Upgrade controller-runtime and controller-gen (#464)

* Upgrade controller-runtime and controller-gen

- Change CRD api-version to v1
- Update PROJECT to v3 from v3-alpha
- Update reconciler interface
- Update crds to latest interface
- Replace deprecated fake.NewFakeClient with fake.ClientBuilder

CHANGELOG.md

@@ -1,5 +1,8 @@
 ## UNRELEASED
 
+IMPROVEMENTS:
+* CRDs: update the CRD versions from v1beta1 to v1. [[GH-464](https://github.com/hashicorp/consul-k8s/pull/464)]
+
 ## 0.25.0 (March 18, 2021)
 
 FEATURES:

Makefile

@@ -24,7 +24,7 @@ export GIT_DESCRIBE
 export GOLDFLAGS
 export GOTAGS
 
-CRD_OPTIONS ?= "crd:trivialVersions=true,allowDangerousTypes=true,crdVersions=v1beta1"
+CRD_OPTIONS ?= "crd:trivialVersions=true,allowDangerousTypes=true"
 
 ################
 # CI Variables #
@@ -162,7 +162,7 @@ ifeq (, $(shell which controller-gen))
 	CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
 	cd $$CONTROLLER_GEN_TMP_DIR ;\
 	go mod init tmp ;\
-	go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.0 ;\
+	go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.5.0 ;\
 	rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
 	}
 CONTROLLER_GEN=$(GOBIN)/controller-gen

PROJECT

@@ -2,30 +2,62 @@ domain: hashicorp.com
 layout: go.kubebuilder.io/v2
 repo: github.com/hashicorp/consul-k8s
 resources:
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: IngressGateway
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: ProxyDefaults
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: ServiceIntentions
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: ServiceDefaults
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: ServiceResolver
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: ServiceRouter
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: ServiceSplitter
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-- group: consul
+-
+  controller: true
+  domain: hashicorp.com
+  group: consul
   kind: TerminatingGateway
+  path: github.com/hashicorp/consul-k8s/api/v1alpha1
   version: v1alpha1
-version: 3-alpha
+version: "3"
 plugins:
   go.operator-sdk.io/v2-alpha: {}

api/common/configentry.go

@@ -62,4 +62,9 @@ type ConfigEntryResource interface {
 	// DefaultNamespaceFields sets Consul namespace fields on the config entry
 	// spec to their default values if namespaces are enabled.
 	DefaultNamespaceFields(consulNamespacesEnabled bool, destinationNamespace string, mirroring bool, prefix string)
+
+	// ConfigEntryResource has to implement metav1.Object so that structs
+	// that implement it effectively implement client.Object which is
+	// the interface supported by controller-runtime reconcile-able resources.
+	metav1.Object
 }

api/common/configentry_webhook.go

@@ -8,7 +8,7 @@ import (
 
 	"github.com/go-logr/logr"
 	"gomodules.xyz/jsonpatch/v2"
-	"k8s.io/api/admission/v1beta1"
+	admissionv1 "k8s.io/api/admission/v1"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
@@ -44,7 +44,7 @@ func ValidateConfigEntry(
 	// mapping all kube resources to a single Consul namespace is when we
 	// are running Consul enterprise with namespace mirroring.
 	singleConsulDestNS := !(enableConsulNamespaces && nsMirroring)
-	if req.Operation == v1beta1.Create && singleConsulDestNS {
+	if req.Operation == admissionv1.Create && singleConsulDestNS {
 		logger.Info("validate create", "name", cfgEntry.KubernetesName())
 
 		list, err := configEntryLister.List(ctx)

api/common/configentry_webhook_test.go

@@ -10,11 +10,12 @@ import (
 	capi "github.com/hashicorp/consul/api"
 	"github.com/stretchr/testify/require"
 	"gomodules.xyz/jsonpatch/v2"
-	"k8s.io/api/admission/v1beta1"
+	admissionv1 "k8s.io/api/admission/v1"
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/types"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
@@ -102,10 +103,10 @@ func TestValidateConfigEntry(t *testing.T) {
 				Resources: c.existingResources,
 			}
 			response := ValidateConfigEntry(ctx, admission.Request{
-				AdmissionRequest: v1beta1.AdmissionRequest{
+				AdmissionRequest: admissionv1.AdmissionRequest{
 					Name:      c.newResource.KubernetesName(),
 					Namespace: otherNS,
-					Operation: v1beta1.Create,
+					Operation: admissionv1.Create,
 					Object: runtime.RawExtension{
 						Raw: marshalledRequestObject,
 					},
@@ -159,6 +160,106 @@ type mockConfigEntry struct {
 	Valid         bool
 }
 
