diff --git a/.builder-image-version.txt b/.builder-image-version.txt index 4e036596e..be5b4c7bb 100644 --- a/.builder-image-version.txt +++ b/.builder-image-version.txt @@ -1 +1 @@ -1.1.19 +1.1.20 diff --git a/.github/renovate/golang.json5 b/.github/renovate/golang.json5 index 71463c2d4..29a0eb9df 100644 --- a/.github/renovate/golang.json5 +++ b/.github/renovate/golang.json5 @@ -4,7 +4,7 @@ }, // https://docs.renovatebot.com/configuration-options/#constraints "constraints": { - "go": "1.21" + "go": "1.22" }, packageRules: [ { diff --git a/.github/workflows/pr-lint.yml b/.github/workflows/pr-lint.yml index 3ce2ff3b6..5948ca99b 100644 --- a/.github/workflows/pr-lint.yml +++ b/.github/workflows/pr-lint.yml @@ -21,7 +21,7 @@ jobs: if: github.event_name != 'pull_request' || !github.event.pull_request.draft runs-on: ubuntu-latest container: - image: ghcr.io/sovereigncloudstack/cso-builder:1.1.19 + image: ghcr.io/sovereigncloudstack/cso-builder:1.1.20 credentials: username: ${{ github.actor }} password: ${{ secrets.github_token }} diff --git a/.github/workflows/schedule-scan-image.yml b/.github/workflows/schedule-scan-image.yml index d41f1fb11..a84565ace 100644 --- a/.github/workflows/schedule-scan-image.yml +++ b/.github/workflows/schedule-scan-image.yml @@ -9,7 +9,7 @@ jobs: name: Trivy runs-on: ubuntu-latest container: - image: ghcr.io/sovereigncloudstack/cso-builder:1.1.19 + image: ghcr.io/sovereigncloudstack/cso-builder:1.1.20 credentials: username: ${{ github.actor }} password: ${{ secrets.github_token }} diff --git a/.gitignore b/.gitignore index bfdd9323b..6d10773d3 100644 --- a/.gitignore +++ b/.gitignore @@ -82,3 +82,6 @@ main *.tgz.yaml *.build.yaml .release + +# .config/go/telemetry/local/ +.config diff --git a/.golangci.yaml b/.golangci.yaml index eb96277e6..3cd99db83 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -12,7 +12,7 @@ linters: - errname - errorlint - exhaustive - - exportloopref + - copyloopvar - forcetypeassert - gci - goconst @@ -86,10 +86,7 @@ linters-settings: allow-unused: false allow-leading-space: false require-specific: true - staticcheck: - go: "1.21" stylecheck: - go: "1.21" checks: ["all", "-ST1006"] dot-import-whitelist: - "github.com/onsi/gomega" @@ -223,8 +220,6 @@ linters-settings: # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md#struct-tag - name: struct-tag disabled: true - unused: - go: "1.21" usestdlibvars: # Suggest the use of http.MethodXX. # Default: true @@ -247,9 +242,6 @@ linters-settings: # Suggest the use of rpc.DefaultXXPath. # Default: false default-rpc-path: true - # Suggest the use of os.DevNull. - # Default: false - os-dev-null: true # Suggest the use of sql.LevelXX.String(). # Default: false sql-isolation-level: true @@ -259,9 +251,6 @@ linters-settings: # Suggest the use of constant.Kind.String(). # Default: false constant-kind: true - # Suggest the use of syslog.Priority. - # Default: false - syslog-priority: true wrapcheck: ignoreSigs: - status.Error( @@ -285,11 +274,11 @@ issues: - linters: - wrapcheck path: _test\.go + exclude-dirs: + - vendor$ + - test/vendor$ run: timeout: 10m - go: "1.21" + go: "1.22" allow-parallel-runners: true modules-download-mode: vendor - skip-dirs: - - vendor$ - - test/vendor$ diff --git a/Makefile b/Makefile index 04651eb36..d746c9b5a 100644 --- a/Makefile +++ b/Makefile @@ -81,7 +81,7 @@ MGT_CLUSTER_KUBECONFIG ?