Remove deprecated status fields from OCIRepository v1

Signed-off-by: Stefan Prodan <stefan.prodan@gmail.com>
2025-05-08 11:54:42 +03:00 · 2025-05-08 11:54:42 +03:00 · aadaf1c0aa
parent 34bb9862e6
commit aadaf1c0aa
9 changed files with 5 additions and 83 deletions
--- a/1
+++ b/1
@ -115,7 +115,6 @@ manifests: controller-gen  ## Generate manifests, e.g. CRD, RBAC, etc.
 	cd api; $(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role paths="./..." output:crd:artifacts:config="../config/crd/bases"
 api-docs: gen-crd-api-reference-docs  ## Generate API reference documentation
 	$(GEN_CRD_API_REFERENCE_DOCS) -api-dir=./api/v1beta2 -config=./hack/api-docs/config.json -template-dir=./hack/api-docs/template -out-file=./docs/api/v1beta2/source.md
 	$(GEN_CRD_API_REFERENCE_DOCS) -api-dir=./api/v1 -config=./hack/api-docs/config.json -template-dir=./hack/api-docs/template -out-file=./docs/api/v1/source.md
 tidy:  ## Run go mod tidy
--- a/api/v1/ocirepository_types.go
+++ b/api/v1/ocirepository_types.go
@ -108,9 +108,6 @@ type OCIRepositorySpec struct {
 	// authenticating with a certificate; the CA cert is useful if
 	// you are using a self-signed server certificate. The Secret must
 	// be of type `Opaque` or `kubernetes.io/tls`.
 	//
 	// Note: Support for the `caFile`, `certFile` and `keyFile` keys have
 	// been deprecated.
 	// +optional
 	CertSecretRef *meta.LocalObjectReference `json:"certSecretRef,omitempty"`
@ -205,20 +202,6 @@ type OCIRepositoryStatus struct {
 	// +optional
 	Artifact *Artifact `json:"artifact,omitempty"`
 	// ContentConfigChecksum is a checksum of all the configurations related to
 	// the content of the source artifact:
 	//  - .spec.ignore
 	//  - .spec.layerSelector
 	// observed in .status.observedGeneration version of the object. This can
 	// be used to determine if the content configuration has changed and the
 	// artifact needs to be rebuilt.
 	// It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
 	//
 	// Deprecated: Replaced with explicit fields for observed artifact content
 	// config in the status.
 	// +optional
 	ContentConfigChecksum string `json:"contentConfigChecksum,omitempty"`
 	// ObservedIgnore is the observed exclusion patterns used for constructing
 	// the source artifact.
 	// +optional
--- a/config/crd/bases/source.toolkit.fluxcd.io_ocirepositories.yaml
+++ b/config/crd/bases/source.toolkit.fluxcd.io_ocirepositories.yaml
@ -68,9 +68,6 @@ spec:
                  authenticating with a certificate; the CA cert is useful if
                  you are using a self-signed server certificate. The Secret must
                  be of type `Opaque` or `kubernetes.io/tls`.
                  Note: Support for the `caFile`, `certFile` and `keyFile` keys have
                  been deprecated.
                properties:
                  name:
                    description: Name of the referent.
@ -364,20 +361,6 @@ spec:
                  - type
                  type: object
                type: array
              contentConfigChecksum:
                description: |-
                  ContentConfigChecksum is a checksum of all the configurations related to
                  the content of the source artifact:
                   - .spec.ignore
                   - .spec.layerSelector
                  observed in .status.observedGeneration version of the object. This can
                  be used to determine if the content configuration has changed and the
                  artifact needs to be rebuilt.
                  It has the format of `<algo>:<checksum>`, for example: `sha256:<checksum>`.
                  Deprecated: Replaced with explicit fields for observed artifact content
                  config in the status.
                type: string
              lastHandledReconcileAt:
                description: |-
                  LastHandledReconcileAt holds the value of the most recent
--- a/config/testdata/ocirepository/signed-with-notation.yaml
+++ b/config/testdata/ocirepository/signed-with-notation.yaml
@ -1,5 +1,5 @@
 ---
-apiVersion: source.toolkit.fluxcd.io/v1beta2
+apiVersion: source.toolkit.fluxcd.io/v1
 kind: OCIRepository
 metadata:
  name: podinfo-deploy-signed-with-notation
--- a/docs/api/v1/source.md
+++ b/docs/api/v1/source.md
@ -1196,8 +1196,6 @@ registry. The client cert and key are useful if you are
 authenticating with a certificate; the CA cert is useful if
 you are using a self-signed server certificate. The Secret must
 be of type <code>Opaque</code> or <code>kubernetes.io/tls</code>.</p>
 <p>Note: Support for the <code>caFile</code>, <code>certFile</code> and <code>keyFile</code> keys have
 been deprecated.</p>
 </td>
 </tr>
 <tr>
@ -3296,8 +3294,6 @@ registry. The client cert and key are useful if you are
 authenticating with a certificate; the CA cert is useful if
 you are using a self-signed server certificate. The Secret must
 be of type <code>Opaque</code> or <code>kubernetes.io/tls</code>.</p>
 <p>Note: Support for the <code>caFile</code>, <code>certFile</code> and <code>keyFile</code> keys have
 been deprecated.</p>
 </td>
 </tr>
 <tr>
@ -3457,27 +3453,6 @@ Artifact
 </tr>
 <tr>
 <td>
 <code>contentConfigChecksum</code><br>
 <em>
 string
 </em>
 </td>
 <td>
 <em>(Optional)</em>
 <p>ContentConfigChecksum is a checksum of all the configurations related to
 the content of the source artifact:
 - .spec.ignore
 - .spec.layerSelector
 observed in .status.observedGeneration version of the object. This can
 be used to determine if the content configuration has changed and the
 artifact needs to be rebuilt.
