feat: Use kubelet v1 APIs

.github/dependabot.yml

@@ -19,6 +19,9 @@ updates:
       - dependency-name: github.com/docker/docker
         update-types:
           - version-update:semver-major
+      - dependency-name: k8s.io/*
+        update-types:
+          - version-update:semver-minor
 
   - package-ecosystem: "gomod"
     directory: "/credential-providers"

.golangci.yml

@@ -34,6 +34,7 @@ linters:
     - revive
     - staticcheck
     - stylecheck
+    - tagliatelle
     - tenv
     - thelper
     - tparallel
@@ -88,6 +89,9 @@ linters-settings:
             allowFloats: "0.0,0.,1.0,1.,2.0,2."
       - name: argument-limit
         arguments: [4]
+      - name: comment-spacings
+        arguments:
+          - nolint
       - name: cognitive-complexity
         disabled: true
       - name: function-length
@@ -104,6 +108,11 @@ linters-settings:
         arguments: [10]
       - name: function-result-limit
         arguments: [4]
+  tagliatelle:
+    case:
+      use-field-name: true
+      rules:
+        json: camel
 
 issues:
   exclude-rules:

apis/config/v1alpha1/credentialproviderconfig_validation.go

@@ -22,7 +22,8 @@ import (
 
 	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/util/validation/field"
-	"k8s.io/kubelet/config/v1beta1"
+	kubeletconfigv1 "k8s.io/kubelet/config/v1"
+	credentialproviderv1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 	credentialproviderv1alpha1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1"
 	credentialproviderv1beta1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1beta1"
 
@@ -32,14 +33,15 @@ import (
 var APIVersions = map[string]schema.GroupVersion{
 	credentialproviderv1alpha1.SchemeGroupVersion.String(): credentialproviderv1alpha1.SchemeGroupVersion,
 	credentialproviderv1beta1.SchemeGroupVersion.String():  credentialproviderv1beta1.SchemeGroupVersion,
+	credentialproviderv1.SchemeGroupVersion.String():       credentialproviderv1.SchemeGroupVersion,
 }
 
 // validateCredentialProviderConfig validates CredentialProviderConfig.
 // Copied from https://github.com/kubernetes/kubernetes/blob/v1.25.4/pkg/credentialprovider/plugin/config.go#L72-L128.
 //
 //nolint:revive // This is copied as is from upstream so not refactored to reduce cyclomatic complexity.
 func validateCredentialProviderConfig(
-	config *v1beta1.CredentialProviderConfig,
+	config *kubeletconfigv1.CredentialProviderConfig,
 	rootPath *field.Path,
 ) field.ErrorList {
 	allErrs := field.ErrorList{}

apis/config/v1alpha1/credentialproviderconfig_validation_test.go

@@ -22,7 +22,7 @@ import (
 
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/util/validation/field"
-	kubeletconfig "k8s.io/kubelet/config/v1beta1"
+	kubeletconfigv1 "k8s.io/kubelet/config/v1"
 	"k8s.io/kubelet/pkg/apis/credentialprovider/v1alpha1"
 )
 