= ".mgt-cluster-kubeconfig.yaml" # Kubebuilder. export KUBEBUILDER_ENVTEST_KUBERNETES_VERSION ?= 1.29.3 -# versions +# versions CTLPTL_VERSION := 0.8.25 ##@ Binaries @@ -445,7 +445,7 @@ ifeq ($(BUILD_IN_CONTAINER),true) else go version golangci-lint version - GO111MODULE=on golangci-lint run -v --out-format=github-actions + GO111MODULE=on golangci-lint run -v --out-format=colored-line-number endif .PHONY: lint-yaml diff --git a/api/v1alpha1/conditions_const.go b/api/v1alpha1/conditions_const.go index 82b599064..24ba77602 100644 --- a/api/v1alpha1/conditions_const.go +++ b/api/v1alpha1/conditions_const.go @@ -39,7 +39,7 @@ const ( const ( // HelmChartFoundCondition reports when mentioned helm chart is present in the cluster addon tar archive. - HelmChartFoundCondition = "HelmChartFound" + HelmChartFoundCondition clusterv1.ConditionType = "HelmChartFound" // HelmChartMissingReason is used when mentioned helm chart is missing in the cluster addon tar archive. HelmChartMissingReason = "HelmChartMissing" @@ -62,6 +62,14 @@ const ( TemplateNewClusterStackFailedReason = "TemplateNewClusterStackFailed" ) +const ( + // ClusterAddonConfigValidatedCondition reports when there is a error parsing clusteraddon.yaml. + ClusterAddonConfigValidatedCondition clusterv1.ConditionType = "ClusterAddonConfigValidated" + + // ParsingClusterAddonConfigFailedReason is used when there's some error happen while parsing clusteraddon.yaml. + ParsingClusterAddonConfigFailedReason = "ParsingClusterAddonConfigFailed" +) + const ( // HelmChartAppliedCondition reports on whether the relevant helm chart has been applied. HelmChartAppliedCondition clusterv1.ConditionType = "HelmChartApplied" @@ -91,7 +99,7 @@ const ( const ( // ProviderClusterStackReleasesSyncedCondition reports on whether the ProviderClusterStackReleases are ready. - ProviderClusterStackReleasesSyncedCondition = "ProviderClusterStackReleasesSynced" + ProviderClusterStackReleasesSyncedCondition clusterv1.ConditionType = "ProviderClusterStackReleasesSynced" // ProviderTemplateNotFoundReason is used when providerTemplate is not found. ProviderTemplateNotFoundReason = "ProviderTemplateNotFound" @@ -102,7 +110,7 @@ const ( const ( // ClusterStackReleasesSyncedCondition reports on whether the ClusterStackReleases are ready. - ClusterStackReleasesSyncedCondition = "ClusterStackReleasesSynced" //#nosec + ClusterStackReleasesSyncedCondition clusterv1.ConditionType = "ClusterStackReleasesSynced" //#nosec ) const ( diff --git a/go.mod b/go.mod index c92508b16..6c809ddd8 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/SovereignCloudStack/cluster-stack-operator -go 1.21 +go 1.22 require ( github.com/go-logr/logr v1.4.2 diff --git a/images/builder/Dockerfile b/images/builder/Dockerfile index 722cd179a..042068319 100644 --- a/images/builder/Dockerfile +++ b/images/builder/Dockerfile @@ -17,7 +17,7 @@ # If you make changes to this Dockerfile run `make builder-image-push`. # Install Lychee -FROM docker.io/library/alpine:3.20.0@sha256:216266c86fc4dcef5619930bd394245824c2af52fd21ba7c6fa0e618657d4c3b as lychee +FROM docker.io/library/alpine:3.20.2 AS lychee # update: datasource=github-tags depName=lycheeverse/lychee versioning=semver ENV LYCHEE_VERSION="v0.15.1" # hadolint ignore=DL3018 @@ -29,22 +29,22 @@ RUN apk add --no-cache