feat: update for Talos 1.5.0

Bump CAPI base version, regen, update the tests.

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>

Makefile

@@ -8,8 +8,9 @@ NAME := cluster-api-control-plane-talos-controller
 WITH_RACE ?= false
 CGO_ENABLED = 0
 TESTPKGS ?= ./controllers/...
-CONTROLLER_GEN_VERSION ?= v0.11.3
-CONVERSION_GEN_VERSION ?= v0.26.0
+
+CONTROLLER_GEN_VERSION ?= v0.12.0
+CONVERSION_GEN_VERSION ?= v0.27.2
 
 ifneq (, $(filter $(WITH_RACE), t true TRUE y yes 1))
 GO_BUILDFLAGS += -race
@@ -21,8 +22,8 @@ GO_LDFLAGS += -s -w
 
 ARTIFACTS := _out
 
-TOOLS ?= ghcr.io/siderolabs/tools:v1.4.0-1-g955aabc
-PKGS ?= v1.4.1-5-ga333a84
+TOOLS ?= ghcr.io/siderolabs/tools:v1.5.0
+PKGS ?= v1.5.0
 
 BUILD := docker buildx build
 PLATFORM ?= linux/amd64
@@ -143,4 +144,4 @@ unit-tests:  ## Performs unit tests
 	@$(MAKE) local-$@ DEST=$(ARTIFACTS)
 
 check-dirty: ## Verifies that source tree is not dirty
-	@if test -n "`git status --porcelain`"; then echo "Source tree is dirty"; git status; exit 1 ; fi
+	@if test -n "`git status --porcelain`"; then echo "Source tree is dirty"; git status; exit 1 ; fi

README.md

@@ -27,21 +27,21 @@ This provider's versions are compatible with the following versions of Cluster A
 
 This provider's versions are able to install and manage the following versions of Kubernetes:
 
-|                                              | v1.16 | v 1.17 | v1.18 | v1.19 | v1.20 | v1.21 | v1.22 | v1.23 | v1.24 | v1.25 | v1.26 | v1.27 |
-| -------------------------------------------  | ----- | ------ | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| Control Plane Provider Talos v1alpha3 (v0.2) | ✓     | ✓      | ✓     | ✓     | ✓     | ✓     |       |       |       |       |       |       |
-| Control Plane Provider Talos v1alpha3 (v0.3) | ✓     | ✓      | ✓     | ✓     | ✓     | ✓     |       |       |       |       |       |       |
-| Control Plane Provider Talos v1alpha3 (v0.4) |       |        |       | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     |       |
-| Control Plane Provider Talos v1alpha3 (v0.5) |       |        |       |       |       |       |       |       |       | ✓     | ✓     | ✓     |
+|                                              | v1.16 | v 1.17 | v1.18 | v1.19 | v1.20 | v1.21 | v1.22 | v1.23 | v1.24 | v1.25 | v1.26 | v1.27 | v1.28 |
+| -------------------------------------------  | ----- | ------ | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
+| Control Plane Provider Talos v1alpha3 (v0.2) | ✓     | ✓      | ✓     | ✓     | ✓     | ✓     |       |       |       |       |       |       |       |
+| Control Plane Provider Talos v1alpha3 (v0.3) | ✓     | ✓      | ✓     | ✓     | ✓     | ✓     |       |       |       |       |       |       |       |
+| Control Plane Provider Talos v1alpha3 (v0.4) |       |        |       | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     |       |       |
+| Control Plane Provider Talos v1alpha3 (v0.5) |       |        |       |       |       |       |       |       |       | ✓     | ✓     | ✓     | ✓     |
 
 This provider's versions are compatible with the following versions of Talos:
 
-|                                              | v0.11 | v0.12  | v0.13 | v0.14 | v1.0  | v1.1  | v1.2  | v1.3  | v1.4  |
-| -------------------------------------------- | ----- | ------ | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
-| Control Plane Provider Talos v1alpha3 (v0.3) | ✓     | ✓      |       |       |       |       |       |       |       |
-| Control Plane Provider Talos v1alpha3 (v0.3) | ✓     | ✓      | ✓     |       |       |       |       |       |       |
-| Control Plane Provider Talos v1alpha3 (v0.4) | ✓     | ✓      | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     |       |
-| Control Plane Provider Talos v1alpha3 (v0.5) |       |        |       |       |       |       |       | ✓     | ✓     |
+|                                              | v0.11 | v0.12  | v0.13 | v0.14 | v1.0  | v1.1  | v1.2  | v1.3  | v1.4  | v1.5  |
+| -------------------------------------------- | ----- | ------ | ----- | ----- | ----- | ----- | ----- | ----- | ----- | ----- |
+| Control Plane Provider Talos v1alpha3 (v0.3) | ✓     | ✓      |       |       |       |       |       |       |       |       |
+| Control Plane Provider Talos v1alpha3 (v0.3) | ✓     | ✓      | ✓     |       |       |       |       |       |       |       |
+| Control Plane Provider Talos v1alpha3 (v0.4) | ✓     | ✓      | ✓     | ✓     | ✓     | ✓     | ✓     | ✓     |       |       |
+| Control Plane Provider Talos v1alpha3 (v0.5) |       |        |       |       |       |       |       | ✓     | ✓     | ✓     |
 
