldNot(ContainSubstring("[Gathering Facts]"), "manager logs: %s", managerContainerLogs()) By("ensuring no liveness probe fail events") verifyControllerProbe := func() string { diff --git a/test/e2e/ansible/suite_test.go b/test/e2e/ansible/suite_test.go index 47de4a7..e896a68 100644 --- a/test/e2e/ansible/suite_test.go +++ b/test/e2e/ansible/suite_test.go @@ -24,11 +24,11 @@ import ( "testing" "time" - kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" - . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" + kbutil "sigs.k8s.io/kubebuilder/v3/pkg/plugin/util" + "github.com/operator-framework/ansible-operator-plugins/hack/generate/samples/ansible" "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/command" "github.com/operator-framework/ansible-operator-plugins/pkg/testutils/e2e/kind" @@ -79,7 +79,7 @@ var _ = BeforeSuite(func() { // --------------------------------------------------- By("enabling debug logging in the manager") - err = kbutil.ReplaceInFile(filepath.Join(ansibleSample.Dir(), "config", "default", "manager_auth_proxy_patch.yaml"), + err = kbutil.ReplaceInFile(filepath.Join(ansibleSample.Dir(), "config", "default", "manager_metrics_patch.yaml"), "- \"--leader-elect\"", "- \"--zap-log-level=2\"\n - \"--leader-elect\"") Expect(err).NotTo(HaveOccurred()) diff --git a/testdata/memcached-molecule-operator/Makefile b/testdata/memcached-molecule-operator/Makefile index d0cc947..7c3d4e6 100644 --- a/testdata/memcached-molecule-operator/Makefile +++ b/testdata/memcached-molecule-operator/Makefile @@ -81,7 +81,7 @@ ifeq (,$(shell which kustomize 2>/dev/null)) @{ \ set -e ;\ mkdir -p $(dir $(KUSTOMIZE)) ;\ - curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.2.1/kustomize_v5.2.1_$(OS)_$(ARCH).tar.gz | \ + curl -sSLo - https://github.com/kubernetes-sigs/kustomize/releases/download/kustomize/v5.3.0/kustomize_v5.3.0_$(OS)_$(ARCH).tar.gz | \ tar xzf - -C bin/ ;\ } else diff --git a/testdata/memcached-molecule-operator/config/default/kustomization.yaml b/testdata/memcached-molecule-operator/config/default/kustomization.yaml index 133d093..5410415 100644 --- a/testdata/memcached-molecule-operator/config/default/kustomization.yaml +++ b/testdata/memcached-molecule-operator/config/default/kustomization.yaml @@ -21,10 +21,8 @@ resources: # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. - ../prometheus -patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml - - +patches: +# [METRICS] The following patch will enable the metrics endpoint. Ensure that you also protect this endpoint. +# More info: https://book.kubebuilder.io/reference/metrics +# If you want to expose the metric endpoint of your controller-manager uncomment the following line. +- path: manager_metrics_patch.yaml diff --git a/testdata/memcached-molecule-operator/config/default/manager_auth_proxy_patch.yaml b/testdata/memcached-molecule-operator/config/default/manager_auth_proxy_patch.yaml deleted file mode 100644 index 813841d..0000000 --- a/testdata/memcached-molecule-operator/config/default/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,40 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - "ALL" - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.14.1 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - ports: - - containerPort: 8443 - protocol: TCP - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - - name: manager - args: - - "--health-probe-bind-address=:6789" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" - - "--leader-election-id=memcached-molecule-operator" diff --git a/testdata/memcached-molecule-operator/config/default/manager_metrics_patch.yaml b/testdata/memcached-molecule-operator/config/default/manager_metrics_patch.yaml new file mode 100644 index 0000000..9aa84c7 --- /dev/null +++ b/testdata/memcached-molecule-operator/config/default/manager_metrics_patch.yaml @@ -0,0 +1,16 @@ +# This patch adds the args to allow exposing the metrics endpoint securely +apiVersion: apps/v1 +kind: Deployment +metadata: + name: controller-manager + namespace: system +spec: + template: + spec: + containers: + - name: manager + args: + - "--metrics-bind-address=0.0.0.0:8080" + - "--leader-elect" + - "--leader-election-id=memcached-molecule-operator" + - "--health-probe-bind-address=:6789" diff --git a/testdata/memcached-molecule-operator/config/manager/manager.yaml b/testdata/memcached-molecule-operator/config/manager/manager.yaml index eac55b5..2b60cd9 100644 --- a/testdata/memcached-molecule-operator/config/manager/manager.yaml +++ b/testdata/memcached-molecule-operator/config/manager/manager.yaml @@ -3,11 +3,7 @@ kind: Namespace metadata: labels: control-plane: controller-manager - app.kubernetes.io/name: namespace - app.kubernetes.io/instance: system - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: system --- @@ -18,11 +14,7 @@ metadata: namespace: system labels: control-plane: controller-manager - app.kubernetes.io/name: deployment - app.kubernetes.io/instance: controller-manager - app.kubernetes.io/component: manager - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize spec: selector: @@ -67,8 +59,10 @@ spec: # type: RuntimeDefault containers: - args: - - --leader-elect - - --leader-election-id=memcached-molecule-operator + - --leader-elect + - --leader-election-id=memcached-molecule-operator + - --health-probe-bind-address=:6789 + - --metrics-bind-address=0 image: controller:latest name: manager env: @@ -78,7 +72,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - "ALL" + - "ALL" livenessProbe: httpGet: path: /healthz diff --git a/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml b/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml index cf3cd4d..5e02113 100644 --- a/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml +++ b/testdata/memcached-molecule-operator/config/prometheus/monitor.yaml @@ -1,26 +1,18 @@ - # Prometheus Monitor Service (Metrics) apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: labels: control-plane: controller-manager - app.kubernetes.io/name: servicemonitor - app.kubernetes.io/instance: controller-manager-metrics-monitor - app.kubernetes.io/component: metrics - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: controller-manager-metrics-monitor namespace: system spec: endpoints: - path: /metrics - port: https - scheme: https - bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token - tlsConfig: - insecureSkipVerify: true + port: http # Ensure this is the name of the port that exposes HTTP metrics + scheme: http selector: matchLabels: control-plane: controller-manager diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_client_clusterrole.yaml b/testdata/memcached-molecule-operator/config/rbac/auth_proxy_client_clusterrole.yaml deleted file mode 100644 index 297d52d..0000000 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_client_clusterrole.yaml +++ /dev/null @@ -1,16 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: metrics-reader - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator - app.kubernetes.io/managed-by: kustomize - name: metrics-reader -rules: -- nonResourceURLs: - - "/metrics" - verbs: - - get diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role.yaml b/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role.yaml deleted file mode 100644 index c52a577..0000000 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: proxy-role - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator - app.kubernetes.io/managed-by: kustomize - name: proxy-role -rules: -- apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create -- apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role_binding.yaml b/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role_binding.yaml deleted file mode 100644 index 17100ed..0000000 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_role_binding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/instance: proxy-rolebinding - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator - app.kubernetes.io/managed-by: kustomize - name: proxy-rolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: proxy-role -subjects: -- kind: ServiceAccount - name: controller-manager - namespace: system diff --git a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_service.yaml b/testdata/memcached-molecule-operator/config/rbac/auth_proxy_service.yaml deleted file mode 100644 index e67cda4..0000000 --- a/testdata/memcached-molecule-operator/config/rbac/auth_proxy_service.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - labels: - control-plane: controller-manager - app.kubernetes.io/name: service - app.kubernetes.io/instance: controller-manager-metrics-service - app.kubernetes.io/component: kube-rbac-proxy - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator - app.kubernetes.io/managed-by: kustomize - name: controller-manager-metrics-service - namespace: system -spec: - ports: - - name: https - port: 8443 - protocol: TCP - targetPort: https - selector: - control-plane: controller-manager diff --git a/testdata/memcached-molecule-operator/config/rbac/foo_editor_role.yaml b/testdata/memcached-molecule-operator/config/rbac/foo_editor_role.yaml index 5ec5b21..ec97d56 100644 --- a/testdata/memcached-molecule-operator/config/rbac/foo_editor_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/foo_editor_role.yaml @@ -3,11 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: foo-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: foo-editor-role rules: diff --git a/testdata/memcached-molecule-operator/config/rbac/foo_viewer_role.yaml b/testdata/memcached-molecule-operator/config/rbac/foo_viewer_role.yaml index 5b8540d..e7c1448 100644 --- a/testdata/memcached-molecule-operator/config/rbac/foo_viewer_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/foo_viewer_role.yaml @@ -3,11 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: foo-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: foo-viewer-role rules: diff --git a/testdata/memcached-molecule-operator/config/rbac/ignore_secret_editor_role.yaml b/testdata/memcached-molecule-operator/config/rbac/ignore_secret_editor_role.yaml index c9c7f3c..9711c29 100644 --- a/testdata/memcached-molecule-operator/config/rbac/ignore_secret_editor_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/ignore_secret_editor_role.yaml @@ -3,13 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: secret-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize - name: secret-editor-role + name: ignore-secret-editor-role rules: - apiGroups: - ignore.example.com diff --git a/testdata/memcached-molecule-operator/config/rbac/ignore_secret_viewer_role.yaml b/testdata/memcached-molecule-operator/config/rbac/ignore_secret_viewer_role.yaml index 46a0bb4..f150ef7 100644 --- a/testdata/memcached-molecule-operator/config/rbac/ignore_secret_viewer_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/ignore_secret_viewer_role.yaml @@ -3,13 +3,9 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: secret-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize - name: secret-viewer-role + name: ignore-secret-viewer-role rules: - apiGroups: - ignore.example.com diff --git a/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml b/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml index 731832a..33c9072 100644 --- a/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/kustomization.yaml @@ -9,10 +9,17 @@ resources: - role_binding.yaml - leader_election_role.yaml - leader_election_role_binding.yaml -# Comment the following 4 lines if you want to disable -# the auth proxy (https://github.com/brancz/kube-rbac-proxy) -# which protects your /metrics endpoint. -- auth_proxy_service.yaml -- auth_proxy_role.yaml -- auth_proxy_role_binding.yaml -- auth_proxy_client_clusterrole.yaml +- metrics_service.yaml +# For each CRD, "Editor" and "Viewer" roles are scaffolded by +# default, aiding admins in cluster management. Those roles are +# not used by the Project itself. You can comment the following lines +# if you do not want those helpers be installed with your Project. +- ignore_secret_editor_role.yaml +- ignore_secret_viewer_role.yaml +- memfin_editor_role.yaml +- memfin_viewer_role.yaml +- foo_editor_role.yaml +- foo_viewer_role.yaml +- memcached_editor_role.yaml +- memcached_viewer_role.yaml + diff --git a/testdata/memcached-molecule-operator/config/rbac/leader_election_role.yaml b/testdata/memcached-molecule-operator/config/rbac/leader_election_role.yaml index 2b2bc6e..31de2ad 100644 --- a/testdata/memcached-molecule-operator/config/rbac/leader_election_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/leader_election_role.yaml @@ -3,11 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: labels: - app.kubernetes.io/name: role - app.kubernetes.io/instance: leader-election-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: leader-election-role rules: diff --git a/testdata/memcached-molecule-operator/config/rbac/leader_election_role_binding.yaml b/testdata/memcached-molecule-operator/config/rbac/leader_election_role_binding.yaml index 396ceeb..5ad0858 100644 --- a/testdata/memcached-molecule-operator/config/rbac/leader_election_role_binding.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/leader_election_role_binding.yaml @@ -2,11 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: labels: - app.kubernetes.io/name: rolebinding - app.kubernetes.io/instance: leader-election-rolebinding - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: leader-election-rolebinding roleRef: diff --git a/testdata/memcached-molecule-operator/config/rbac/memcached_editor_role.yaml b/testdata/memcached-molecule-operator/config/rbac/memcached_editor_role.yaml index 52d84bb..4cb329d 100644 --- a/testdata/memcached-molecule-operator/config/rbac/memcached_editor_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/memcached_editor_role.yaml @@ -3,11 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: memcached-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: memcached-editor-role rules: diff --git a/testdata/memcached-molecule-operator/config/rbac/memcached_viewer_role.yaml b/testdata/memcached-molecule-operator/config/rbac/memcached_viewer_role.yaml index ff6215c..70478d3 100644 --- a/testdata/memcached-molecule-operator/config/rbac/memcached_viewer_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/memcached_viewer_role.yaml @@ -3,11 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: memcached-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: memcached-viewer-role rules: diff --git a/testdata/memcached-molecule-operator/config/rbac/memfin_editor_role.yaml b/testdata/memcached-molecule-operator/config/rbac/memfin_editor_role.yaml index 25e7ca4..e6e450a 100644 --- a/testdata/memcached-molecule-operator/config/rbac/memfin_editor_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/memfin_editor_role.yaml @@ -3,11 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: memfin-editor-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: memfin-editor-role rules: diff --git a/testdata/memcached-molecule-operator/config/rbac/memfin_viewer_role.yaml b/testdata/memcached-molecule-operator/config/rbac/memfin_viewer_role.yaml index 458e917..bd30890 100644 --- a/testdata/memcached-molecule-operator/config/rbac/memfin_viewer_role.