Upgrade to latest SDK

openshift · Sep 7, 2021 · cbebd56 · cbebd56
1 parent 82bac80
commit cbebd56
Show file tree

Hide file tree

Showing 12 changed files with 489 additions and 367 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM quay.io/bitnami/golang:1.13 as builder
+FROM quay.io/bitnami/golang:1.16 as builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests

diff --git a/Makefile b/Makefile
@@ -1,7 +1,8 @@
 # Current Operator version
 VERSION ?= 1.0.0
 # Default bundle image tag
-BUNDLE_IMG ?= controller-bundle:$(VERSION)
+IMAGE_TAG_BASE ?= quay.io/openshift_sandboxed_containers/openshift-sandboxed-containers-operator
+BUNDLE_IMG ?= $(IMAGE_TAG_BASE)-bundle:v$(VERSION)
 # Options for 'bundle-build'
 ifneq ($(origin CHANNELS), undefined)
 BUNDLE_CHANNELS := --channels=$(CHANNELS)
@@ -16,21 +17,27 @@ IMG ?= quay.io/openshift_sandboxed_containers/openshift-sandboxed-containers-ope
 # Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
 CRD_OPTIONS ?= "crd:trivialVersions=true"
 
+# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
+ENVTEST_K8S_VERSION = 1.21
+
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
 GOBIN=$(shell go env GOPATH)/bin
 else
 GOBIN=$(shell go env GOBIN)
 endif
 
+# Setting SHELL to bash allows bash commands to be executed by recipes.
+# This is a requirement for 'setup-envtest.sh' in the test target.
+# Options are set to exit when a recipe line exits non-zero or a piped command fails.
+SHELL = /usr/bin/env bash -o pipefail
+.SHELLFLAGS = -ec
+
 all: manager
 
 # Run tests
-ENVTEST_ASSETS_DIR=$(shell pwd)/testbin
-test: generate fmt vet manifests
-	mkdir -p ${ENVTEST_ASSETS_DIR}
-	test -f ${ENVTEST_ASSETS_DIR}/setup-envtest.sh || curl -sSLo ${ENVTEST_ASSETS_DIR}/setup-envtest.sh https://raw.githubusercontent.com/kubernetes-sigs/controller-runtime/master/hack/setup-envtest.sh
-	source ${ENVTEST_ASSETS_DIR}/setup-envtest.sh; fetch_envtest_tools $(ENVTEST_ASSETS_DIR); setup_envtest_env $(ENVTEST_ASSETS_DIR); go test -v ./... -coverprofile cover.out -args -ginkgo.v
+test: manifests generate fmt vet envtest ## Run tests.
+        KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test -v ./... -coverprofile cover.out -args -ginkgo.v
 
 # Build manager binary
 manager: generate fmt vet
@@ -85,37 +92,33 @@ podman-build: test
 podman-push:
 	podman push ${IMG}
 
-# find or download controller-gen
-# download controller-gen if necessary
-controller-gen:
-ifeq (, $(shell which controller-gen))
-	@{ \
-	set -e ;\
-	CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
-	cd $$CONTROLLER_GEN_TMP_DIR ;\
-	go mod init tmp ;\
-	go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.3.0 ;\
-	rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
-	}
-CONTROLLER_GEN=$(GOBIN)/controller-gen
-else
-CONTROLLER_GEN=$(shell which controller-gen)
-endif
 
-kustomize:
-ifeq (, $(shell which kustomize))
-	@{ \
-	set -e ;\
-	KUSTOMIZE_GEN_TMP_DIR=$$(mktemp -d) ;\
-	cd $$KUSTOMIZE_GEN_TMP_DIR ;\
-	go mod init tmp ;\
-	go get sigs.k8s.io/kustomize/kustomize/v3@v3.5.4 ;\
-	rm -rf $$KUSTOMIZE_GEN_TMP_DIR ;\
-	}
-KUSTOMIZE=$(GOBIN)/kustomize
-else
-KUSTOMIZE=$(shell which kustomize)
-endif
+CONTROLLER_GEN = $(shell pwd)/bin/controller-gen
+controller-gen: ## Download controller-gen locally if necessary.
+        $(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.6.1)
+
+KUSTOMIZE = $(shell pwd)/bin/kustomize
+kustomize: ## Download kustomize locally if necessary.
+        $(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.8.7)
+
+ENVTEST = $(shell pwd)/bin/setup-envtest
+envtest: ## Download envtest-setup locally if necessary.
+        $(call go-get-tool,$(ENVTEST),sigs.k8s.io/controller-runtime/tools/setup-envtest@latest)
+
+# go-get-tool will 'go get' any package $2 and install it to $1.
+PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
+define go-get-tool
+@[ -f $(1) ] || { \
+set -e ;\
+TMP_DIR=$$(mktemp -d) ;\
+cd $$TMP_DIR ;\
+go mod init tmp ;\
+echo "Downloading $(2)" ;\
+GOBIN=$(PROJECT_DIR)/bin go get $(2) ;\
+rm -rf $$TMP_DIR ;\
+}
+endef
+
 
