Skip to content

Commit

Permalink
chore: merge go gump
Browse files Browse the repository at this point in the history
  • Loading branch information
oliverbaehler committed May 14, 2024
2 parents 1cd25c2 + daa28b4 commit 1897a28
Show file tree
Hide file tree
Showing 74 changed files with 2,932 additions and 1,754 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/check-actions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Ensure SHA pinned actions
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@19ebcb0babbd282ae1822a0b9c28f3f1f25cea45 # v3.0.4
uses: zgosalvez/github-actions-ensure-sha-pinned-actions@40e45e738b3cad2729f599d8afc6ed02184e1dbd # v3.0.5
with:
# slsa-github-generator requires using a semver tag for reusable workflows.
# See: https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/check-commit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
commit_lint:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- uses: wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2 #v6.0.1
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/codecov.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
Expand All @@ -31,7 +31,7 @@ jobs:
run: make test
- name: Upload Report to Codecov
if: steps.checksecret.outputs.result == 'true'
uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed # v4.3.0
uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # v4.3.1
with:
file: ./coverage.out
fail_ci_if_error: true
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/diff.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,12 @@ jobs:
name: diff
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: '1.21'
go-version-file: 'go.mod'
- run: make installer
- name: Checking if YAML installer file is not aligned
run: if [[ $(git diff | wc -l) -gt 0 ]]; then echo ">>> Untracked generated files have not been committed" && git --no-pager diff && exit 1; fi
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/docker-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,15 +20,15 @@ jobs:
capsule-digest: ${{ steps.publish-capsule.outputs.digest }}
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup caches
uses: ./.github/actions/setup-caches
timeout-minutes: 5
continue-on-error: true
with:
build-cache-key: publish-images
- name: Run Trivy vulnerability (Repo)
uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 # v0.19.0
uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0
with:
scan-type: 'fs'
ignore-unfixed: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/docs-lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
name: Spell Check
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
Expand Down
11 changes: 3 additions & 8 deletions .github/workflows/e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,17 +40,12 @@ jobs:
k8s-version: [ 'v1.22.4', 'v1.23.6', 'v1.24.7', 'v1.25.3', 'v1.26.3', 'v1.27.2', 'v1.28.0', 'v1.29.0']
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: '1.21'
- run: make manifests
- name: Checking if manifests are disaligned
run: test -z "$(git diff 2> /dev/null)"
- name: Checking if manifests generated untracked files
run: test -z "$(git ls-files --others --exclude-standard 2> /dev/null)"
go-version-file: 'go.mod'
- uses: engineerd/setup-kind@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0 # v0.5.0
with:
skipClusterCreation: true
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/fossa.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-20.04
steps:
- name: "Checkout Code"
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Check secret
id: checksecret
uses: ./.github/actions/exists
Expand Down
12 changes: 10 additions & 2 deletions .github/workflows/gosec.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,8 +17,16 @@ jobs:
GO111MODULE: on
steps:
- name: Checkout Source
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version-file: 'go.mod'
- name: Run Gosec Security Scanner
uses: securego/gosec@26e57d6b340778c2983cd61775bc7e8bb41d002a # v2.19.0
with:
args: ./...
args: '-no-fail -fmt sarif -out gosec.sarif ./...'
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@c4fb451437765abf5018c6fbf22cce1a7da1e5cc
with:
sarif_file: gosec.sarif

4 changes: 2 additions & 2 deletions .github/workflows/helm-publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
if: github.repository_owner == 'projectcapsule'
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: "Extract Version"
id: extract_version
run: |
Expand Down Expand Up @@ -44,7 +44,7 @@ jobs:
outputs:
chart-digest: ${{ steps.helm_publish.outputs.digest }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
- name: "Extract Version"
id: extract_version
Expand Down
4 changes: 1 addition & 3 deletions .github/workflows/helm-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,12 +13,10 @@ jobs:
lint:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v3
with:
version: v3.14.2
- name: Linting Chart
run: helm lint ./charts/capsule
- name: Setup Chart Linting
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,12 +16,12 @@ jobs:
name: lint
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: '1.21'
go-version-file: 'go.mod'
- name: Run golangci-lint
uses: golangci/golangci-lint-action@9d1e0624a798bb64f6c3cea93db47765312263dc # v5.1.0
uses: golangci/golangci-lint-action@a4f60bb28d35aeee14e6880718e0c85ff1882e64 # v6.0.1
with:
version: v1.56.2
only-new-issues: false
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/releaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
id-token: write
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- name: Setup caches
Expand All @@ -30,7 +30,7 @@ jobs:
- name: Install Cosign
uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
with:
version: latest
args: release --clean --timeout 90m --debug
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,11 +20,11 @@ jobs:
id-token: write
steps:
- name: Checkout
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
persist-credentials: false
- name: Run analysis
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
with:
results_file: results.sarif
results_format: sarif
Expand All @@ -37,6 +37,6 @@ jobs:
path: results.sarif
retention-days: 5
- name: Upload to code-scanning
uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4
uses: github/codeql-action/upload-sarif@c4fb451437765abf5018c6fbf22cce1a7da1e5cc # v2.13.4
with:
sarif_file: results.sarif
13 changes: 8 additions & 5 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
# Version
GIT_HEAD_COMMIT ?= $(shell git rev-parse --short HEAD)
VERSION ?= $(or $(shell git describe --abbrev=0 --tags --match "v*" 2>/dev/null),$(GIT_HEAD_COMMIT))
GOOS ?= $(shell go env GOOS)
GOARCH ?= $(shell go env GOARCH)