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/memfin_viewer_role.yaml @@ -3,11 +3,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: labels: - app.kubernetes.io/name: clusterrole - app.kubernetes.io/instance: memfin-viewer-role - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: memfin-viewer-role rules: diff --git a/testdata/memcached-molecule-operator/config/rbac/metrics_service.yaml b/testdata/memcached-molecule-operator/config/rbac/metrics_service.yaml new file mode 100644 index 0000000..5559b8a --- /dev/null +++ b/testdata/memcached-molecule-operator/config/rbac/metrics_service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + app.kubernetes.io/name: memcached-molecule-operator + app.kubernetes.io/managed-by: kustomize + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: http + port: 8080 + protocol: TCP + targetPort: 8080 + selector: + control-plane: controller-manager diff --git a/testdata/memcached-molecule-operator/config/rbac/role_binding.yaml b/testdata/memcached-molecule-operator/config/rbac/role_binding.yaml index 4a8a546..32da245 100644 --- a/testdata/memcached-molecule-operator/config/rbac/role_binding.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/role_binding.yaml @@ -2,11 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: labels: - app.kubernetes.io/name: clusterrolebinding - app.kubernetes.io/instance: manager-rolebinding - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: manager-rolebinding roleRef: diff --git a/testdata/memcached-molecule-operator/config/rbac/service_account.yaml b/testdata/memcached-molecule-operator/config/rbac/service_account.yaml index 381d3d8..9a82ad8 100644 --- a/testdata/memcached-molecule-operator/config/rbac/service_account.yaml +++ b/testdata/memcached-molecule-operator/config/rbac/service_account.yaml @@ -2,11 +2,7 @@ apiVersion: v1 kind: ServiceAccount metadata: labels: - app.kubernetes.io/name: serviceaccount - app.kubernetes.io/instance: controller-manager-sa - app.kubernetes.io/component: rbac - app.kubernetes.io/created-by: memcached-molecule-operator - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize name: controller-manager namespace: system diff --git a/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_foo.yaml b/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_foo.yaml index f68f688..f0bc8d8 100644 --- a/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_foo.yaml +++ b/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_foo.yaml @@ -2,11 +2,8 @@ apiVersion: cache.example.com/v1alpha1 kind: Foo metadata: labels: - app.kubernetes.io/name: foo - app.kubernetes.io/instance: foo-sample - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/created-by: memcached-molecule-operator name: foo-sample spec: foo: bar diff --git a/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memcached.yaml b/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memcached.yaml index 8bd4ce0..8f675bf 100644 --- a/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memcached.yaml +++ b/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memcached.yaml @@ -2,11 +2,8 @@ apiVersion: cache.example.com/v1alpha1 kind: Memcached metadata: labels: - app.kubernetes.io/name: memcached - app.kubernetes.io/instance: memcached-sample - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/created-by: memcached-molecule-operator name: memcached-sample spec: size: 1 diff --git a/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memfin.yaml b/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memfin.yaml index f67ee54..5e20831 100644 --- a/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memfin.yaml +++ b/testdata/memcached-molecule-operator/config/samples/cache_v1alpha1_memfin.yaml @@ -2,11 +2,8 @@ apiVersion: cache.example.com/v1alpha1 kind: Memfin metadata: labels: - app.kubernetes.io/name: memfin - app.kubernetes.io/instance: memfin-sample - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/created-by: memcached-molecule-operator name: memfin-sample spec: foo: bar diff --git a/testdata/memcached-molecule-operator/config/samples/ignore_v1_secret.yaml b/testdata/memcached-molecule-operator/config/samples/ignore_v1_secret.yaml index 44e7427..dbae6fa 100644 --- a/testdata/memcached-molecule-operator/config/samples/ignore_v1_secret.yaml +++ b/testdata/memcached-molecule-operator/config/samples/ignore_v1_secret.yaml @@ -2,11 +2,8 @@ apiVersion: ignore.example.com/v1 kind: Secret metadata: labels: - app.kubernetes.io/name: secret - app.kubernetes.io/instance: secret-sample - app.kubernetes.io/part-of: memcached-molecule-operator + app.kubernetes.io/name: memcached-molecule-operator app.kubernetes.io/managed-by: kustomize - app.kubernetes.io/created-by: memcached-molecule-operator name: secret-sample spec: # TODO(user): Add fields here diff --git a/testdata/memcached-molecule-operator/config/testing/kustomization.yaml b/testdata/memcached-molecule-operator/config/testing/kustomization.yaml index 1267637..ba56049 100644 --- a/testdata/memcached-molecule-operator/config/testing/kustomization.yaml +++ b/testdata/memcached-molecule-operator/config/testing/kustomization.yaml @@ -11,7 +11,7 @@ patchesStrategicMerge: - watch_namespace_patch.yaml - manager_image.yaml - debug_logs_patch.yaml -- ../default/manager_auth_proxy_patch.yaml +- ../default/manager_metrics_patch.yaml apiVersion: kustomize.config.k8s.io/v1beta1 kind: Kustomization