curl && \ mv /tmp/lychee /usr/bin/lychee && \ rm -rf /tmp/linux-amd64 /tmp/lychee-${LYCHEE_VERSION}.tgz -FROM cgr.dev/chainguard/wolfi-base:latest as wolfi +FROM cgr.dev/chainguard/wolfi-base:latest AS wolfi # update: datasource=github-tags depName=kubernetes-sigs/cluster-api -ARG CLUSTERCTL_VERSION="v1.6.2" +ARG CLUSTERCTL_VERSION="v1.8.1" # update: datasource=github-tags depName=helm/helm ENV HELM_VERSION="v3.14.1" # update: datasource=github-tags depName=kubernetes-sigs/kind -ARG KIND_VERSION="v0.20.0" +ARG KIND_VERSION="v0.24.0" # update: datasource=github-tags depName=kubernetes/kubernetes -ARG KUBECTL_VERSION="v1.27.3" +ARG KUBECTL_VERSION="v1.30.4" # update: datasource=github-tags depName=kubernetes-sigs/kustomize extractVersion=^kustomize\/v(?.+)$ -ARG KUSTOMIZE_VERSION="v5.3.0" +ARG KUSTOMIZE_VERSION="v5.4.3" # update: datasource=github-tags depName=aquasecurity/trivy -ARG TRIVY_VERSION="v0.48.3" +ARG TRIVY_VERSION="v0.54.1" # update: datasource=github-tags depName=kubernetes-sigs/controller-tools -ARG CONTROLLER_GEN_VERSION="v0.14.0" +ARG CONTROLLER_GEN_VERSION="v0.16.1" # hadolint ignore=DL3018 RUN apk add -U --no-cache \ @@ -55,27 +55,27 @@ RUN apk add -U --no-cache \ kind=~${KIND_VERSION#v} \ kubectl=~${KUBECTL_VERSION#v} \ kustomize=~${KUSTOMIZE_VERSION#v} \ - trivy=~${TRIVY_VERSION#v} + trivy=~${TRIVY_VERSION#v} # Install Golang CI Lint -FROM docker.io/library/alpine:3.20.0@sha256:216266c86fc4dcef5619930bd394245824c2af52fd21ba7c6fa0e618657d4c3b as golangci +FROM docker.io/library/alpine:3.20.2 AS golangci # update: datasource=github-tags depName=golangci/golangci-lint versioning=semver -ENV GOLANGCI_VERSION="v1.59.0" +ENV GOLANGCI_VERSION="v1.60.3" WORKDIR / # hadolint ignore=DL3018,DL4006 RUN apk add --no-cache curl && \ curl -sfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s ${GOLANGCI_VERSION} # Install Hadolint -FROM docker.io/hadolint/hadolint:v2.12.0-alpine@sha256:7dba9a9f1a0350f6d021fb2f6f88900998a4fb0aaf8e4330aa8c38544f04db42 as hadolint +FROM docker.io/hadolint/hadolint:v2.12.0-alpine@sha256:7dba9a9f1a0350f6d021fb2f6f88900998a4fb0aaf8e4330aa8c38544f04db42 AS hadolint # Install Trivy -FROM docker.io/aquasec/trivy:0.51.4@sha256:20a7c9cd02841a3d8d2a2506b93502a944adc57a3db9adf75b59266023b2af1e as trivy +FROM docker.io/aquasec/trivy:0.54.1 AS trivy ############################ # CSO Build Image Base # ############################ -FROM docker.io/library/golang:1.21.6-bullseye +FROM docker.io/library/golang:1.23.0-bullseye # update: datasource=github-tags depName=adrienverge/yamllint versioning=semver ENV YAMLLINT_VERSION="v1.35.1" diff --git a/images/cso/Dockerfile b/images/cso/Dockerfile index 8a1c2e102..b82c6315f 100644 --- a/images/cso/Dockerfile +++ b/images/cso/Dockerfile @@ -15,7 +15,7 @@ FROM --platform=${BUILDPLATFORM} docker.io/alpine/helm:3.15.1 as helm # Build the manager binary -FROM --platform=${BUILDPLATFORM} docker.io/library/golang:1.21.6-bullseye as build +FROM --platform=${BUILDPLATFORM} docker.io/library/golang:1.23.0-bullseye as build ARG TARGETOS TARGETARCH COPY . /src/cluster-stack-operator diff --git a/internal/controller/clusteraddon_controller.go b/internal/controller/clusteraddon_controller.go index 307e231b1..aab0fd366 100644 --- a/internal/controller/clusteraddon_controller.go +++ b/internal/controller/clusteraddon_controller.go @@ -188,7 +188,7 @@ func (r *ClusterAddonReconciler) Reconcile(ctx context.Context, req reconcile.Re releaseAsset, download, err := release.New(release.ConvertFromClusterClassToClusterStackFormat(cluster.Spec.Topology.Class), r.ReleaseDirectory) if err != nil { - conditions.MarkFalse(clusterAddon, csov1alpha1.ClusterStackReleaseAssetsReadyCondition, csov1alpha1.IssueWithReleaseAssetsReason, clusterv1.ConditionSeverityError, err.Error()) + conditions.MarkFalse(clusterAddon, csov1alpha1.ClusterStackReleaseAssetsReadyCondition, csov1alpha1.IssueWithReleaseAssetsReason, clusterv1.ConditionSeverityError, "%s", err.Error()) return ctrl.Result{RequeueAfter: 10 * time.Second}, nil } if download { @@ -204,9 +204,9 @@ func (r *ClusterAddonReconciler) Reconcile(ctx context.Context, req reconcile.Re csov1alpha1.ClusterStackReleaseAssetsReadyCondition, csov1alpha1.IssueWithReleaseAssetsReason, clusterv1.ConditionSeverityError, - msg, + "%s", msg, ) - record.Warnf(clusterAddon, "ValidateHelmChartFailed", msg) + record.Warn(clusterAddon, "ValidateHelmChartFailed", msg) return reconcile.Result{}, nil } @@ -298,8 +298,23 @@ func (r *ClusterAddonReconciler) Reconcile(ctx context.Context, req reconcile.Re // multi-stage cluster addon flow in.addonStagesInput, err = r.getAddonStagesInput(in.restConfig, in.clusterAddonChartPath) if err != nil { - return reconcile.Result{}, fmt.Errorf("failed to get addon stages input: %w", err) + conditions.MarkFalse( + clusterAddon, + csov1alpha1.ClusterAddonConfigValidatedCondition, + csov1alpha1.ParsingClusterAddonConfigFailedReason, + clusterv1.ConditionSeverityError, + "cluster addon config (clusteraddon.yaml) is wrong: %s", err.Error(), + ) + + record.Warnf( + clusterAddon, + csov1alpha1.ParsingClusterAddonConfigFailedReason, + "cluster addon config (clusteraddon.yaml) is wrong: %s", err.Error(), + ) + + return reconcile.Result{}, nil } + conditions.MarkTrue(clusterAddon, csov1alpha1.ClusterAddonConfigValidatedCondition) // clusteraddon.yaml in the release. clusterAddonConfig, err := clusteraddon.ParseConfig(in.clusterAddonConfigPath) @@ -932,9 +947,9 @@ func (r *ClusterAddonReconciler) downloadOldClusterStackRelease(ctx context.Cont csov1alpha1.AssetsClientAPIAvailableCondition, csov1alpha1.FailedCreateAssetsClientReason, clusterv1.ConditionSeverityError, - err.Error(), + "%s", err.Error(), ) - record.Warnf(clusterAddon, "FailedCreateAssetsClient", err.Error()) + record.Warn(clusterAddon, "FailedCreateAssetsClient", err.Error()) // give the assets client a second change if isSet { @@ -948,7 +963,10 @@ func (r *ClusterAddonReconciler) downloadOldClusterStackRelease(ctx context.Cont // check if old cluster stack release is present or not. releaseAsset, download, err := release.New(release.ConvertFromClusterClassToClusterStackFormat(clusterAddon.Spec.ClusterStack), r.ReleaseDirectory) if err != nil { - conditions.MarkFalse(clusterAddon, csov1alpha1.ClusterStackReleaseAssetsReadyCondition, csov1alpha1.IssueWithReleaseAssetsReason, clusterv1.ConditionSeverityError, err.Error()) + conditions.MarkFalse(clusterAddon, + csov1alpha1.ClusterStackReleaseAssetsReadyCondition, + csov1alpha1.IssueWithReleaseAssetsReason, + clusterv1.ConditionSeverityError, "%s", err.Error()) return nil, true, nil } if download { @@ -976,9 +994,9 @@ func (r *ClusterAddonReconciler) downloadOldClusterStackRelease(ctx context.Cont csov1alpha1.ClusterStackReleaseAssetsReadyCondition, csov1alpha1.IssueWithReleaseAssetsReason, clusterv1.ConditionSeverityError, - msg, + "%s", msg, ) - record.Warnf(clusterAddon, "ValidateHelmChartFailed", msg) + record.Warn(clusterAddon, "ValidateHelmChartFailed", msg) return nil, false, nil } diff --git a/internal/controller/clusterstack_controller.go b/internal/controller/clusterstack_controller.go index 9f0ceb847..cb8475cc5 100644 --- a/internal/controller/clusterstack_controller.go +++ b/internal/controller/clusterstack_controller.go @@ -120,9 +120,9 @@ func (r *ClusterStackReconciler) Reconcile(ctx context.Context, req reconcile.Re csov1alpha1.AssetsClientAPIAvailableCondition, csov1alpha1.FailedCreateAssetsClientReason, clusterv1.ConditionSeverityError, - err.Error(), + "%s", err.Error(), ) - record.Warnf(clusterStack, "FailedCreateAssetsClient", err.Error()) + record.Warn(clusterStack, "FailedCreateAssetsClient", err.Error()) // give the assets client a second change if isSet { @@ -140,7 +140,7 @@ func (r *ClusterStackReconciler) Reconcile(ctx context.Context, req reconcile.Re csov1alpha1.ReleasesSyncedCondition, csov1alpha1.FailedToSyncReason, clusterv1.ConditionSeverityWarning, - err.Error(), + "%s", err.Error(), ) logger.Error(err, "failed to get latest release from remote repository") } @@ -165,7 +165,7 @@ func (r *ClusterStackReconciler) Reconcile(ctx context.Context, req reconcile.Re if err := r.Delete(ctx, toDelete[i]); err != nil && !apierrors.IsNotFound(err) { // ignore not found errors when deleting reterr := fmt.Errorf("failed to delete cluster stack release %s: %w", csr.Name, err) - record.Eventf(clusterStack, "FailedToDeleteClusterStackRelease", reterr.Error()) + record.Event(clusterStack, "FailedToDeleteClusterStackRelease", reterr.Error()) return reconcile.Result{}, reterr } } @@ -198,7 +198,7 @@ func (r *ClusterStackReconciler) Reconcile(ctx context.Context, req reconcile.Re csov1alpha1.ProviderClusterStackReleasesSyncedCondition, csov1alpha1.FailedToCreateOrUpdateReason, clusterv1.ConditionSeverityWarning, - err.Error(), + "%s", err.Error(), ) } return reconcile.Result{}, fmt.Errorf("failed to create or update provider specific ClusterStackRelease %s/%s: %w", req.Namespace, csr.Name, err) @@ -210,7 +210,7 @@ func (r *ClusterStackReconciler) Reconcile(ctx context.Context, req reconcile.Re csov1alpha1.ClusterStackReleasesSyncedCondition, csov1alpha1.FailedToCreateOrUpdateReason, clusterv1.ConditionSeverityWarning, - err.Error(), + "%s", err.Error(), ) return reconcile.Result{}, fmt.Errorf("failed to get or create ClusterStackRelease %s/%s: %w", req.Namespace, csr.Name, err) } @@ -553,11 +553,7 @@ func getLatestReleaseFromRemoteRepository(ctx context.Context, clusterStack *cso var clusterStacks clusterstack.ClusterStacks for _, release := range releases { - clusterStackObject, matches, err := matchesSpec(release, &clusterStack.Spec) - if err != nil { - return nil, fmt.Errorf("failed to get match release tag %q with spec of ClusterStack: %w", release, err) - } - + clusterStackObject, matches := matchesSpec(release, clusterStack) if matches { clusterStacks = append(clusterStacks, clusterStackObject) } @@ -626,16 +622,22 @@ func matchesOwnerRef(a *metav1.OwnerReference, clusterStack *csov1alpha1.Cluster return