 ## Building and Installing
 

api/v1alpha3/taloscontrolplane_webhook.go

@@ -15,6 +15,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
+	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
 // SetupWebhookWithManager implements webhook methods.
@@ -74,25 +75,25 @@ func defaultRolloutStrategy(rolloutStrategy *RolloutStrategy) *RolloutStrategy {
 }
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *TalosControlPlane) ValidateCreate() error {
+func (r *TalosControlPlane) ValidateCreate() (admission.Warnings, error) {
 	return r.validate()
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *TalosControlPlane) ValidateUpdate(old runtime.Object) error {
+func (r *TalosControlPlane) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
 	return r.validate()
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *TalosControlPlane) ValidateDelete() error {
-	return nil
+func (r *TalosControlPlane) ValidateDelete() (admission.Warnings, error) {
+	return nil, nil
 }
 
-func (r *TalosControlPlane) validate() error {
+func (r *TalosControlPlane) validate() (admission.Warnings, error) {
 	var allErrs field.ErrorList
 
 	if r.Spec.RolloutStrategy == nil {
-		return nil
+		return nil, nil
 	}
 
 	switch r.Spec.RolloutStrategy.Type {
@@ -108,10 +109,10 @@ func (r *TalosControlPlane) validate() error {
 	}
 
 	if len(allErrs) == 0 {
-		return nil
+		return nil, nil
 	}
 
-	return apierrors.NewInvalid(
+	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: GroupVersion.Group, Kind: "TalosControlPlane"},
 		r.Name, allErrs)
 }

config/crd/bases/controlplane.cluster.x-k8s.io_taloscontrolplanes.yaml

@@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.11.3
-  creationTimestamp: null
+    controller-gen.kubebuilder.io/version: v0.12.0
   name: taloscontrolplanes.controlplane.cluster.x-k8s.io
 spec:
   group: controlplane.cluster.x-k8s.io

config/rbac/role.yaml

@@ -2,7 +2,6 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  creationTimestamp: null
   name: manager-role
 rules:
 - apiGroups:
@@ -66,7 +65,6 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
-  creationTimestamp: null
   name: manager-role
   namespace: kube-system
 rules:

config/webhook/manifests.yaml

@@ -2,7 +2,6 @@
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:
-  creationTimestamp: null
   name: mutating-webhook-configuration
 webhooks:
 - admissionReviewVersions:
@@ -31,7 +30,6 @@ webhooks:
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
 metadata:
-  creationTimestamp: null
   name: validating-webhook-configuration
 webhooks:
 - admissionReviewVersions:

controllers/controllers_test.go

@@ -13,7 +13,8 @@ import (
 	bootstrapv1alpha3 "github.com/siderolabs/cluster-api-bootstrap-provider-talos/api/v1alpha3"
 	"github.com/siderolabs/talos/pkg/machinery/api/common"
 	"github.com/siderolabs/talos/pkg/machinery/api/machine"
-	"github.com/siderolabs/talos/pkg/machinery/config/types/v1alpha1/generate"
+	"github.com/siderolabs/talos/pkg/machinery/config"
+	"github.com/siderolabs/talos/pkg/machinery/config/generate/secrets"
 	"github.com/stretchr/testify/suite"
 	"golang.org/x/sync/errgroup"
 	corev1 "k8s.io/api/core/v1"
@@ -38,7 +39,7 @@ type ControllersSuite struct {
 	suite.Suite
 
 	machineServices map[string]*machineService
-	secretsBundle   *generate.SecretsBundle
+	secretsBundle   *secrets.Bundle
 	ctx             context.Context
 	cancel          context.CancelFunc
 }
@@ -48,7 +49,7 @@ func (suite *ControllersSuite) SetupSuite() {
 
 	suite.ctx, suite.cancel = context.WithTimeout(context.Background(), time.Minute*10)
 