 # Generate bundle manifests and metadata, then validate generated files.
 .PHONY: bundle
@@ -129,3 +132,30 @@ bundle: manifests
 .PHONY: bundle-build
 bundle-build:
 	podman build --squash-all --no-cache -f bundle.Dockerfile -t $(BUNDLE_IMG) .
+
+.PHONY: opm
+OPM = ./bin/opm
+opm:
+ifeq (,$(wildcard $(OPM)))
+ifeq (,$(shell which opm 2>/dev/null))
+	@{ \
+	set -e ;\
+	mkdir -p $(dir $(OPM)) ;\
+        OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \
+	curl -sSLo $(OPM) https://github.com/operator-framework/operator-registry/releases/download/v1.15.1/$(OS)-$(ARCH)-opm ;\
+	chmod +x $(OPM) ;\
+	}
+else 
+OPM = $(shell which opm)
+endif
+endif
+BUNDLE_IMGS ?= $(BUNDLE_IMG) 
+CATALOG_IMG ?= $(IMAGE_TAG_BASE)-catalog:v$(VERSION) ifneq ($(origin CATALOG_BASE_IMG), undefined) FROM_INDEX_OPT := --from-index $(CATALOG_BASE_IMG) endif 
+
+.PHONY: catalog-build
+catalog-build: opm
+	$(OPM) index add --container-tool docker --mode semver --tag $(CATALOG_IMG) --bundles $(BUNDLE_IMGS) $(FROM_INDEX_OPT)
+
+.PHONY: catalog-push
+catalog-push: ## Push the catalog image.
+	$(MAKE) docker-push IMG=$(CATALOG_IMG)
diff --git a/PROJECT b/PROJECT
@@ -1,8 +1,9 @@
 domain: kataconfiguration.openshift.io
 layout:
-- go.kubebuilder.io/v2
+- go.kubebuilder.io/v3
 plugins:
-  go.sdk.operatorframework.io/v2-alpha: {}
+  manifests.sdk.operatorframework.io/v2: {}
+  scorecard.sdk.operatorframework.io/v2: {}
 projectName: sandboxed-containers-operator
 repo: github.com/openshift/sandboxed-containers-operator
 resources:
@@ -14,5 +15,5 @@ resources:
   version: v1
   webhooks:
     validation: true
-    webhookVersion: v1beta1
+    webhookVersion: v1
 version: "3"
diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml
@@ -10,16 +10,17 @@ spec:
     spec:
       containers:
       - name: kube-rbac-proxy
-        image: gcr.io/kubebuilder/kube-rbac-proxy@sha256:e10d1d982dd653db74ca87a1d1ad017bc5ef1aeb651bdea089debf16485b080b
+        image: gcr.io/kubebuilder/kube-rbac-proxy@sha256:db06cc4c084dd0253134f156dddaaf53ef1c3fb3cc809e5d81711baa4029ea4c
         args:
         - "--secure-listen-address=0.0.0.0:8443"
         - "--upstream=http://127.0.0.1:8080/"
         - "--logtostderr=true"
         - "--v=10"
         ports:
         - containerPort: 8443
+          protocol: TCP
           name: https
       - name: manager
         args:
-        - "--metrics-addr=127.0.0.1:8080"
-        - "--enable-leader-election"
+        - "--metrics-bind-address=127.0.0.1:8080"
+        - "--leader-elect"
diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml
@@ -49,8 +49,8 @@ spec:
         imagePullPolicy: Always
         resources:
           limits:
-            cpu: 100m
-            memory: 50Mi
+            cpu: 200m
+            memory: 100Mi
           requests:
             cpu: 100m
             memory: 40Mi

diff --git a/config/rbac/auth_proxy_service.yaml b/config/rbac/auth_proxy_service.yaml
@@ -9,6 +9,7 @@ spec:
   ports:
   - name: https
     port: 8443
+    protocol: TCP
     targetPort: https
   selector:
     control-plane: controller-manager
diff --git a/config/webhook/service.yaml b/config/webhook/service.yaml
@@ -7,6 +7,7 @@ metadata:
 spec:
   ports:
     - port: 443
+      protocol: TCP
       targetPort: 9443
   selector:
     control-plane: controller-manager
diff --git a/controllers/common.go b/controllers/common.go
@@ -1,7 +1,9 @@
 package controllers
 
