From 806f93eb82adbb7b77cf441f659375c3b262f1ec Mon Sep 17 00:00:00 2001 From: Stefan Prodan Date: Tue, 23 May 2023 18:05:18 +0300 Subject: [PATCH 1/2] Update controller-runtime to v0.15.0 Signed-off-by: Stefan Prodan --- api/go.mod | 2 +- api/go.sum | 6 +-- go.mod | 10 ++--- go.sum | 21 +++++----- .../controllers/kustomization_controller.go | 12 +++--- .../controllers/kustomization_fuzzer_test.go | 4 +- internal/controllers/suite_test.go | 42 ++++++++----------- main.go | 10 +++-- 8 files changed, 49 insertions(+), 58 deletions(-) diff --git a/api/go.mod b/api/go.mod index d79070c..f072009 100644 --- a/api/go.mod +++ b/api/go.mod @@ -7,7 +7,7 @@ require ( github.com/fluxcd/pkg/apis/meta v1.1.0 k8s.io/apiextensions-apiserver v0.27.2 k8s.io/apimachinery v0.27.2 - sigs.k8s.io/controller-runtime v0.15.0-beta.0 + sigs.k8s.io/controller-runtime v0.15.0 ) // Fix CVE-2022-28948 diff --git a/api/go.sum b/api/go.sum index 05d60f8..a186137 100644 --- a/api/go.sum +++ b/api/go.sum @@ -31,7 +31,7 @@ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/onsi/ginkgo/v2 v2.9.5 h1:+6Hr4uxzP4XIUyAkg61dWBw8lb/gc4/X5luuxN/EC+Q= -github.com/onsi/gomega v1.27.6 h1:ENqfyGeS5AX/rlXDd/ETokDz93u0YufY1Pgxuy/PvWE= +github.com/onsi/gomega v1.27.7 h1:fVih9JD6ogIiHUN6ePK7HJidyEDpWGVB5mzM7cWNXoU= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= @@ -91,8 +91,8 @@ k8s.io/klog/v2 v2.90.1 h1:m4bYOKall2MmOiRaR1J+We67Do7vm9KiQVlT96lnHUw= k8s.io/klog/v2 v2.90.1/go.mod h1:y1WjHnz7Dj687irZUWR/WLkLc5N1YHtjLdmgWjndZn0= k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY= k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.15.0-beta.0 h1:pkhYMops8jZrVuI0kBHeF6q9UVu1JljIGGG4Ox5ZJmk= -sigs.k8s.io/controller-runtime v0.15.0-beta.0/go.mod h1:YUTa+du31rqOu4mJaijiuhGFax9ecCJgO/v0/yW09gE= +sigs.k8s.io/controller-runtime v0.15.0 h1:ML+5Adt3qZnMSYxZ7gAverBLNPSMQEibtzAgp0UPojU= +sigs.k8s.io/controller-runtime v0.15.0/go.mod h1:7ngYvp1MLT+9GeZ+6lH3LOlcHkp/+tzA/fmHa4iq9kk= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/structured-merge-diff/v4 v4.2.3 h1:PRbqxJClWWYMNV1dhaG4NsibJbArud9kFxnAMREiWFE= diff --git a/go.mod b/go.mod index e85a000..74a8fd0 100644 --- a/go.mod +++ b/go.mod @@ -29,9 +29,9 @@ require ( github.com/fluxcd/pkg/apis/kustomize v1.1.0 github.com/fluxcd/pkg/apis/meta v1.1.0 github.com/fluxcd/pkg/http/fetch v0.5.1 - github.com/fluxcd/pkg/kustomize v1.3.0 - github.com/fluxcd/pkg/runtime v0.37.0 - github.com/fluxcd/pkg/ssa v0.28.0 + github.com/fluxcd/pkg/kustomize v1.3.1 + github.com/fluxcd/pkg/runtime v0.38.1 + github.com/fluxcd/pkg/ssa v0.28.1 github.com/fluxcd/pkg/tar v0.2.0 github.com/fluxcd/pkg/testserver v0.4.0 github.com/fluxcd/source-controller/api v1.0.0-rc.3 @@ -51,7 +51,7 @@ require ( k8s.io/client-go v0.27.2 k8s.io/utils v0.0.0-20230209194617-a36077c30491 sigs.k8s.io/cli-utils v0.34.0 - sigs.k8s.io/controller-runtime v0.15.0-beta.0 + sigs.k8s.io/controller-runtime v0.15.0 sigs.k8s.io/kustomize/api v0.13.4 sigs.k8s.io/yaml v1.3.0 ) @@ -207,7 +207,7 @@ require ( golang.org/x/text v0.9.0 // indirect golang.org/x/time v0.3.0 // indirect golang.org/x/tools v0.9.1 // indirect - gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect + gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect google.golang.org/appengine v1.6.7 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.66.4 // indirect diff --git a/go.sum b/go.sum index 5f7bc85..1b7a8f2 100644 --- a/go.sum +++ b/go.sum @@ -175,7 +175,6 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20201210154907-fd9021fe5dad/go.m github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.mod h1:hliV/p42l8fGbc6Y9bQ70uLwIvmJyVE5k4iMKlh8wCQ= github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0= github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c= -github.com/evanphx/json-patch v0.5.2/go.mod h1:ZWS5hhDbVDyob71nXKNL0+PWn6ToqBHMikGIFbs31qQ= github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U= github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.6.0 h1:b91NhWfaz02IuVxO9faSllyAtNXHMPkC5J8sJCLunww= @@ -198,14 +197,14 @@ github.com/fluxcd/pkg/apis/meta v1.1.0 h1:vYU1mvUzztnQyTzZOLHQ3wm/tXd7E1QZ2V91zu github.com/fluxcd/pkg/apis/meta v1.1.0/go.mod h1:/QwCotRKL/BT6RSa4O75FlYW14fU8eRfKnoagzbkmL4= github.com/fluxcd/pkg/http/fetch v0.5.1 h1:1T03ZmYHKfeFVHpJOxeRNnpwLp4RUShvpNr4S9H+VFY= github.com/fluxcd/pkg/http/fetch v0.5.1/go.mod h1:GZtfJdk8kLpJYd0v/k9ocJicwvQs2R7joooZChF7e8g= -github.com/fluxcd/pkg/kustomize v1.3.0 h1:vbmdsqLcjNG2of+aFoY9C52ZF58U51tp7NKUydrIwT8= -github.com/fluxcd/pkg/kustomize v1.3.0/go.mod h1:0U23NUzTlOYFuS8UceZTtN4vD9pN/780gyQ8P9SSqO8= -github.com/fluxcd/pkg/runtime v0.37.0 h1:3vU6ViFhO+E7nLVe6ww0RSTDNz8ltXBuvcvOZcNY1R4= -github.com/fluxcd/pkg/runtime v0.37.0/go.mod h1:nyO+Mwxwjq00evdG8cRjfKnHrqiPRHeemSoLqHvQA0A= +github.com/fluxcd/pkg/kustomize v1.3.1 h1:xOltPfO7/3h+bRMI90sTYgs/LI5VeW9pPMUMpZbo2HI= +github.com/fluxcd/pkg/kustomize v1.3.1/go.mod h1:n9QJcwioLTWggJ+TYcVFa4jR7n0hRU+KeNA3zTWh9bo= +github.com/fluxcd/pkg/runtime v0.38.1 h1:deY7LP2e1UfHXmxNFFzY6MAbqdLWlRgvK9f/PIXyY5Y= +github.com/fluxcd/pkg/runtime v0.38.1/go.mod h1:x7bNbCDuvErmqD3gPNgGDI/ovjHBwvNPiwmAJuIMqNM= github.com/fluxcd/pkg/sourceignore v0.3.3 h1:Ue29JAuPECEYdvIqdpXpQaDxpeySn7amarLArp7XoIs= github.com/fluxcd/pkg/sourceignore v0.3.3/go.mod h1:yuJzKggph0Bdbk9LgXjJQhvJZSTJV/1vS7mJuB7mPa0= -github.com/fluxcd/pkg/ssa v0.28.0 h1:YqoEdt57xVeJ3NWOBr4MbNN/zrzm4IV+orUPBMMQL9g= -github.com/fluxcd/pkg/ssa v0.28.0/go.mod h1:sYQTAXl8J8O5qLUHciRZifZ4kInY0yonfUnWZsUHclM= +github.com/fluxcd/pkg/ssa v0.28.1 h1:h5r5irAgDjgkmIqagOLOa/U7/Rx2fT2NKIb+vDTYOMg= +github.com/fluxcd/pkg/ssa v0.28.1/go.mod h1:o55eBzWz7P/tqnCn5c622RZvjTP/GqvitqZUbsMIRwk= github.com/fluxcd/pkg/tar v0.2.0 h1:HEUHgONQYsJGeZZ4x6h5nQU9Aox1I4T3bOp1faWTqf8= github.com/fluxcd/pkg/tar v0.2.0/go.mod h1:w0/TOC7kwBJhnSJn7TCABkc/I7ib1f2Yz6vOsbLBnhw= github.com/fluxcd/pkg/testserver v0.4.0 h1:pDZ3gistqYhwlf3sAjn1Q8NzN4Qe6I1BEmHMHi46lMg= @@ -649,8 +648,8 @@ golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8T golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -gomodules.xyz/jsonpatch/v2 v2.2.0 h1:4pT439QV83L+G9FkcCriY6EkpcK6r6bK+A5FBUMI7qY= -gomodules.xyz/jsonpatch/v2 v2.2.0/go.mod h1:WXp+iVDkoLQqPudfQ9GBlwB2eZ5DKOnjQZCYdOS8GPY= +gomodules.xyz/jsonpatch/v2 v2.3.0 h1:8NFhfS6gzxNqjLIYnZxg319wZ5Qjnx4m/CcX+Klzazc= +gomodules.xyz/jsonpatch/v2 v2.3.