+func (in *mockConfigEntry) GetNamespace() string {
+	return in.MockNamespace
+}
+
+func (in *mockConfigEntry) SetNamespace(namespace string) {
+	in.MockNamespace = namespace
+}
+
+func (in *mockConfigEntry) GetName() string {
+	return in.MockName
+}
+
+func (in *mockConfigEntry) SetName(name string) {
+	in.MockName = name
+}
+
+func (in *mockConfigEntry) GetGenerateName() string {
+	return ""
+}
+
+func (in *mockConfigEntry) SetGenerateName(_ string) {}
+
+func (in *mockConfigEntry) GetUID() types.UID {
+	return ""
+}
+
+func (in *mockConfigEntry) SetUID(_ types.UID) {}
+
+func (in *mockConfigEntry) GetResourceVersion() string {
+	return ""
+}
+
+func (in *mockConfigEntry) SetResourceVersion(_ string) {}
+
+func (in *mockConfigEntry) GetGeneration() int64 {
+	return 0
+}
+
+func (in *mockConfigEntry) SetGeneration(_ int64) {}
+
+func (in *mockConfigEntry) GetSelfLink() string {
+	return ""
+}
+
+func (in *mockConfigEntry) SetSelfLink(_ string) {}
+
+func (in *mockConfigEntry) GetCreationTimestamp() metav1.Time {
+	return metav1.Time{}
+}
+
+func (in *mockConfigEntry) SetCreationTimestamp(_ metav1.Time) {}
+
+func (in *mockConfigEntry) GetDeletionTimestamp() *metav1.Time {
+	return nil
+}
+
+func (in *mockConfigEntry) SetDeletionTimestamp(_ *metav1.Time) {}
+
+func (in *mockConfigEntry) GetDeletionGracePeriodSeconds() *int64 {
+	return nil
+}
+
+func (in *mockConfigEntry) SetDeletionGracePeriodSeconds(_ *int64) {}
+
+func (in *mockConfigEntry) GetLabels() map[string]string {
+	return nil
+}
+
+func (in *mockConfigEntry) SetLabels(_ map[string]string) {}
+
+func (in *mockConfigEntry) GetAnnotations() map[string]string {
+	return nil
+}
+
+func (in *mockConfigEntry) SetAnnotations(_ map[string]string) {}
+
+func (in *mockConfigEntry) GetFinalizers() []string {
+	return nil
+}
+
+func (in *mockConfigEntry) SetFinalizers(_ []string) {}
+
+func (in *mockConfigEntry) GetOwnerReferences() []metav1.OwnerReference {
+	return nil
+}
+
+func (in *mockConfigEntry) SetOwnerReferences(_ []metav1.OwnerReference) {}
+
+func (in *mockConfigEntry) GetClusterName() string {
+	return ""
+}
+
+func (in *mockConfigEntry) SetClusterName(_ string) {}
+
+func (in *mockConfigEntry) GetManagedFields() []metav1.ManagedFieldsEntry {
+	return nil
+}
+
+func (in *mockConfigEntry) SetManagedFields(_ []metav1.ManagedFieldsEntry) {}
+
 func (in *mockConfigEntry) KubernetesName() string {
 	return in.MockName
 }

api/v1alpha1/proxydefaults_types.go

@@ -54,6 +54,8 @@ type ProxyDefaultsSpec struct {
 	// Config is an arbitrary map of configuration values used by Connect proxies.
 	// Any values that your proxy allows can be configured globally here.
 	// Supports JSON config values. See https://www.consul.io/docs/connect/proxies/envoy#configuration-formatting
+	// +kubebuilder:validation:Type=object
+	// +kubebuilder:validation:Schemaless
 	Config json.RawMessage `json:"config,omitempty"`
 	// MeshGateway controls the default mesh gateway configuration for this service.
 	MeshGateway MeshGatewayConfig `json:"meshGateway,omitempty"`