-	suite.secretsBundle, err = generate.NewSecretsBundle(generate.NewClock(), generate.WithEndpointList([]string{"127.0.0.1"}))
+	suite.secretsBundle, err = secrets.NewBundle(secrets.NewFixedClock(time.Now()), config.TalosVersionCurrent)
 	suite.Require().NoError(err)
 
 	suite.machineServices = map[string]*machineService{}
@@ -91,7 +92,7 @@ func (suite *ControllersSuite) TestClusterToTalosControlPlane() {
 
 	r := newReconciler(fakeClient)
 
-	got := r.ClusterToTalosControlPlane(cluster)
+	got := r.ClusterToTalosControlPlane(context.Background(), cluster)
 	g.Expect(got).To(Equal(expectedResult))
 }
 
@@ -103,7 +104,7 @@ func (suite *ControllersSuite) TestClusterToTalosControlPlaneNoControlPlane() {
 
 	cluster := newCluster(&types.NamespacedName{Name: "foo", Namespace: metav1.NamespaceDefault})
 
-	got := r.ClusterToTalosControlPlane(cluster)
+	got := r.ClusterToTalosControlPlane(context.Background(), cluster)
 	g.Expect(got).To(BeNil())
 }
 
@@ -122,10 +123,11 @@ func (suite *ControllersSuite) TestClusterToTalosControlPlaneOtherControlPlane()
 	}
 
 	r := &controllers.TalosControlPlaneReconciler{
-		Client: fakeClient,
+		Client:    fakeClient,
+		APIReader: fakeClient,
 	}
 
-	got := r.ClusterToTalosControlPlane(cluster)
+	got := r.ClusterToTalosControlPlane(context.Background(), cluster)
 	g.Expect(got).To(BeNil())
 }
 
@@ -154,11 +156,12 @@ func (suite *ControllersSuite) TestReconcilePaused() {
 		},
 	}
 	tcp.Default()
-	g.Expect(tcp.ValidateCreate()).To(Succeed())
+	_, err := tcp.ValidateCreate()
+	g.Expect(err).To(Succeed())
 	fakeClient := newFakeClient(tcp.DeepCopy(), cluster.DeepCopy())
 	r := newReconciler(fakeClient)
 
-	_, err := r.Reconcile(suite.ctx, ctrl.Request{NamespacedName: util.ObjectKey(tcp)})
+	_, err = r.Reconcile(suite.ctx, ctrl.Request{NamespacedName: util.ObjectKey(tcp)})
 	g.Expect(err).NotTo(HaveOccurred())
 
 	machineList := &clusterv1.MachineList{}
@@ -203,7 +206,8 @@ func (suite *ControllersSuite) TestReconcileClusterNoEndpoints() {
 	}
 
 	tcp.Default()
-	g.Expect(tcp.ValidateCreate()).To(Succeed())
+	_, err := tcp.ValidateCreate()
+	g.Expect(err).To(Succeed())
 
 	ca := corev1.Secret{
 		TypeMeta: metav1.TypeMeta{

controllers/helpers_test.go

@@ -14,18 +14,18 @@ import (
 	"os"
 	"strings"
 	"sync"
-	"time"
 
 	"github.com/gobuffalo/flect"
 	"github.com/pkg/errors"
 	bootstrapv1alpha3 "github.com/siderolabs/cluster-api-bootstrap-provider-talos/api/v1alpha3"
 	"github.com/siderolabs/crypto/tls"
 	"github.com/siderolabs/crypto/x509"
-	"github.com/siderolabs/talos/pkg/grpc/gen"
+	"github.com/siderolabs/gen/slices"
 	"github.com/siderolabs/talos/pkg/machinery/api/common"
 	"github.com/siderolabs/talos/pkg/machinery/api/machine"
 	"github.com/siderolabs/talos/pkg/machinery/api/storage"
-	"github.com/siderolabs/talos/pkg/machinery/config/types/v1alpha1/generate"
+	"github.com/siderolabs/talos/pkg/machinery/config/generate"
+	"github.com/siderolabs/talos/pkg/machinery/config/generate/secrets"
 	"github.com/siderolabs/talos/pkg/machinery/constants"
 	"github.com/siderolabs/talos/pkg/machinery/proto"
 	"google.golang.org/grpc"
@@ -34,7 +34,6 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/anypb"
 	"google.golang.org/protobuf/types/known/emptypb"
-	"gopkg.in/typ.v4/slices"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
@@ -95,19 +94,18 @@ func newReconciler(client client.Client, opts ...reconcilerOption) *controllers.
 }
 
 func newFakeClient(initObjs ...client.Object) client.Client {
-	return &fakeClient{
-		startTime: time.Now(),
-		Client:    fake.NewClientBuilder().WithObjects(initObjs...).WithScheme(fakeScheme).Build(),
-	}
-}
-
-type fakeClient struct {
-	startTime time.Time
-	mux       sync.Mutex
-	client.Client
+	return fake.NewClientBuilder().
+		WithObjects(initObjs...).
+		WithScheme(fakeScheme).
+		WithStatusSubresource(
+			&clusterv1.Cluster{},
+			&clusterv1.Machine{},
+			&controlplanev1.TalosControlPlane{},
+		).
+		Build()
 }
 