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= google.golang.org/api v0.123.0 h1:yHVU//vA+qkOhm4reEC9LtzHVUCN/IqqNRl1iQ9xE20= google.golang.org/api v0.123.0/go.mod h1:gcitW0lvnyWjSp9nKxAbdHKIZ6vF4aajGueeslZOyms= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= @@ -739,8 +738,8 @@ k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPB k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/cli-utils v0.34.0 h1:zCUitt54f0/MYj/ajVFnG6XSXMhpZ72O/3RewIchW8w= sigs.k8s.io/cli-utils v0.34.0/go.mod h1:EXyMwPMu9OL+LRnj0JEMsGG/fRvbgFadcVlSnE8RhFs= -sigs.k8s.io/controller-runtime v0.15.0-beta.0 h1:pkhYMops8jZrVuI0kBHeF6q9UVu1JljIGGG4Ox5ZJmk= -sigs.k8s.io/controller-runtime v0.15.0-beta.0/go.mod h1:YUTa+du31rqOu4mJaijiuhGFax9ecCJgO/v0/yW09gE= +sigs.k8s.io/controller-runtime v0.15.0 h1:ML+5Adt3qZnMSYxZ7gAverBLNPSMQEibtzAgp0UPojU= +sigs.k8s.io/controller-runtime v0.15.0/go.mod h1:7ngYvp1MLT+9GeZ+6lH3LOlcHkp/+tzA/fmHa4iq9kk= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo= sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0= sigs.k8s.io/kustomize/api v0.13.4 h1:E38Hfx0G9R9v7vRgKshviPotJQETG0S2gD3JdHLCAsI= diff --git a/internal/controllers/kustomization_controller.go b/internal/controllers/kustomization_controller.go index b3fe8ee..e8498e9 100644 --- a/internal/controllers/kustomization_controller.go +++ b/internal/controllers/kustomization_controller.go @@ -95,13 +95,12 @@ type KustomizationReconciler struct { // KustomizationReconcilerOptions contains options for the KustomizationReconciler. type KustomizationReconcilerOptions struct { - MaxConcurrentReconciles int HTTPRetry int DependencyRequeueInterval time.Duration RateLimiter ratelimiter.RateLimiter } -func (r *KustomizationReconciler) SetupWithManager(mgr ctrl.Manager, opts KustomizationReconcilerOptions) error { +func (r *KustomizationReconciler) SetupWithManager(ctx context.Context, mgr ctrl.Manager, opts KustomizationReconcilerOptions) error { const ( ociRepositoryIndexKey string = ".metadata.ociRepository" gitRepositoryIndexKey string = ".metadata.gitRepository" @@ -109,19 +108,19 @@ func (r *KustomizationReconciler) SetupWithManager(mgr ctrl.Manager, opts Kustom ) // Index the Kustomizations by the OCIRepository references they (may) point at. - if err := mgr.GetCache().IndexField(context.TODO(), &kustomizev1.Kustomization{}, ociRepositoryIndexKey, + if err := mgr.GetCache().IndexField(ctx, &kustomizev1.Kustomization{}, ociRepositoryIndexKey, r.indexBy(sourcev1b2.OCIRepositoryKind)); err != nil { return fmt.Errorf("failed setting index fields: %w", err) } // Index the Kustomizations by the GitRepository references they (may) point at. - if err := mgr.GetCache().IndexField(context.TODO(), &kustomizev1.Kustomization{}, gitRepositoryIndexKey, + if err := mgr.GetCache().IndexField(ctx, &kustomizev1.Kustomization{}, gitRepositoryIndexKey, r.indexBy(sourcev1.GitRepositoryKind)); err != nil { return fmt.Errorf("failed setting index fields: %w", err) } // Index the Kustomizations by the Bucket references they (may) point at. - if err := mgr.GetCache().IndexField(context.TODO(), &kustomizev1.Kustomization{}, bucketIndexKey, + if err := mgr.GetCache().IndexField(ctx, &kustomizev1.Kustomization{}, bucketIndexKey, r.indexBy(sourcev1b2.BucketKind)); err != nil { return fmt.Errorf("failed setting index fields: %w", err) } @@ -155,8 +154,7 @@ func (r *KustomizationReconciler) SetupWithManager(mgr ctrl.Manager, opts Kustom builder.WithPredicates(SourceRevisionChangePredicate{}), ). WithOptions(controller.Options{ - MaxConcurrentReconciles: opts.MaxConcurrentReconciles, - RateLimiter: opts.RateLimiter, + RateLimiter: opts.RateLimiter, }). Complete(r) } diff --git a/internal/controllers/kustomization_fuzzer_test.go b/internal/controllers/kustomization_fuzzer_test.go index bc3eaab..1ca105b 100644 --- a/internal/controllers/kustomization_fuzzer_test.go +++ b/internal/controllers/kustomization_fuzzer_test.go @@ -76,7 +76,7 @@ var ( debugMode = os.Getenv("DEBUG_TEST") != "" ) -const vaultVersion = "1.2.2" +const vaultVersion = "1.13.2" const defaultBinVersion = "1.24" //go:embed testdata/crd/*.yaml @@ -126,7 +126,7 @@ func Fuzz_Controllers(f *testing.F) { ControllerName: controllerName, Client: testEnv, } - if err := (reconciler).SetupWithManager(testEnv, KustomizationReconcilerOptions{MaxConcurrentReconciles: 1}); err != nil { + if err := (reconciler).SetupWithManager(ctx, testEnv, KustomizationReconcilerOptions{}); err != nil { panic(fmt.Sprintf("Failed to start GitRepositoryReconciler: %v", err)) } }, func() error { diff --git a/internal/controllers/suite_test.go b/internal/controllers/suite_test.go index a0d9a41..e1f42ae 100644 --- a/internal/controllers/suite_test.go +++ b/internal/controllers/suite_test.go @@ -51,18 +51,13 @@ import ( kustomizev1 "github.com/fluxcd/kustomize-controller/api/v1" ) -func init() { - rand.Seed(time.Now().UnixNano()) -} - const ( timeout = time.Second * 30 interval = time.Second * 1 reconciliationInterval = time.Second * 5 + vaultVersion = "1.13.2" ) -const vaultVersion = "1.2.2" - var ( reconciler *KustomizationReconciler k8sClient client.Client @@ -76,7 +71,7 @@ var ( debugMode = os.Getenv("DEBUG_TEST") != "" ) -func runInContext(registerControllers func(*testenv.Environment), run func() error, crdPath string) error { +func runInContext(registerControllers func(*testenv.Environment), run func() int) (code int) { var err error utilruntime.Must(kustomizev1.AddToScheme(scheme.Scheme)) utilruntime.Must(sourcev1.AddToScheme(scheme.Scheme)) @@ -86,7 +81,10 @@ func runInContext(registerControllers func(*testenv.Environment), run func() err controllerLog.SetLogger(zap.New(zap.WriteTo(os.Stderr), zap.UseDevMode(false))) } - testEnv = testenv.New(testenv.WithCRDPath(crdPath)) + testEnv = testenv.New( + testenv.WithCRDPath(filepath.Join("..", "..", "config", "crd", "bases")), + testenv.WithMaxConcurrentReconciles(4), + ) testServer, err = testserver.NewTempArtifactServer() if err != nil { @@ -133,7 +131,7 @@ func runInContext(registerControllers func(*testenv.Environment), run func() err pool.Purge(resource) }() - runErr := run() + code = run() if debugMode { events := &corev1.EventList{} @@ -156,13 +154,11 @@ func runInContext(registerControllers func(*testenv.Environment), run func() err panic(fmt.Sprintf("Failed to remove storage server dir: %v", err)) } - return runErr + return code } func TestMain(m *testing.M) { - code := 0 - - runInContext(func(testEnv *testenv.Environment) { + code := runInContext(func(testEnv *testenv.Environment) { controllerName := "kustomize-controller" testMetricsH = controller.MustMakeMetrics(testEnv) kstatusCheck = kcheck.NewChecker(testEnv.Client, @@ -181,16 +177,12 @@ func TestMain(m *testing.M) { EventRecorder: testEnv.GetEventRecorderFor(controllerName), Metrics: testMetricsH, } - if err := (reconciler).SetupWithManager(testEnv, KustomizationReconcilerOptions{ - MaxConcurrentReconciles: 4, + if err := (reconciler).SetupWithManager(ctx, testEnv, KustomizationReconcilerOptions{ DependencyRequeueInterval: 2 * time.Second, }); err != nil { panic(fmt.Sprintf("Failed to start KustomizationReconciler: %v", err)) } - }, func() error { - code = m.Run() - return nil - }, filepath.Join("..", "..", "config", "crd", "bases")) + }, m.Run) os.Exit(code) } @@ -346,13 +338,13 @@ func createVaultTestInstance() (*dockertest.Pool, *dockertest.Resource, error) { // uses a sensible default on windows (tcp/http) and linux/osx (socket) pool, err := dockertest.NewPool("") if err != nil { - return nil, nil, fmt.Errorf("Could not connect to docker: %s", err) + return nil, nil, fmt.Errorf("could not connect to docker: %s", err) } // pulls an image, creates a container based on it and runs it resource, err := pool.Run("vault", vaultVersion, []string{"VAULT_DEV_ROOT_TOKEN_ID=secret"}) if err != nil { - return nil, nil, fmt.Errorf("Could not start resource: %s", err) + return nil, nil, fmt.Errorf("could not start resource: %s", err) } os.Setenv("VAULT_ADDR", fmt.Sprintf("http://127.0.0.1:%v", resource.GetPort("8200/tcp"))) @@ -361,24 +353,24 @@ func createVaultTestInstance() (*dockertest.Pool, *dockertest.Resource, error) { if err := pool.Retry(func() error { cli, err := api.NewClient(api.DefaultConfig()) if err != nil { - return fmt.Errorf("Cannot create Vault Client: %w", err) + return fmt.Errorf("cannot create Vault Client: %w", err) } status, err := cli.Sys().InitStatus() if err != nil { return err } if status != true { - return fmt.Errorf("Vault not ready yet") + return fmt.Errorf("vault not ready yet") } if err := cli.Sys().Mount("sops", &api.MountInput{ Type: "transit", }); err != nil { - return fmt.Errorf("Cannot create Vault Transit Engine: %w", err) + return fmt.Errorf("cannot create Vault Transit Engine: %w", err) } return nil }); err != nil { - return nil, nil, fmt.Errorf("Could not connect to docker: %w", err) + return nil, nil, fmt.Errorf("could not connect to docker: %w", err) } return pool, resource, nil diff --git a/main.go b/main.go index 40f7fcd..f2b6d3e 100644 --- a/main.go +++ b/main.go @@ -114,6 +114,8 @@ func main() { logger.SetLogger(logger.NewLogger(logOptions)) + ctx := ctrl.SetupSignalHandler() + if err := featureGates.WithLogger(setupLog).SupportedFeatures(features.FeatureGates()); err != nil { setupLog.Error(err, "unable to load feature gates") os.Exit(1) @@ -169,7 +171,8 @@ func main() { Namespaces: []string{watchNamespace}, }, Controller: ctrlcfg.Controller{ - RecoverPanic: pointer.Bool(true), + MaxConcurrentReconciles: concurrent, + RecoverPanic: pointer.Bool(true), }, }) if err != nil { @@ -208,8 +211,7 @@ func main() { KubeConfigOpts: kubeConfigOpts, PollingOpts: pollingOpts, StatusPoller: polling.NewStatusPoller(mgr.GetClient(), mgr.GetRESTMapper(), pollingOpts), - }).SetupWithManager(mgr, controllers.KustomizationReconcilerOptions{ - MaxConcurrentReconciles: concurrent, + }).SetupWithManager(ctx, mgr, controllers.KustomizationReconcilerOptions{ DependencyRequeueInterval: requeueDependency, HTTPRetry: httpRetry, RateLimiter: runtimeCtrl.GetRateLimiter(rateLimiterOptions), @@ -220,7 +222,7 @@ func main() { // +kubebuilder:scaffold:builder setupLog.Info("starting manager") - if err := mgr.Start(ctrl.SetupSignalHandler()); err != nil { + if err := mgr.Start(ctx); err != nil { setupLog.Error(err, "problem running manager") os.Exit(1) } From c61358d5a6fdfd93e5924a584ebda90fd2a2e716 Mon Sep 17 00:00:00 2001 From: Stefan Prodan Date: Tue, 23 May 2023 18:31:34 +0300 Subject: [PATCH 2/2] Update azidentity from beta to v1.3.0 Signed-off-by: Stefan Prodan --- go.mod | 14 +++++++------- go.sum | 30 +++++++++++++++--------------- internal/sops/azkv/keysource.go | 5 ++++- 3 files changed, 26 insertions(+), 23 deletions(-) diff --git a/go.mod b/go.mod index 74a8fd0..7601dcb 100644 --- a/go.mod +++ b/go.mod @@ -12,9 +12,9 @@ require ( cloud.google.com/go/kms v1.10.2 filippo.io/age v1.1.1 github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 - github.com/Azure/azure-sdk-for-go/sdk/azcore v1.5.0-beta.1 - github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0-beta.4 - github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.9.0 + github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0 + github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 + github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 github.com/aws/aws-sdk-go v1.44.267 github.com/aws/aws-sdk-go-v2 v1.18.0 github.com/aws/aws-sdk-go-v2/config v1.18.25 @@ -49,7 +49,7 @@ require ( k8s.io/api v0.27.2 k8s.io/apimachinery v0.27.2 k8s.io/client-go v0.27.2 - k8s.io/utils v0.0.0-20230209194617-a36077c30491 + k8s.io/utils v0.0.0-20230505201702-9f6742963106 sigs.k8s.io/cli-utils v0.34.0 sigs.k8s.io/controller-runtime v0.15.0 sigs.k8s.io/kustomize/api v0.13.4 @@ -70,8 +70,8 @@ require ( cloud.google.com/go/compute/metadata v0.2.3 // indirect cloud.google.com/go/iam v0.13.0 // indirect github.com/Azure/azure-sdk-for-go v63.3.0+incompatible // indirect - github.com/Azure/azure-sdk-for-go/sdk/internal v1.2.0 // indirect - github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect + github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 // indirect github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect github.com/Azure/go-autorest v14.2.0+incompatible // indirect github.com/Azure/go-autorest/autorest v0.11.27 // indirect @@ -83,7 +83,7 @@ require ( github.com/Azure/go-autorest/autorest/validation v0.3.1 // indirect github.com/Azure/go-autorest/logger v0.2.1 // indirect github.com/Azure/go-autorest/tracing v0.6.0 // indirect - github.com/AzureAD/microsoft-authentication-library-for-go v0.9.0 // indirect + github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 // indirect github.com/MakeNowJust/heredoc v1.0.0 // indirect github.com/Microsoft/go-winio v0.6.0 // indirect github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5 // indirect diff --git a/go.sum b/go.sum index 1b7a8f2..8e11f37 100644 --- a/go.sum +++ b/go.sum @@ -16,16 +16,16 @@ github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 h1:EKPd1 github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0= github.com/Azure/azure-sdk-for-go v63.3.0+incompatible h1:INepVujzUrmArRZjDLHbtER+FkvCoEwyRCXGqOlmDII= github.com/Azure/azure-sdk-for-go v63.3.0+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.5.0-beta.1 h1:yLM4ZIC+NRvzwFGpXjUbf5FhPBVxJgmYXkjePgNAx64= -github.com/Azure/azure-sdk-for-go/sdk/azcore v1.5.0-beta.1/go.mod h1:ON4tFdPTwRcgWEaVDrN3584Ef+b7GgSJaXxe5fW9t4M= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0-beta.4 h1:jpSh2461XzXBEw1MJwvVRJwZS0CAgqS0h6jBdoIFtLk= -github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0-beta.4/go.mod h1:oWa/ZXP08smIi12UyWVbVikBxoZHZCyxijZamTK1i8Q= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.2.0 h1:leh5DwKv6Ihwi+h60uHtn6UWAxBbZ0q8DwQVMzf61zw= -github.com/Azure/azure-sdk-for-go/sdk/internal v1.2.0/go.mod h1:eWRD7oawr1Mu1sLCawqVc0CUiF43ia3qQMxLscsKQ9w= -github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.9.0 h1:TOFrNxfjslms5nLLIMjW7N0+zSALX4KiGsptmpb16AA= -github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.9.0/go.mod h1:EAyXOW1F6BTJPiK2pDvmnvxOHPxoTYWoqBeIlql+QhI= -github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.0 h1:Lg6BW0VPmCwcMlvOviL3ruHFO+H9tZNqscK0AeuFjGM= -github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.0/go.mod h1:9V2j0jn9jDEkCkv8w/bKTNppX/d0FVA1ud77xCIP4KA= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0 h1:8kDqDngH+DmVBiCtIjCFTGa7MBnsIOkF9IccInFEbjk= +github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0/go.mod h1:bjGvMhVMb+EEm3VRNQawDMUyMMjo+S5ewNjflkep/0Q= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 h1:vcYCAze6p19qBW7MhZybIsqD8sMV8js0NyQM8JDnVtg= +github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0/go.mod h1:OQeznEEkTZ9OrhHJoDD8ZDq51FHgXjqtP9z6bEwBq9U= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY= +github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM= +github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0 h1:m/sWOGCREuSBqg2htVQTBY8nOZpyajYztF0vUvSZTuM= +github.com/Azure/azure-sdk-for-go/sdk/keyvault/azkeys v0.10.0/go.mod h1:Pu5Zksi2KrU7LPbZbNINx6fuVrUp/ffvpxdDj+i8LeE= +github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1 h1:FbH3BbSb4bvGluTesZZ+ttN/MDsnMmQP36OSnDuSXqw= +github.com/Azure/azure-sdk-for-go/sdk/keyvault/internal v0.7.1/go.mod h1:9V2j0jn9jDEkCkv8w/bKTNppX/d0FVA1ud77xCIP4KA= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E= github.com/Azure/go-autorest v14.2.0+incompatible h1:V5VMDjClD3GiElqLWO7mz2MxNAK/vTfRHdAubSIPRgs= @@ -53,8 +53,8 @@ github.com/Azure/go-autorest/logger v0.2.1 h1:IG7i4p/mDa2Ce4TRyAO8IHnVhAVF3RFU+Z github.com/Azure/go-autorest/logger