 const (
-	kataConfigFinalizer = "finalizer.kataconfiguration.openshift.io"
+        // https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.4.0/
+        // https://kubernetes.io/docs/tasks/extend-kubernetes/custom-resources/custom-resource-definitions/#finalizers
+	kataConfigFinalizer = "kataconfiguration.openshift.io/finalizer"
 )
 
 func contains(list []string, s string) bool {

diff --git a/controllers/openshift_controller.go b/controllers/openshift_controller.go
@@ -65,8 +65,7 @@ type KataConfigOpenShiftReconciler struct {
 // +kubebuilder:rbac:groups=config.openshift.io,resources=clusterversions,verbs=get
 // +kubebuilder:rbac:groups="";machineconfiguration.openshift.io,resources=nodes;machineconfigs;machineconfigpools;pods;services;services/finalizers;endpoints;persistentvolumeclaims;events;configmaps;secrets,verbs=get;list;watch;create;update;patch;delete
 
-func (r *KataConfigOpenShiftReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
-	_ = context.Background()
+func (r *KataConfigOpenShiftReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	_ = r.Log.WithValues("kataconfig", req.NamespacedName)
 	r.Log.Info("Reconciling KataConfig in OpenShift Cluster")
 
@@ -552,29 +551,33 @@ func (r *KataConfigOpenShiftReconciler) createExtensionMc(machinePool string) (c
 	return ctrl.Result{}, nil, false
 }
 
+func (r *KataConfigOpenShiftReconciler) mapKataConfigToRequests(kataConfigObj client.Object) []reconcile.Request {
+
+         kataConfigList := &kataconfigurationv1.KataConfigList{}
+
+         err := r.Client.List(context.TODO(), kataConfigList)
+         if err != nil {
+               return []reconcile.Request{}
+         }
+
+	reconcileRequests := make([]reconcile.Request, len(kataConfigList.Items))
+	for _, kataconfig := range kataConfigList.Items {
+		reconcileRequests = append(reconcileRequests, reconcile.Request{
+			NamespacedName: types.NamespacedName{
+				Name: kataconfig.Name,
+			},
+		})
+	}
+	return reconcileRequests
+}
+
+
 func (r *KataConfigOpenShiftReconciler) SetupWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewControllerManagedBy(mgr).
 		For(&kataconfigurationv1.KataConfig{}).
-		Watches(&source.Kind{Type: &mcfgv1.MachineConfigPool{}}, &handler.EnqueueRequestsFromMapFunc{
-			ToRequests: handler.ToRequestsFunc(func(kataConfigObj handler.MapObject) []reconcile.Request {
-				kataConfigList := &kataconfigurationv1.KataConfigList{}
-
-				err := r.Client.List(context.TODO(), kataConfigList)
-				if err != nil {
-					return []reconcile.Request{}
-				}
-
-				reconcileRequests := make([]reconcile.Request, len(kataConfigList.Items))
-				for _, kataconfig := range kataConfigList.Items {
-					reconcileRequests = append(reconcileRequests, reconcile.Request{
-						NamespacedName: types.NamespacedName{
-							Name: kataconfig.Name,
-						},
-					})
-				}
-				return reconcileRequests
-			}),
-		}).
+		Watches(
+                        &source.Kind{Type: &mcfgv1.MachineConfigPool{}}, 
+                        handler.EnqueueRequestsFromMapFunc(r.mapKataConfigToRequests)).
 		Complete(r)
 }
 

diff --git a/go.mod b/go.mod
@@ -1,24 +1,21 @@
 module github.com/openshift/sandboxed-containers-operator
 