 It has the format of <code>&lt;algo&gt;:&lt;checksum&gt;</code>, for example: <code>sha256:&lt;checksum&gt;</code>.</p>
 <p>Deprecated: Replaced with explicit fields for observed artifact content
 config in the status.</p>
 </td>
 </tr>
 <tr>
 <td>
 <code>observedIgnore</code><br>
 <em>
 string
--- a/docs/spec/v1/ocirepositories.md
+++ b/docs/spec/v1/ocirepositories.md
@ -326,10 +326,6 @@ data:
  ca.crt: <BASE64>
 ```
 **Warning:** Support for the `caFile`, `certFile` and `keyFile` keys have been
 deprecated. If you have any Secrets using these keys and specified in an
 OCIRepository, the controller will log a deprecation warning.
 ### Proxy secret reference
 `.spec.proxySecretRef.name` is an optional field used to specify the name of a
@ -1073,19 +1069,6 @@ configuration issue in the OCIRepository spec. When a reconciliation fails, the
 reconciliation is performed again after the failure, the reason is updated to
 `Progressing`.
 ### Content Configuration Checksum
 The source-controller calculates the SHA256 checksum of the various
 configurations of the OCIRepository that indicate a change in source and
 records it in `.status.contentConfigChecksum`. This field is used to determine
 if the source artifact needs to be rebuilt.
 **Deprecation Note:** `contentConfigChecksum` is no longer used and will be
 removed in the next API version. The individual components used for generating
 content configuration checksum now have explicit fields in the status. This
 makes the observations used by the controller for making artifact rebuild
 decisions more transparent and easier to debug.
 ### Observed Ignore
 The source-controller reports an observed ignore in the OCIRepository's
--- a/internal/controller/ocirepository_controller.go
+++ b/internal/controller/ocirepository_controller.go
@ -1225,7 +1225,6 @@ func (r *OCIRepositoryReconciler) reconcileArtifact(ctx context.Context, sp *pat
 	// Record the observations on the object.
 	obj.Status.Artifact = artifact.DeepCopy()
 	obj.Status.Artifact.Metadata = metadata.Metadata
 	obj.Status.ContentConfigChecksum = "" // To be removed in the next API version.
 	obj.Status.ObservedIgnore = obj.Spec.Ignore
 	obj.Status.ObservedLayerSelector = obj.Spec.LayerSelector
--- a/internal/controller/ocirepository_controller_test.go
+++ b/internal/controller/ocirepository_controller_test.go
@ -3028,12 +3028,12 @@ func TestOCIRepository_objectLevelWorkloadIdentityFeatureGate(t *testing.T) {
 	})
 	g.Expect(err).NotTo(HaveOccurred())
-	obj := &ociv1.OCIRepository{
+	obj := &sourcev1.OCIRepository{
 		ObjectMeta: metav1.ObjectMeta{
 			GenerateName: "ocirepository-reconcile",
 			Namespace:    ns.Name,
 		},
-		Spec: ociv1.OCIRepositorySpec{
+		Spec: sourcev1.OCIRepositorySpec{
 			URL:                "oci://ghcr.io/stefanprodan/manifests/podinfo",
 			Interval:           metav1.Duration{Duration: 60 * time.Minute},
 			Provider:           "aws",
@ -3044,7 +3044,7 @@ func TestOCIRepository_objectLevelWorkloadIdentityFeatureGate(t *testing.T) {
 	g.Expect(testEnv.Create(ctx, obj)).To(Succeed())
 	key := client.ObjectKey{Name: obj.Name, Namespace: obj.Namespace}
-	resultobj := &ociv1.OCIRepository{}
+	resultobj := &sourcev1.OCIRepository{}
 	g.Eventually(func() bool {
 		if err := testEnv.Get(ctx, key, resultobj); err != nil {
--- a/internal/controller/suite_test.go
+++ b/internal/controller/suite_test.go
@ -452,7 +452,7 @@ func int64p(i int64) *int64 {
 	return &i
 }
-func logOCIRepoStatus(t *testing.T, obj *sourcev1beta2.OCIRepository) {
+func logOCIRepoStatus(t *testing.T, obj *sourcev1.OCIRepository) {
 	sts, _ := yaml.Marshal(obj.Status)
 	t.Log(string(sts))
 }