-func createSecrets(ctx context.Context, obj client.Client, cluster *clusterv1.Cluster, secretsBundle *generate.SecretsBundle, machineAddress string) error {
+func createSecrets(ctx context.Context, obj client.Client, cluster *clusterv1.Cluster, secretsBundle *secrets.Bundle, machineAddress string) error {
 	ca := &corev1.Secret{
 		TypeMeta: metav1.TypeMeta{
 			Kind:       "Secret",
@@ -123,12 +121,12 @@ func createSecrets(ctx context.Context, obj client.Client, cluster *clusterv1.Cl
 		return err
 	}
 
-	input, err := generate.NewInput(cluster.Name, "https://localhost:6443", constants.DefaultKubernetesVersion, secretsBundle)
+	input, err := generate.NewInput(cluster.Name, "https://localhost:6443", constants.DefaultKubernetesVersion, generate.WithSecretsBundle(secretsBundle))
 	if err != nil {
 		return err
 	}
 
-	config, err := generate.Talosconfig(input)
+	config, err := input.Talosconfig()
 	if err != nil {
 		return err
 	}
@@ -330,7 +328,7 @@ func generateCRD(gvk schema.GroupVersionKind, properties map[string]apiextension
 	}
 }
 
-func startMachineServer(ctx context.Context, secretsBundle *generate.SecretsBundle) (*machineService, string, error) {
+func startMachineServer(ctx context.Context, secretsBundle *secrets.Bundle) (*machineService, string, error) {
 	listener, err := net.Listen("tcp", "localhost:0")
 	if err != nil {
 		return nil, "", err
@@ -344,7 +342,7 @@ func startMachineServer(ctx context.Context, secretsBundle *generate.SecretsBund
 
 	var generator tls.Generator
 
-	generator, err = gen.NewLocalGenerator(ca.Key, ca.Crt)
+	generator, err = NewLocalGenerator(ca.Key, ca.Crt)
 	if err != nil {
 		return nil, "", err
 	}

controllers/taloscontrolplane_controller.go

@@ -48,7 +48,6 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/controller"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/handler"
-	"sigs.k8s.io/controller-runtime/pkg/source"
 
 	controlplanev1 "github.com/siderolabs/cluster-api-control-plane-provider-talos/api/v1alpha3"
 )
@@ -69,7 +68,7 @@ func (r *TalosControlPlaneReconciler) SetupWithManager(mgr ctrl.Manager, options
 		For(&controlplanev1.TalosControlPlane{}).
 		Owns(&clusterv1.Machine{}).
 		Watches(
-			&source.Kind{Type: &clusterv1.Cluster{}},
+			&clusterv1.Cluster{},
 			handler.EnqueueRequestsFromMapFunc(r.ClusterToTalosControlPlane),
 		).
 		WithOptions(options).
@@ -174,7 +173,7 @@ func (r *TalosControlPlaneReconciler) Reconcile(ctx context.Context, req ctrl.Re
 			}
 		}
 
-		r.Log.Info("successfully updated control plane status")
+		logger.Info("successfully updated control plane status")
 	}()
 
 	if !tcp.ObjectMeta.DeletionTimestamp.IsZero() {
@@ -252,7 +251,7 @@ func (r *TalosControlPlaneReconciler) reconcile(ctx context.Context, cluster *cl
 
 // ClusterToTalosControlPlane is a handler.ToRequestsFunc to be used to enqueue requests for reconciliation
 // for TalosControlPlane based on updates to a Cluster.
-func (r *TalosControlPlaneReconciler) ClusterToTalosControlPlane(o client.Object) []ctrl.Request {
+func (r *TalosControlPlaneReconciler) ClusterToTalosControlPlane(_ context.Context, o client.Object) []ctrl.Request {
 	c, ok := o.(*clusterv1.Cluster)
 	if !ok {
 		r.Log.Error(nil, fmt.Sprintf("expected a Cluster but got a %T", o))