@@ -38,18 +38,18 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 
 	testcases := []struct {
 		name      string
-		config    *kubeletconfig.CredentialProviderConfig
+		config    *kubeletconfigv1.CredentialProviderConfig
 		shouldErr bool
 	}{
 		{
 			name:      "no providers provided",
-			config:    &kubeletconfig.CredentialProviderConfig{},
+			config:    &kubeletconfigv1.CredentialProviderConfig{},
 			shouldErr: true,
 		},
 		{
 			name: "no matchImages provided",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 dummyName,
 						MatchImages:          []string{},
@@ -62,8 +62,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "no default cache duration provided",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:        dummyName,
 						MatchImages: []string{dummyRegistryDomain},
@@ -75,8 +75,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "name contains '/'",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 "foo/../bar",
 						MatchImages:          []string{dummyRegistryDomain},
@@ -89,8 +89,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "name is '.'",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 ".",
 						MatchImages:          []string{dummyRegistryDomain},
@@ -103,8 +103,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "name is '..'",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 "..",
 						MatchImages:          []string{dummyRegistryDomain},
@@ -117,8 +117,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "name contains spaces",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 "foo bar",
 						MatchImages:          []string{dummyRegistryDomain},
@@ -131,8 +131,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "no apiVersion",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 dummyName,
 						MatchImages:          []string{dummyRegistryDomain},
@@ -145,8 +145,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "invalid apiVersion",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 dummyName,
 						MatchImages:          []string{dummyRegistryDomain},
@@ -159,8 +159,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "negative default cache duration",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 dummyName,
 						MatchImages:          []string{dummyRegistryDomain},
@@ -173,8 +173,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "invalid match image",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 dummyName,
 						MatchImages:          []string{"%invalid%"},
@@ -187,8 +187,8 @@ func Test_validateCredentialProviderConfig(t *testing.T) {
 		},
 		{
 			name: "valid config",
-			config: &kubeletconfig.CredentialProviderConfig{
-				Providers: []kubeletconfig.CredentialProvider{
+			config: &kubeletconfigv1.CredentialProviderConfig{
+				Providers: []kubeletconfigv1.CredentialProvider{
 					{
 						Name:                 dummyName,
 						MatchImages:          []string{dummyRegistryDomain},

apis/config/v1alpha1/dynamiccredentialprovideconfig_types.go

@@ -8,7 +8,7 @@ package v1alpha1
 
 import (
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/kubelet/config/v1beta1"
+	kubeletconfigv1 "k8s.io/kubelet/config/v1"
 )
 
 //nolint:gochecknoinits // init is the convention for registering API types.
@@ -21,17 +21,17 @@ func init() {
 type DynamicCredentialProviderConfig struct {
 	//nolint:revive // inline is not an official json struct tag value, but is required by Kubernetes.
 	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
+	metav1.ObjectMeta `json:"metadata,omitempty"` //nolint:tagliatelle // This is the upstream convention.
 
 	// Mirror is the optional mirror configuration.
 	// +optional
 	Mirror *MirrorConfig `json:"mirror,omitempty"`
 
 	// CredentialProviders holds the configuration for the kubelet credential providers. Embeds the
 	// `CredentialProviderConfig` kind from kubelet config API - see
-	// https://github.com/kubernetes/kubelet/blob/v0.25.4/config/v1beta1/types.go#L921 for info.
+	// https://github.com/kubernetes/kubelet/blob/v0.26.3/config/v1/types.go#L28 for info.
 	// +optional
-	CredentialProviders *v1beta1.CredentialProviderConfig `json:"credentialProviders,omitempty"`
+	CredentialProviders *kubeletconfigv1.CredentialProviderConfig `json:"credentialProviders,omitempty"`
 
 	// CredentialProviderPluginBinDir is the directory where credential provider plugin binaries are located.
 	CredentialProviderPluginBinDir string `json:"credentialProviderPluginBinDir,omitempty"`
@@ -65,5 +65,6 @@ type MirrorConfig struct {
 	// CredentialStrategy specifies what strategy to employ when returning registry credentials.
 	// Defaults to `MirrorCredentialsOnly`.
 	// +optional
+	//nolint:tagliatelle // Prevents stuttering.
 	MirrorCredentialsStrategy MirrorCredentialsStrategy `json:"credentialsStrategy"`
 }