# Defaults
REGISTRY ?= ghcr.io
Expand Down Expand Up @@ -181,6 +183,7 @@ dev-setup:
# -- Docker
####################

KO_PLATFORM ?= linux/$(GOARCH)
KOCACHE ?= /tmp/ko-cache
KO_REGISTRY := ko.local
KO_TAGS ?= "latest"
Expand All @@ -200,9 +203,9 @@ LD_FLAGS := "-X main.Version=$(VERSION) \

.PHONY: ko-build-capsule
ko-build-capsule: ko
@echo Building Capsule $(KO_TAGS) >&2
@echo Building Capsule $(KO_TAGS) for $(KO_PLATFORM) >&2
@LD_FLAGS=$(LD_FLAGS) KOCACHE=$(KOCACHE) KO_DOCKER_REPO=$(CAPSULE_IMG) \
$(KO) build ./ --bare --tags=$(KO_TAGS) --push=false --local
$(KO) build ./ --bare --tags=$(KO_TAGS) --push=false --local --platform=$(KO_PLATFORM)

.PHONY: ko-build-all
ko-build-all: ko-build-capsule
Expand Down Expand Up @@ -230,7 +233,7 @@ ko-publish-all: ko-publish-capsule
####################

CONTROLLER_GEN := $(shell pwd)/bin/controller-gen
CONTROLLER_GEN_VERSION := v0.10.0
CONTROLLER_GEN_VERSION := v0.15.0
controller-gen: ## Download controller-gen locally if necessary.
$(call go-install-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_GEN_VERSION))

Expand All @@ -240,7 +243,7 @@ apidocs-gen: ## Download crdoc locally if necessary.
$(call go-install-tool,$(APIDOCS_GEN),fybrik.io/crdoc@$(APIDOCS_GEN_VERSION))

GINKGO := $(shell pwd)/bin/ginkgo
GINGKO_VERSION := v2.15.0
GINGKO_VERSION := v2.17.2
ginkgo: ## Download ginkgo locally if necessary.
$(call go-install-tool,$(GINKGO),github.com/onsi/ginkgo/v2/ginkgo@$(GINGKO_VERSION))

Expand Down Expand Up @@ -352,5 +355,5 @@ e2e-destroy:

SPELL_CHECKER = npx spellchecker-cli
docs-lint:
cd docs/content && $(SPELL_CHECKER) -f "*.md" "*/*.md" -d dictionary.txt
cd docs/content && $(SPELL_CHECKER) -f "*.md" "*/*.md" "!general/crds-apis.md" -d dictionary.txt

1 change: 0 additions & 1 deletion api/v1beta1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion api/v1beta2/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

53 changes: 27 additions & 26 deletions config/crd/bases/capsule.clastix.io_capsuleconfigurations.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.10.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.15.0
name: capsuleconfigurations.capsule.clastix.io
spec:
group: capsule.clastix.io
Expand All @@ -22,14 +21,19 @@ spec:
API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
Expand All @@ -38,23 +42,20 @@ spec:
properties:
enableTLSReconciler:
default: true
description: Toggles the TLS reconciler, the controller that is able
to generate CA and certificates for the webhooks when not using
an already provided CA and certificate, or when these are managed
externally with Vault, or cert-manager.
description: |-
Toggles the TLS reconciler, the controller that is able to generate CA and certificates for the webhooks
when not using an already provided CA and certificate, or when these are managed externally with Vault, or cert-manager.
type: boolean
forceTenantPrefix:
default: false
description: Enforces the Tenant owner, during Namespace creation,
to name it using the selected Tenant name as prefix, separated by
a dash. This is useful to avoid Namespace name collision in a public
CaaS environment.
description: |-
Enforces the Tenant owner, during Namespace creation, to name it using the selected Tenant name as prefix,
separated by a dash. This is useful to avoid Namespace name collision in a public CaaS environment.
type: boolean
nodeMetadata:
description: Allows to set the forbidden metadata for the worker nodes
that could be patched by a Tenant. This applies only if the Tenant
has an active NodeSelector, and the Owner have right to patch their
nodes.
description: |-
Allows to set the forbidden metadata for the worker nodes that could be patched by a Tenant.
This applies only if the Tenant has an active NodeSelector, and the Owner have right to patch their nodes.
properties:
forbiddenAnnotations:
description: Define the annotations that a Tenant Owner cannot
Expand Down Expand Up @@ -87,15 +88,15 @@ spec:
TLSSecretName: capsule-tls
mutatingWebhookConfigurationName: capsule-mutating-webhook-configuration
validatingWebhookConfigurationName: capsule-validating-webhook-configuration
description: Allows to set different name rather than the canonical
one for the Capsule configuration objects, such as webhook secret
or configurations.
description: |-
Allows to set different name rather than the canonical one for the Capsule configuration objects,
such as webhook secret or configurations.
properties:
TLSSecretName:
default: capsule-tls
description: Defines the Secret name used for the webhook server.
Must be in the same Namespace where the Capsule Deployment is
deployed.
description: |-
Defines the Secret name used for the webhook server.
Must be in the same Namespace where the Capsule Deployment is deployed.
type: string
mutatingWebhookConfigurationName:
default: capsule-mutating-webhook-configuration
Expand Down
Loading

0 comments on commit 1897a28

Please sign in to comment.