From aadaf1c0aaf621eb9402a97401810e9f06b63942 Mon Sep 17 00:00:00 2001 From: Stefan Prodan Date: Thu, 8 May 2025 11:54:42 +0300 Subject: [PATCH] Remove deprecated status fields from OCIRepository v1 Signed-off-by: Stefan Prodan --- Makefile | 1 - api/v1/ocirepository_types.go | 17 ------------- ...rce.toolkit.fluxcd.io_ocirepositories.yaml | 17 ------------- .../ocirepository/signed-with-notation.yaml | 2 +- docs/api/v1/source.md | 25 ------------------- docs/spec/v1/ocirepositories.md | 17 ------------- .../controller/ocirepository_controller.go | 1 - .../ocirepository_controller_test.go | 6 ++--- internal/controller/suite_test.go | 2 +- 9 files changed, 5 insertions(+), 83 deletions(-) diff --git a/Makefile b/Makefile index a0b08df4..b68a895b 100644 --- a/Makefile +++ b/Makefile @@ -115,7 +115,6 @@ manifests: controller-gen ## Generate manifests, e.g. CRD, RBAC, etc. cd api; $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role paths="./..." output:crd:artifacts:config="../config/crd/bases" api-docs: gen-crd-api-reference-docs ## Generate API reference documentation - $(GEN_CRD_API_REFERENCE_DOCS) -api-dir=./api/v1beta2 -config=./hack/api-docs/config.json -template-dir=./hack/api-docs/template -out-file=./docs/api/v1beta2/source.md $(GEN_CRD_API_REFERENCE_DOCS) -api-dir=./api/v1 -config=./hack/api-docs/config.json -template-dir=./hack/api-docs/template -out-file=./docs/api/v1/source.md tidy: ## Run go mod tidy diff --git a/api/v1/ocirepository_types.go b/api/v1/ocirepository_types.go index 53a304b9..b12773a6 100644 --- a/api/v1/ocirepository_types.go +++ b/api/v1/ocirepository_types.go @@ -108,9 +108,6 @@ type OCIRepositorySpec struct { // authenticating with a certificate; the CA cert is useful if // you are using a self-signed server certificate. The Secret must // be of type `Opaque` or `kubernetes.io/tls`. - // - // Note: Support for the `caFile`, `certFile` and `keyFile` keys have - // been deprecated. // +optional CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"` @@ -205,20 +202,6 @@ type OCIRepositoryStatus struct { // +optional Artifact *Artifact `json:"artifact,omitempty"` - // ContentConfigChecksum is a checksum of all the configurations related to - // the content of the source artifact: - // - .spec.ignore - // - .spec.layerSelector - // observed in .status.observedGeneration version of the object. This can - // be used to determine if the content configuration has changed and the - // artifact needs to be rebuilt. - // It has the format of `:`, for example: `sha256:`. - // - // Deprecated: Replaced with explicit fields for observed artifact content - // config in the status. - // +optional - ContentConfigChecksum string `json:"contentConfigChecksum,omitempty"` - // ObservedIgnore is the observed exclusion patterns used for constructing // the source artifact. // +optional diff --git a/config/crd/bases/source.toolkit.fluxcd.io_ocirepositories.yaml b/config/crd/bases/source.toolkit.fluxcd.io_ocirepositories.yaml index 565c8d55..589a275d 100644 --- a/config/crd/bases/source.toolkit.fluxcd.io_ocirepositories.yaml +++ b/config/crd/bases/source.toolkit.fluxcd.io_ocirepositories.yaml @@ -68,9 +68,6 @@ spec: authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate. The Secret must be of type `Opaque` or `kubernetes.io/tls`. - - Note: Support for the `caFile`, `certFile` and `keyFile` keys have - been deprecated. properties: name: description: Name of the referent. @@ -364,20 +361,6 @@ spec: - type type: object type: array - contentConfigChecksum: - description: |- - ContentConfigChecksum is a checksum of all the configurations related to - the content of the source artifact: - - .spec.ignore - - .spec.layerSelector - observed in .status.observedGeneration version of the object. This can - be used to determine if the content configuration has changed and the - artifact needs to be rebuilt. - It has the format of `:`, for example: `sha256:`. - - Deprecated: Replaced with explicit fields for observed artifact content - config in the status. - type: string lastHandledReconcileAt: description: |- LastHandledReconcileAt holds the value of the most recent diff --git a/config/testdata/ocirepository/signed-with-notation.yaml b/config/testdata/ocirepository/signed-with-notation.yaml index 39f3fe81..55820f6d 100644 --- a/config/testdata/ocirepository/signed-with-notation.yaml +++ b/config/testdata/ocirepository/signed-with-notation.yaml @@ -1,5 +1,5 @@ --- -apiVersion: source.toolkit.fluxcd.io/v1beta2 +apiVersion: source.toolkit.fluxcd.io/v1 kind: OCIRepository metadata: name: podinfo-deploy-signed-with-notation diff --git a/docs/api/v1/source.md b/docs/api/v1/source.md index 21ec31ac..0e9c7cc8 100644 --- a/docs/api/v1/source.md +++ b/docs/api/v1/source.md @@ -1196,8 +1196,6 @@ registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate. The Secret must be of type Opaque or kubernetes.io/tls.

-

Note: Support for the caFile, certFile and keyFile keys have -been deprecated.

@@ -3296,8 +3294,6 @@ registry. The client cert and key are useful if you are authenticating with a certificate; the CA cert is useful if you are using a self-signed server certificate. The Secret must be of type Opaque or kubernetes.io/tls.

-

Note: Support for the caFile, certFile and keyFile keys have -been deprecated.

@@ -3457,27 +3453,6 @@ Artifact -contentConfigChecksum
- -string - - - -(Optional) -

ContentConfigChecksum is a checksum of all the configurations related to -the content of the source artifact: -- .spec.ignore -- .spec.layerSelector -observed in .status.observedGeneration version of the object. This can -be used to determine if the content configuration has changed and the -artifact needs to be rebuilt. -It has the format of <algo>:<checksum>, for example: sha256:<checksum>.

-

Deprecated: Replaced with explicit fields for observed artifact content -config in the status.

- - - - observedIgnore
string diff --git a/docs/spec/v1/ocirepositories.md b/docs/spec/v1/ocirepositories.md index 530c9617..b3fc8203 100644 --- a/docs/spec/v1/ocirepositories.md +++ b/docs/spec/v1/ocirepositories.md @@ -326,10 +326,6 @@ data: ca.crt: ``` -**Warning:** Support for the `caFile`, `certFile` and `keyFile` keys have been -deprecated. If you have any Secrets using these keys and specified in an -OCIRepository, the controller will log a deprecation warning. - ### Proxy secret reference `.spec.proxySecretRef.name` is an optional field used to specify the name of a @@ -1073,19 +1069,6 @@ configuration issue in the OCIRepository spec. When a reconciliation fails, the reconciliation is performed again after the failure, the reason is updated to `Progressing`. -### Content Configuration Checksum - -The source-controller calculates the SHA256 checksum of the various -configurations of the OCIRepository that indicate a change in source and -records it in `.status.contentConfigChecksum`. This field is used to determine -if the source artifact needs to be rebuilt. - -**Deprecation Note:** `contentConfigChecksum` is no longer used and will be -removed in the next API version. The individual components used for generating -content configuration checksum now have explicit fields in the status. This -makes the observations used by the controller for making artifact rebuild -decisions more transparent and easier to debug. - ### Observed Ignore The source-controller reports an observed ignore in the OCIRepository's diff --git a/internal/controller/ocirepository_controller.go b/internal/controller/ocirepository_controller.go index 3cbef7d4..5056d66f 100644 --- a/internal/controller/ocirepository_controller.go +++ b/internal/controller/ocirepository_controller.go @@ -1225,7 +1225,6 @@ func (r *OCIRepositoryReconciler) reconcileArtifact(ctx context.Context, sp *pat // Record the observations on the object. obj.Status.Artifact = artifact.DeepCopy() obj.Status.Artifact.Metadata = metadata.Metadata - obj.Status.ContentConfigChecksum = "" // To be removed in the next API version. obj.Status.ObservedIgnore = obj.Spec.Ignore obj.Status.ObservedLayerSelector = obj.Spec.LayerSelector diff --git a/internal/controller/ocirepository_controller_test.go b/internal/controller/ocirepository_controller_test.go index f8c3e730..69eb38a1 100644 --- a/internal/controller/ocirepository_controller_test.go +++ b/internal/controller/ocirepository_controller_test.go @@ -3028,12 +3028,12 @@ func TestOCIRepository_objectLevelWorkloadIdentityFeatureGate(t *testing.T) { }) g.Expect(err).NotTo(HaveOccurred()) - obj := &ociv1.OCIRepository{ + obj := &sourcev1.OCIRepository{ ObjectMeta: metav1.ObjectMeta{ GenerateName: "ocirepository-reconcile", Namespace: ns.Name, }, - Spec: ociv1.OCIRepositorySpec{ + Spec: sourcev1.OCIRepositorySpec{ URL: "oci://ghcr.io/stefanprodan/manifests/podinfo", Interval: metav1.Duration{Duration: 60 * time.Minute}, Provider: "aws", @@ -3044,7 +3044,7 @@ func TestOCIRepository_objectLevelWorkloadIdentityFeatureGate(t *testing.T) { g.Expect(testEnv.Create(ctx, obj)).To(Succeed()) key := client.ObjectKey{Name: obj.Name, Namespace: obj.Namespace} - resultobj := &ociv1.OCIRepository{} + resultobj := &sourcev1.OCIRepository{} g.Eventually(func() bool { if err := testEnv.Get(ctx, key, resultobj); err != nil { diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go index 24a88782..c4f7005f 100644 --- a/internal/controller/suite_test.go +++ b/internal/controller/suite_test.go @@ -452,7 +452,7 @@ func int64p(i int64) *int64 { return &i } -func logOCIRepoStatus(t *testing.T, obj *sourcev1beta2.OCIRepository) { +func logOCIRepoStatus(t *testing.T, obj *sourcev1.OCIRepository) { sts, _ := yaml.Marshal(obj.Status) t.Log(string(sts)) }