-go 1.13
+go 1.16
 
 require (
-	github.com/ajeddeloh/go-json v0.0.0-20200220154158-5ae607161559 // indirect
-	github.com/coreos/ignition v0.35.0
 	github.com/coreos/ignition/v2 v2.9.0
-	github.com/go-logr/logr v0.2.1
-	github.com/go-logr/zapr v0.2.0 // indirect
-	github.com/monopole/mdrip v1.0.1
-	github.com/onsi/ginkgo v1.12.1
-	github.com/onsi/gomega v1.10.1
+	github.com/go-logr/logr v0.4.0
+	github.com/onsi/ginkgo v1.16.4
+	github.com/onsi/gomega v1.13.0
 	github.com/openshift/machine-config-operator v0.0.1-0.20200918082730-c08c048584ef
 	github.com/vincent-petithory/dataurl v0.0.0-20191104211930-d1553a71de50 // indirect
-	go4.org v0.0.0-20200411211856-f5505b9728dd // indirect
-	k8s.io/api v0.19.0
-	k8s.io/apimachinery v0.19.0
-	k8s.io/client-go v0.19.0
-	k8s.io/kubernetes v0.19.0
-	sigs.k8s.io/controller-runtime v0.6.3
+	k8s.io/api v0.21.2
+	k8s.io/apimachinery v0.21.2
+	k8s.io/client-go v0.21.2
+	k8s.io/klog v0.2.0 // indirect
+	k8s.io/kubernetes v0.21.2
+	sigs.k8s.io/controller-runtime v0.9.2
+	sigs.k8s.io/controller-tools v0.6.1 // indirect
 )
 
 replace (
@@ -28,26 +25,29 @@ replace (
 	github.com/openshift/api => github.com/openshift/api v0.0.0-20200916161728-83f0cb093902
 
 	// So that we can import MCO
-	k8s.io/api => k8s.io/api v0.19.0
-	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.19.0
-	k8s.io/apimachinery => k8s.io/apimachinery v0.19.0
-	k8s.io/apiserver => k8s.io/apiserver v0.19.0
-	k8s.io/cli-runtime => k8s.io/cli-runtime v0.19.0
-	k8s.io/client-go => k8s.io/client-go v0.19.0
-	k8s.io/cloud-provider => k8s.io/cloud-provider v0.19.0
-	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.19.0
-	k8s.io/code-generator => k8s.io/code-generator v0.19.0
-	k8s.io/component-base => k8s.io/component-base v0.19.0
-	k8s.io/cri-api => k8s.io/cri-api v0.19.0
-	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.19.0
-	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.19.0
-	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.19.0
-	k8s.io/kube-proxy => k8s.io/kube-proxy v0.19.0
-	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.19.0
-	k8s.io/kubectl => k8s.io/kubectl v0.19.0
-	k8s.io/kubelet => k8s.io/kubelet v0.19.0
-	k8s.io/kubernetes => k8s.io/kubernetes v1.18.0
-	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.19.0
-	k8s.io/metrics => k8s.io/metrics v0.19.0
-	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.19.0
+	k8s.io/api => k8s.io/api v0.21.2
+	k8s.io/apiextensions-apiserver => k8s.io/apiextensions-apiserver v0.21.2
+	k8s.io/apimachinery => k8s.io/apimachinery v0.21.2
+	k8s.io/apiserver => k8s.io/apiserver v0.21.2
+	k8s.io/cli-runtime => k8s.io/cli-runtime v0.21.2
+	k8s.io/client-go => k8s.io/client-go v0.21.2
+	k8s.io/cloud-provider => k8s.io/cloud-provider v0.21.2
+	k8s.io/cluster-bootstrap => k8s.io/cluster-bootstrap v0.21.2
+	k8s.io/code-generator => k8s.io/code-generator v0.21.2
+	k8s.io/component-base => k8s.io/component-base v0.21.2
+	k8s.io/component-helpers => k8s.io/component-helpers v0.21.2
+	k8s.io/controller-manager => k8s.io/controller-manager v0.21.2
+	k8s.io/cri-api => k8s.io/cri-api v0.21.2
+	k8s.io/csi-translation-lib => k8s.io/csi-translation-lib v0.21.2
+	k8s.io/kube-aggregator => k8s.io/kube-aggregator v0.21.2
+	k8s.io/kube-controller-manager => k8s.io/kube-controller-manager v0.21.2
+	k8s.io/kube-proxy => k8s.io/kube-proxy v0.21.2
+	k8s.io/kube-scheduler => k8s.io/kube-scheduler v0.21.2
+	k8s.io/kubectl => k8s.io/kubectl v0.21.2
+	k8s.io/kubelet => k8s.io/kubelet v0.21.2
+	k8s.io/kubernetes => k8s.io/kubernetes v1.21.2
+	k8s.io/legacy-cloud-providers => k8s.io/legacy-cloud-providers v0.21.2
+	k8s.io/metrics => k8s.io/metrics v0.21.2
+	k8s.io/mount-utils => k8s.io/mount-utils v0.21.2
+	k8s.io/sample-apiserver => k8s.io/sample-apiserver v0.21.2
 )