v0.2.1/go.mod h1:T9E3cAhj2VqvPOtCYAvby9aBXkZmbF5NWuPV8+WeEW8= github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUMfuitfgcfuo= github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU= -github.com/AzureAD/microsoft-authentication-library-for-go v0.9.0 h1:UE9n9rkJF62ArLb1F3DEjRt8O3jLwMWdSoypKV4f3MU= -github.com/AzureAD/microsoft-authentication-library-for-go v0.9.0/go.mod h1:kgDmCTgBzIEPFElEF+FK0SdjAor06dRq2Go927dnQ6o= +github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 h1:OBhqkivkhkMqLPymWEppkm7vgPQY2XsHoEkaMQ0AdZY= +github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0/go.mod h1:kgDmCTgBzIEPFElEF+FK0SdjAor06dRq2Go927dnQ6o= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ= github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE= @@ -153,7 +153,7 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U= github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE= -github.com/dnaeon/go-vcr v1.1.0 h1:ReYa/UBrRyQdant9B4fNHGoCNKw6qh6P0fsdGmZpR7c= +github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI= github.com/docker/cli v20.10.17+incompatible h1:eO2KS7ZFeov5UJeaDmIs1NFEDRf32PaqRpvoEkKBy5M= github.com/docker/cli v20.10.17+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/docker v20.10.24+incompatible h1:Ugvxm7a8+Gz6vqQYQQ2W7GYq5EUPaAiuPgIfVyI3dYE= @@ -734,8 +734,8 @@ k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f h1:2kWPakN3i/k81b0gvD5C5F k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f/go.mod h1:byini6yhqGC14c3ebc/QwanvYwhuMWF6yz2F8uwW8eg= k8s.io/kubectl v0.27.1 h1:9T5c5KdpburYiW8XKQSH0Uly1kMNE90aGSnbYUZNdcA= k8s.io/kubectl v0.27.1/go.mod h1:QsAkSmrRsKTPlAFzF8kODGDl4p35BIwQnc9XFhkcsy8= -k8s.io/utils v0.0.0-20230209194617-a36077c30491 h1:r0BAOLElQnnFhE/ApUsg3iHdVYYPBjNSSOMowRZxxsY= -k8s.io/utils v0.0.0-20230209194617-a36077c30491/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +k8s.io/utils v0.0.0-20230505201702-9f6742963106 h1:EObNQ3TW2D+WptiYXlApGNLVy0zm/JIBVY9i+M4wpAU= +k8s.io/utils v0.0.0-20230505201702-9f6742963106/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= sigs.k8s.io/cli-utils v0.34.0 h1:zCUitt54f0/MYj/ajVFnG6XSXMhpZ72O/3RewIchW8w= sigs.k8s.io/cli-utils v0.34.0/go.mod h1:EXyMwPMu9OL+LRnj0JEMsGG/fRvbgFadcVlSnE8RhFs= sigs.k8s.io/controller-runtime v0.15.0 h1:ML+5Adt3qZnMSYxZ7gAverBLNPSMQEibtzAgp0UPojU= diff --git a/internal/sops/azkv/keysource.go b/internal/sops/azkv/keysource.go index 855ba32..9cf8357 100644 --- a/internal/sops/azkv/keysource.go +++ b/internal/sops/azkv/keysource.go @@ -241,7 +241,10 @@ func getDefaultAzureCredential() (azcore.TokenCredential, error) { if _, ok := os.LookupEnv(azureAuthorityHost); ok { if tenantID, ok := os.LookupEnv(azureTenantID); ok { haveWorkloadConfig = true - workloadCred, err := azidentity.NewWorkloadIdentityCredential(tenantID, clientID, file, &azidentity.WorkloadIdentityCredentialOptions{ + workloadCred, err := azidentity.NewWorkloadIdentityCredential(&azidentity.WorkloadIdentityCredentialOptions{ + ClientID: clientID, + TenantID: tenantID, + TokenFilePath: file, ClientOptions: options.ClientOptions, DisableInstanceDiscovery: options.DisableInstanceDiscovery, })