go.mod

@@ -29,12 +29,12 @@ require (
 	golang.org/x/sync v0.1.0
 	gopkg.in/yaml.v3 v3.0.1
 	helm.sh/helm/v3 v3.11.3
-	k8s.io/api v0.26.3
-	k8s.io/apimachinery v0.27.1
-	k8s.io/client-go v0.26.3
+	k8s.io/api v0.26.4
+	k8s.io/apimachinery v0.26.4
+	k8s.io/client-go v0.26.4
 	k8s.io/klog/v2 v2.90.1
-	k8s.io/kubelet v0.26.3
-	k8s.io/utils v0.0.0-20230220204549-a5ecb0141aa5
+	k8s.io/kubelet v0.26.4
+	k8s.io/utils v0.0.0-20230406110748-d93618cff8a2
 	sigs.k8s.io/cli-utils v0.34.0
 	sigs.k8s.io/controller-runtime v0.14.6
 	sigs.k8s.io/kind v0.18.0
@@ -53,7 +53,6 @@ require (
 	github.com/Microsoft/go-winio v0.6.0 // indirect
 	github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 	github.com/chai2010/gettext-go v1.0.2 // indirect
 	github.com/containerd/containerd v1.7.0 // indirect
@@ -63,24 +62,24 @@ require (
 	github.com/docker/docker-credential-helpers v0.7.0 // indirect
 	github.com/docker/go-metrics v0.0.1 // indirect
 	github.com/docker/go-units v0.5.0 // indirect
-	github.com/emicklei/go-restful/v3 v3.10.1 // indirect
+	github.com/emicklei/go-restful/v3 v3.10.2 // indirect
 	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
 	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
 	github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
 	github.com/fatih/color v1.13.0 // indirect
 	github.com/go-errors/errors v1.0.1 // indirect
 	github.com/go-gorp/gorp/v3 v3.0.5 // indirect
-	github.com/go-logr/logr v1.2.3 // indirect
+	github.com/go-logr/logr v1.2.4 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
-	github.com/go-openapi/jsonreference v0.20.1 // indirect
+	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/swag v0.22.3 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/gobwas/glob v0.2.3 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/btree v1.0.1 // indirect
-	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/google/gnostic v0.6.9 // indirect
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
@@ -92,7 +91,7 @@ require (
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/huandu/xstrings v1.4.0 // indirect
-	github.com/imdario/mergo v0.3.13 // indirect
+	github.com/imdario/mergo v0.3.15 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jmoiron/sqlx v1.3.5 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
@@ -123,10 +122,10 @@ require (
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
 	github.com/pkg/errors v0.9.1 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
-	github.com/prometheus/client_golang v1.14.0 // indirect
+	github.com/prometheus/client_golang v1.15.0 // indirect
 	github.com/prometheus/client_model v0.3.0 // indirect
-	github.com/prometheus/common v0.37.0 // indirect
-	github.com/prometheus/procfs v0.8.0 // indirect
+	github.com/prometheus/common v0.42.0 // indirect
+	github.com/prometheus/procfs v0.9.0 // indirect
 	github.com/rubenv/sql-migrate v1.3.1 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/shopspring/decimal v1.3.1 // indirect
@@ -144,25 +143,25 @@ require (
 	go.uber.org/zap v1.24.0 // indirect
 	golang.org/x/crypto v0.5.0 // indirect
 	golang.org/x/mod v0.9.0 // indirect
-	golang.org/x/net v0.8.0 // indirect
-	golang.org/x/oauth2 v0.4.0 // indirect
-	golang.org/x/sys v0.6.0 // indirect
-	golang.org/x/term v0.6.0 // indirect
+	golang.org/x/net v0.9.0 // indirect
+	golang.org/x/oauth2 v0.7.0 // indirect
+	golang.org/x/sys v0.7.0 // indirect
+	golang.org/x/term v0.7.0 // indirect
 	golang.org/x/text v0.9.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
 	golang.org/x/tools v0.7.0 // indirect
 	gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto v0.0.0-20230306155012-7f2fa6fef1f4 // indirect
 	google.golang.org/grpc v1.53.0 // indirect
-	google.golang.org/protobuf v1.28.1 // indirect
+	google.golang.org/protobuf v1.30.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/apiextensions-apiserver v0.26.1 // indirect
-	k8s.io/apiserver v0.26.2 // indirect
+	k8s.io/apiextensions-apiserver v0.26.4 // indirect
+	k8s.io/apiserver v0.26.4 // indirect
 	k8s.io/cli-runtime v0.26.0 // indirect
-	k8s.io/component-base v0.26.3 // indirect
-	k8s.io/kube-openapi v0.0.0-20230308215209-15aac26d736a // indirect
+	k8s.io/component-base v0.26.4 // indirect
+	k8s.io/kube-openapi v0.0.0-20230327201221-f5883ff37f0c // indirect
 	k8s.io/kubectl v0.26.0 // indirect
 	oras.land/oras-go v1.2.2 // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect