Skip to content

Commit

Permalink
refactor: upgrade kubebuilder to 3.11.1
Browse files Browse the repository at this point in the history
Also upgrade:
- kubebuilder plugin go to v4
- k8s libs to 1.27.13
- controller-runtime to 0.15.0
- ginko to 2.15.0
- and more...
  • Loading branch information
plaffitt committed May 22, 2024
1 parent 3879969 commit f22c575
Show file tree
Hide file tree
Showing 60 changed files with 663 additions and 469 deletions.
3 changes: 3 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# More info: https://docs.docker.com/engine/reference/builder/#dockerignore-file
# Ignore build and test binaries.
bin/
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ zz_generated.*

# editor and IDE paraphernalia
.idea
.vscode
*.swp
*.swo
*~
Expand Down
2 changes: 0 additions & 2 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,7 @@ COPY go.sum go.sum
RUN go mod download

# Copy the go source
COPY main.go main.go
COPY api/ api/
COPY controllers/ controllers/
COPY cmd/ cmd/
COPY internal/ internal/

Expand Down
41 changes: 24 additions & 17 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
# Image URL to use all building/pushing image targets
IMG ?= controller:latest
# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
ENVTEST_K8S_VERSION ?= 1.26
ENVTEST_K8S_VERSION ?= 1.27

# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
ifeq (,$(shell go env GOBIN))
Expand All @@ -11,6 +11,12 @@ else
GOBIN=$(shell go env GOBIN)
endif

# CONTAINER_TOOL defines the container tool to be used for building images.
# Be aware that the target commands are only tested with Docker which is
# scaffolded by default. However, you might want to replace it to use other
# tools. (i.e. podman)
CONTAINER_TOOL ?= docker

# Setting SHELL to bash allows bash commands to be executed by recipes.
# Options are set to exit when a recipe line exits non-zero or a piped command fails.
SHELL = /usr/bin/env bash -o pipefail
Expand Down Expand Up @@ -59,26 +65,27 @@ vet: ## Run go vet against code.
.PHONY: test
test: manifests generate fmt vet envtest ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test -v ./... -covermode=count -coverprofile cover.out

##@ Build

.PHONY: build
build: manifests generate fmt vet ## Build manager binary.
go build -o bin/manager main.go
go build -o bin/manager cmd/cache/main.go

.PHONY: run
run: manifests generate fmt vet ## Run a controller from your host.
go run ./main.go
go run ./cmd/cache/main.go

# If you wish built the manager image targeting other platforms you can use the --platform flag.
# (i.e. docker build --platform linux/arm64 ). However, you must enable docker buildKit for it.
# More info: https://docs.docker.com/develop/develop-images/build_enhancements/
.PHONY: docker-build
docker-build: test ## Build docker image with the manager.
docker build -t ${IMG} .
$(CONTAINER_TOOL) build -t ${IMG} .

.PHONY: docker-push
docker-push: ## Push docker image with the manager.
docker push ${IMG}
$(CONTAINER_TOOL) push ${IMG}

# PLATFORMS defines the target platforms for the manager image be build to provide support to multiple
# architectures. (i.e. make docker-buildx IMG=myregistry/mypoperator:0.0.1). To use this option you need to:
Expand All @@ -91,10 +98,10 @@ PLATFORMS ?= linux/arm64,linux/amd64,linux/s390x,linux/ppc64le
docker-buildx: test ## Build and push docker image for the manager for cross-platform support
# copy existing Dockerfile and insert --platform=${BUILDPLATFORM} into Dockerfile.cross, and preserve the original Dockerfile
sed -e '1 s/\(^FROM\)/FROM --platform=\$$\{BUILDPLATFORM\}/; t' -e ' 1,// s//FROM --platform=\$$\{BUILDPLATFORM\}/' Dockerfile > Dockerfile.cross
- docker buildx create --name project-v3-builder
docker buildx use project-v3-builder
- docker buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross .
- docker buildx rm project-v3-builder
- $(CONTAINER_TOOL) buildx create --name project-v3-builder
$(CONTAINER_TOOL) buildx use project-v3-builder
- $(CONTAINER_TOOL) buildx build --push --platform=$(PLATFORMS) --tag ${IMG} -f Dockerfile.cross .
- $(CONTAINER_TOOL) buildx rm project-v3-builder
rm Dockerfile.cross

##@ Deployment
Expand All @@ -105,20 +112,20 @@ endif

.PHONY: install
install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config.
$(KUSTOMIZE) build config/crd | kubectl apply -f -
$(KUSTOMIZE) build config/crd | $(KUBECTL) apply -f -

.PHONY: uninstall
uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
$(KUSTOMIZE) build config/crd | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
$(KUSTOMIZE) build config/crd | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f -

.PHONY: deploy
deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
$(KUSTOMIZE) build config/default | kubectl apply -f -
$(KUSTOMIZE) build config/default | $(KUBECTL) apply -f -

.PHONY: undeploy
undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config. Call with ignore-not-found=true to ignore resource not found errors during deletion.
$(KUSTOMIZE) build config/default | kubectl delete --ignore-not-found=$(ignore-not-found) -f -
$(KUSTOMIZE) build config/default | $(KUBECTL) delete --ignore-not-found=$(ignore-not-found) -f -

##@ Build Dependencies

Expand All @@ -128,23 +135,23 @@ $(LOCALBIN):
mkdir -p $(LOCALBIN)

## Tool Binaries
KUBECTL ?= kubectl
KUSTOMIZE ?= $(LOCALBIN)/kustomize
CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
ENVTEST ?= $(LOCALBIN)/setup-envtest

## Tool Versions
KUSTOMIZE_VERSION ?= v3.8.7
KUSTOMIZE_VERSION ?= v5.0.1
CONTROLLER_TOOLS_VERSION ?= v0.15.0

KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
.PHONY: kustomize
kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. If wrong version is installed, it will be removed before downloading.
$(KUSTOMIZE): $(LOCALBIN)
@if test -x $(LOCALBIN)/kustomize && ! $(LOCALBIN)/kustomize version | grep -q $(KUSTOMIZE_VERSION); then \
echo "$(LOCALBIN)/kustomize version is not expected $(KUSTOMIZE_VERSION). Removing it before installing."; \
rm -rf $(LOCALBIN)/kustomize; \
fi
test -s $(LOCALBIN)/kustomize || { curl -Ss $(KUSTOMIZE_INSTALL_SCRIPT) | bash -s -- $(subst v,,$(KUSTOMIZE_VERSION)) $(LOCALBIN); }
test -s $(LOCALBIN)/kustomize || GOBIN=$(LOCALBIN) GO111MODULE=on go install sigs.k8s.io/kustomize/kustomize/v5@$(KUSTOMIZE_VERSION)

.PHONY: controller-gen
controller-gen: $(CONTROLLER_GEN) ## Download controller-gen locally if necessary. If wrong version is installed, it will be overwritten.
Expand All @@ -155,7 +162,7 @@ $(CONTROLLER_GEN): $(LOCALBIN)
.PHONY: envtest
envtest: $(ENVTEST) ## Download envtest-setup locally if necessary.
$(ENVTEST): $(LOCALBIN)
test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@release-0.17
test -s $(LOCALBIN)/setup-envtest || GOBIN=$(LOCALBIN) go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest

# This is not used for kubebuilder, but to generate the Helm chart template README.
.PHONY: helm-docs
Expand Down
7 changes: 4 additions & 3 deletions PROJECT
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@
# More info: https://book.kubebuilder.io/reference/project-config.html
domain: enix.io
layout:
- go.kubebuilder.io/v3
- go.kubebuilder.io/v4
multigroup: true
projectName: kube-image-keeper
repo: github.com/enix/kube-image-keeper
resources:
Expand All @@ -15,7 +16,7 @@ resources:
domain: enix.io
group: kuik
kind: CachedImage
path: github.com/enix/kube-image-keeper/api/v1alpha1
path: github.com/enix/kube-image-keeper/api/kuik/v1alpha1
version: v1alpha1
webhooks:
defaulting: true
Expand All @@ -35,6 +36,6 @@ resources:
domain: enix.io
group: kuik
kind: Repository
path: github.com/enix/kube-image-keeper/api/v1alpha1
path: github.com/enix/kube-image-keeper/api/kuik/v1alpha1
version: v1alpha1
version: "3"
8 changes: 4 additions & 4 deletions api/v1/pod_webhook.go → api/core/v1/pod_webhook.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import (

_ "crypto/sha256"

"github.com/enix/kube-image-keeper/controllers"
"github.com/enix/kube-image-keeper/internal/controller/core"
"github.com/enix/kube-image-keeper/internal/registry"
"github.com/google/go-containerregistry/pkg/name"
admissionv1 "k8s.io/api/admission/v1"
Expand Down Expand Up @@ -82,10 +82,10 @@ func (a *ImageRewriter) RewriteImages(pod *corev1.Pod, isNewPod bool) []Rewritte
pod.Labels = map[string]string{}
}

rewriteImages := pod.Annotations[controllers.AnnotationRewriteImagesName] == "true" || isNewPod
rewriteImages := pod.Annotations[core.AnnotationRewriteImagesName] == "true" || isNewPod

pod.Labels[controllers.LabelManagedName] = "true"
pod.Annotations[controllers.AnnotationRewriteImagesName] = fmt.Sprintf("%t", rewriteImages)
pod.Labels[core.LabelManagedName] = "true"
pod.Annotations[core.AnnotationRewriteImagesName] = fmt.Sprintf("%t", rewriteImages)

rewrittenImages := []RewrittenImage{}

Expand Down
10 changes: 5 additions & 5 deletions api/v1/pod_webhook_test.go → api/core/v1/pod_webhook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import (
"regexp"
"testing"

"github.com/enix/kube-image-keeper/controllers"
"github.com/enix/kube-image-keeper/internal/controller/core"
"github.com/enix/kube-image-keeper/internal/registry"
. "github.com/onsi/gomega"
corev1 "k8s.io/api/core/v1"
Expand Down Expand Up @@ -43,7 +43,7 @@ func TestRewriteImages(t *testing.T) {
}

ir.RewriteImages(&podStub, false)
g.Expect(podStub.Annotations[controllers.AnnotationRewriteImagesName]).To(Equal("false"))
g.Expect(podStub.Annotations[core.AnnotationRewriteImagesName]).To(Equal("false"))

ir.RewriteImages(&podStub, true)

Expand All @@ -62,7 +62,7 @@ func TestRewriteImages(t *testing.T) {
g.Expect(podStub.Spec.InitContainers).To(Equal(rewrittenInitContainers))
g.Expect(podStub.Spec.Containers).To(Equal(rewrittenContainers))

g.Expect(podStub.Labels[controllers.LabelManagedName]).To(Equal("true"))
g.Expect(podStub.Labels[core.LabelManagedName]).To(Equal("true"))

g.Expect(podStub.Annotations[registry.ContainerAnnotationKey("a", true)]).To(Equal("original-init"))
g.Expect(podStub.Annotations[registry.ContainerAnnotationKey("b", false)]).To(Equal("original"))
Expand All @@ -72,7 +72,7 @@ func TestRewriteImages(t *testing.T) {
g.Expect(podStub.Annotations[registry.ContainerAnnotationKey("f", false)]).To(Equal(""))

ir.RewriteImages(&podStub, false)
g.Expect(podStub.Annotations[controllers.AnnotationRewriteImagesName]).To(Equal("true"))
g.Expect(podStub.Annotations[core.AnnotationRewriteImagesName]).To(Equal("true"))
})
}

Expand Down Expand Up @@ -105,7 +105,7 @@ func TestRewriteImagesWithIgnore(t *testing.T) {
g.Expect(podStub.Spec.InitContainers).To(Equal(rewrittenInitContainers))
g.Expect(podStub.Spec.Containers).To(Equal(rewrittenContainers))

g.Expect(podStub.Labels[controllers.LabelManagedName]).To(Equal("true"))
g.Expect(podStub.Labels[core.LabelManagedName]).To(Equal("true"))

g.Expect(podStub.Annotations[registry.ContainerAnnotationKey("a", true)]).To(Equal(""))
g.Expect(podStub.Annotations[registry.ContainerAnnotationKey("b", false)]).To(Equal(""))
Expand Down
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
File renamed without changes.
26 changes: 14 additions & 12 deletions cmd/cache/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,10 +16,12 @@ import (
"sigs.k8s.io/controller-runtime/pkg/log/zap"
"sigs.k8s.io/controller-runtime/pkg/webhook"

kuikenixiov1 "github.com/enix/kube-image-keeper/api/v1"
kuikv1alpha1 "github.com/enix/kube-image-keeper/api/v1alpha1"
"github.com/enix/kube-image-keeper/controllers"
kuikenixiov1 "github.com/enix/kube-image-keeper/api/core/v1"
kuikv1alpha1 "github.com/enix/kube-image-keeper/api/kuik/v1alpha1"
"github.com/enix/kube-image-keeper/internal"
kuikController "github.com/enix/kube-image-keeper/internal/controller"
"github.com/enix/kube-image-keeper/internal/controller/core"
"github.com/enix/kube-image-keeper/internal/controller/kuik"
"github.com/enix/kube-image-keeper/internal/registry"
"github.com/enix/kube-image-keeper/internal/scheme"
//+kubebuilder:scaffold:imports
Expand Down Expand Up @@ -85,7 +87,7 @@ func main() {
os.Exit(1)
}

if err = (&controllers.CachedImageReconciler{
if err = (&kuik.CachedImageReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
Recorder: mgr.GetEventRecorderFor("cachedimage-controller"),
Expand All @@ -98,7 +100,7 @@ func main() {
setupLog.Error(err, "unable to create controller", "controller", "CachedImage")
os.Exit(1)
}
if err = (&controllers.PodReconciler{
if err = (&core.PodReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
}).SetupWithManager(mgr); err != nil {
Expand All @@ -116,7 +118,7 @@ func main() {
setupLog.Error(err, "unable to create webhook", "webhook", "CachedImage")
os.Exit(1)
}
if err = (&controllers.RepositoryReconciler{
if err = (&kuik.RepositoryReconciler{
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
Recorder: mgr.GetEventRecorderFor("epository-controller"),
Expand All @@ -132,23 +134,23 @@ func main() {
os.Exit(1)
}

if err := mgr.AddHealthzCheck("healthz", controllers.MakeChecker(controllers.Healthz)); err != nil {
if err := mgr.AddHealthzCheck("healthz", kuikController.MakeChecker(kuikController.Healthz)); err != nil {
setupLog.Error(err, "unable to set up health check")
os.Exit(1)
}
if err := mgr.AddReadyzCheck("readyz", controllers.MakeChecker(controllers.Readyz)); err != nil {
if err := mgr.AddReadyzCheck("readyz", kuikController.MakeChecker(kuikController.Readyz)); err != nil {
setupLog.Error(err, "unable to set up ready check")
os.Exit(1)
}

controllers.SetLeader(false)
kuikController.SetLeader(false)
go func() {
<-mgr.Elected()
controllers.SetLeader(true)
kuikController.SetLeader(true)
}()

controllers.ProbeAddr = probeAddr
controllers.RegisterMetrics(mgr.GetClient())
kuikController.ProbeAddr = probeAddr
kuikController.RegisterMetrics(mgr.GetClient())

setupLog.Info("starting manager")
if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil {
Expand Down
8 changes: 6 additions & 2 deletions cmd/proxy/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -59,13 +59,17 @@ func main() {
config, err = clientcmd.BuildConfigFromFlags("", kubeconfig)
}

if err != nil {
panic(err)
}

klog.Info("starting")

httpClient, err := rest.HTTPClientFor(config)
if err != nil {
panic(err)
}

restMapper, err := apiutil.NewDynamicRESTMapper(config, apiutil.WithLazyDiscovery)
restMapper, err := apiutil.NewDynamicRESTMapper(config, httpClient)
if err != nil {
panic(err)
}
Expand Down
18 changes: 9 additions & 9 deletions config/certmanager/certificate.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ apiVersion: cert-manager.io/v1
kind: Issuer
metadata:
labels:
app.kubernetes.io/name: issuer
app.kubernetes.io/instance: selfsigned-issuer
app.kubernetes.io/name: certificate
app.kubernetes.io/instance: serving-cert
app.kubernetes.io/component: certificate
app.kubernetes.io/created-by: kuik
app.kubernetes.io/part-of: kuik
app.kubernetes.io/created-by: kube-image-keeper
app.kubernetes.io/part-of: kube-image-keeper
app.kubernetes.io/managed-by: kustomize
name: selfsigned-issuer
namespace: system
Expand All @@ -23,16 +23,16 @@ metadata:
app.kubernetes.io/name: certificate
app.kubernetes.io/instance: serving-cert
app.kubernetes.io/component: certificate
app.kubernetes.io/created-by: kuik
app.kubernetes.io/part-of: kuik
app.kubernetes.io/created-by: kube-image-keeper
app.kubernetes.io/part-of: kube-image-keeper
app.kubernetes.io/managed-by: kustomize
name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml
namespace: system
spec:
# $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
# SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
dnsNames:
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
- $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
- SERVICE_NAME.SERVICE_NAMESPACE.svc
- SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
issuerRef:
kind: Issuer
name: selfsigned-issuer
Expand Down
10 changes: 1 addition & 9 deletions config/certmanager/kustomizeconfig.yaml
Original file line number Diff line number Diff line change
@@ -1,16 +1,8 @@
# This configuration is for teaching kustomize how to update name ref and var substitution
# This configuration is for teaching kustomize how to update name ref substitution
nameReference:
- kind: Issuer
group: cert-manager.io
fieldSpecs:
- kind: Certificate
group: cert-manager.io
path: spec/issuerRef/name

varReference:
- kind: Certificate
group: cert-manager.io
path: spec/commonName
- kind: Certificate
group: cert-manager.io
path: spec/dnsNames
Loading

0 comments on commit f22c575

Please sign in to comment.