aGV.Group == clusterStack.GroupVersionKind().Group && a.Kind == clusterStack.Kind && a.Name == clusterStack.Name } -func matchesSpec(str string, spec *csov1alpha1.ClusterStackSpec) (clusterstack.ClusterStack, bool, error) { +func matchesSpec(str string, clusterStack *csov1alpha1.ClusterStack) (clusterstack.ClusterStack, bool) { csObject, err := clusterstack.NewFromClusterStackReleaseProperties(str) if err != nil { - return clusterstack.ClusterStack{}, false, fmt.Errorf("failed to get clusterstack object from string %q: %w", str, err) + record.Warnf( + clusterStack, + "FailedToParseClusterStackRelease", + "failed to get clusterstack object from string %q: %s", str, err.Error(), + ) + + return clusterstack.ClusterStack{}, false } - return csObject, csObject.Version.Channel == spec.Channel && - csObject.KubernetesVersion.StringWithDot() == spec.KubernetesVersion && - csObject.Name == spec.Name && - csObject.Provider == spec.Provider, nil + return csObject, csObject.Version.Channel == clusterStack.Spec.Channel && + csObject.KubernetesVersion.StringWithDot() == clusterStack.Spec.KubernetesVersion && + csObject.Name == clusterStack.Spec.Name && + csObject.Provider == clusterStack.Spec.Provider } func unstructuredSpecEqual(oldObj, newObj map[string]interface{}) (newSpec map[string]interface{}, isEqual bool, err error) { diff --git a/internal/controller/clusterstackrelease_controller.go b/internal/controller/clusterstackrelease_controller.go index e3fd87280..82110107d 100644 --- a/internal/controller/clusterstackrelease_controller.go +++ b/internal/controller/clusterstackrelease_controller.go @@ -107,7 +107,10 @@ func (r *ClusterStackReleaseReconciler) Reconcile(ctx context.Context, req recon releaseAssets, download, err := release.New(releaseTag, r.ReleaseDirectory) if err != nil { - conditions.MarkFalse(clusterStackRelease, csov1alpha1.ClusterStackReleaseAssetsReadyCondition, csov1alpha1.IssueWithReleaseAssetsReason, clusterv1.ConditionSeverityError, err.Error()) + conditions.MarkFalse(clusterStackRelease, + csov1alpha1.ClusterStackReleaseAssetsReadyCondition, + csov1alpha1.IssueWithReleaseAssetsReason, + clusterv1.ConditionSeverityError, "%s", err.Error()) return reconcile.Result{RequeueAfter: 1 * time.Minute}, fmt.Errorf("failed to create release: %w", err) } @@ -127,9 +130,9 @@ func (r *ClusterStackReleaseReconciler) Reconcile(ctx context.Context, req recon csov1alpha1.AssetsClientAPIAvailableCondition, csov1alpha1.FailedCreateAssetsClientReason, clusterv1.ConditionSeverityError, - err.Error(), + "%s", err.Error(), ) - record.Warnf(clusterStackRelease, "FailedCreateAssetsClient", err.Error()) + record.Warn(clusterStackRelease, "FailedCreateAssetsClient", err.Error()) // give the assets client a second change if isSet { diff --git a/pkg/assetsclient/github/client.go b/pkg/assetsclient/github/client.go index 4eb4118d7..4a7e88c51 100644 --- a/pkg/assetsclient/github/client.go +++ b/pkg/assetsclient/github/client.go @@ -77,7 +77,7 @@ func (c *realGhClient) ListRelease(ctx context.Context) ([]string, error) { return nil, fmt.Errorf("failed to list releases: %w", err) } - if response != nil && response.StatusCode != 200 { + if response != nil && response.StatusCode != http.StatusOK { return nil, fmt.Errorf("got unexpected status from call to remote repository: %s", response.Status) }