api/v1alpha1/proxydefaults_webhook.go

@@ -8,7 +8,7 @@ import (
 	"github.com/go-logr/logr"
 	"github.com/hashicorp/consul-k8s/api/common"
 	capi "github.com/hashicorp/consul/api"
-	"k8s.io/api/admission/v1beta1"
+	admissionv1 "k8s.io/api/admission/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
@@ -41,7 +41,7 @@ func (v *ProxyDefaultsWebhook) Handle(ctx context.Context, req admission.Request
 		return admission.Errored(http.StatusBadRequest, err)
 	}
 
-	if req.Operation == v1beta1.Create {
+	if req.Operation == admissionv1.Create {
 		v.Logger.Info("validate create", "name", proxyDefaults.KubernetesName())
 
 		if proxyDefaults.KubernetesName() != common.Global {

api/v1alpha1/proxydefaults_webhook_test.go

@@ -8,7 +8,7 @@ import (
 	logrtest "github.com/go-logr/logr/testing"
 	"github.com/hashicorp/consul-k8s/api/common"
 	"github.com/stretchr/testify/require"
-	"k8s.io/api/admission/v1beta1"
+	admissionv1 "k8s.io/api/admission/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
@@ -85,7 +85,7 @@ func TestValidateProxyDefault(t *testing.T) {
 			require.NoError(t, err)
 			s := runtime.NewScheme()
 			s.AddKnownTypes(GroupVersion, &ProxyDefaults{}, &ProxyDefaultsList{})
-			client := fake.NewFakeClientWithScheme(s, c.existingResources...)
+			client := fake.NewClientBuilder().WithScheme(s).WithRuntimeObjects(c.existingResources...).Build()
 			decoder, err := admission.NewDecoder(s)
 			require.NoError(t, err)
 
@@ -96,10 +96,10 @@ func TestValidateProxyDefault(t *testing.T) {
 				decoder:      decoder,
 			}
 			response := validator.Handle(ctx, admission.Request{
-				AdmissionRequest: v1beta1.AdmissionRequest{
+				AdmissionRequest: admissionv1.AdmissionRequest{
 					Name:      c.newResource.KubernetesName(),
 					Namespace: otherNS,
-					Operation: v1beta1.Create,
+					Operation: admissionv1.Create,
 					Object: runtime.RawExtension{
 						Raw: marshalledRequestObject,
 					},

api/v1alpha1/serviceintentions_webhook.go

@@ -9,7 +9,7 @@ import (
 	"github.com/go-logr/logr"
 	"github.com/hashicorp/consul-k8s/api/common"
 	capi "github.com/hashicorp/consul/api"
-	"k8s.io/api/admission/v1beta1"
+	admissionv1 "k8s.io/api/admission/v1"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
@@ -50,7 +50,7 @@ func (v *ServiceIntentionsWebhook) Handle(ctx context.Context, req admission.Req
 	}
 
 	singleConsulDestNS := !(v.EnableConsulNamespaces && v.EnableNSMirroring)
-	if req.Operation == v1beta1.Create {
+	if req.Operation == admissionv1.Create {
 		v.Logger.Info("validate create", "name", svcIntentions.KubernetesName())
 
 		if err := v.Client.List(ctx, &svcIntentionsList); err != nil {
@@ -72,7 +72,7 @@ func (v *ServiceIntentionsWebhook) Handle(ctx context.Context, req admission.Req
 					fmt.Errorf("an existing ServiceIntentions resource has `spec.destination.name: %s` and `spec.destination.namespace: %s`", svcIntentions.Spec.Destination.Name, svcIntentions.Spec.Destination.Namespace))
 			}
 		}
-	} else if req.Operation == v1beta1.Update {
+	} else if req.Operation == admissionv1.Update {
 		v.Logger.Info("validate update", "name", svcIntentions.KubernetesName())
 		var prevIntention, newIntention ServiceIntentions
 		if err := v.decoder.DecodeRaw(*req.OldObject.DeepCopy(), &prevIntention); err != nil {