Merge pull request #81 from avenging/update-to-kubebuilder-3.1.0

Update to kubebuilder 3.1.0
tuenti · Feb 21, 2022 · 933629d · 933629d
2 parents 1162dc8 + ceea1f0
commit 933629d
Show file tree

Hide file tree

Showing 60 changed files with 1,924 additions and 1,464 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -4,47 +4,35 @@
   jobs:
     unit_tests:
       docker:
-      - image: circleci/golang:1.12.5
+      - image: circleci/golang:1.16
       environment:
         KUBEBUILDER_CONTROLPLANE_START_TIMEOUT: "60s"
       steps:
       - checkout
       - setup_remote_docker
-      - run: curl -L -O https://github.com/kubernetes-sigs/kubebuilder/releases/download/v2.0.0-alpha.4/kubebuilder_2.0.0-alpha.4_linux_amd64.tar.gz
-      - run: tar -zxvf kubebuilder_2.0.0-alpha.4_linux_amd64.tar.gz
-      - run: mv kubebuilder_2.0.0-alpha.4_linux_amd64 kubebuilder && sudo mv kubebuilder /usr/local/
-      - run: export PATH=$PATH:/usr/local/kubebuilder/bin
       - run: make test
       - run:
           command: bash <(curl -s https://codecov.io/bash)
           when: always
 
     docker_hub_master:
       docker:
-      - image: circleci/golang:1.12.5
+      - image: circleci/golang:1.16
       environment:
         KUBEBUILDER_CONTROLPLANE_START_TIMEOUT: "60s"
       steps:
       - checkout
       - setup_remote_docker
-      - run: curl -L -O https://github.com/kubernetes-sigs/kubebuilder/releases/download/v2.0.0-alpha.4/kubebuilder_2.0.0-alpha.4_linux_amd64.tar.gz
-      - run: tar -zxvf kubebuilder_2.0.0-alpha.4_linux_amd64.tar.gz
-      - run: mv kubebuilder_2.0.0-alpha.4_linux_amd64 kubebuilder && sudo mv kubebuilder /usr/local/
-      - run: export PATH=$PATH:/usr/local/kubebuilder/bin
       - run: make test
 
     docker_hub_release_tags:
       docker:
-      - image: circleci/golang:1.12.5
+      - image: circleci/golang:1.16
       environment:
         KUBEBUILDER_CONTROLPLANE_START_TIMEOUT: "60s"
       steps:
       - checkout
       - setup_remote_docker
-      - run: curl -L -O https://github.com/kubernetes-sigs/kubebuilder/releases/download/v2.0.0-alpha.4/kubebuilder_2.0.0-alpha.4_linux_amd64.tar.gz
-      - run: tar -zxvf kubebuilder_2.0.0-alpha.4_linux_amd64.tar.gz
-      - run: mv kubebuilder_2.0.0-alpha.4_linux_amd64 kubebuilder && sudo mv kubebuilder /usr/local/
-      - run: export PATH=$PATH:/usr/local/kubebuilder/bin
       - run: make test
 
   workflows:

diff --git a/.gitignore b/.gitignore
@@ -6,6 +6,7 @@
 *.so
 *.dylib
 bin
+testbin
 
 # Tarballs
 *.tar*

diff --git a/Makefile b/Makefile
@@ -1,63 +1,77 @@
+
 DOCKER_REGISTRY = "registry.hub.docker.com"
 ORGANIZATION = "tuentitech"
 BINARY_NAME=secrets-manager
 VERSION=$(shell deploy/version/get.sh)
-GO111MODULE=on
+BUILD_FLAGS=-ldflags "-X main.version=${VERSION}"
+
 # Image URL to use all building/pushing image targets
-IMAGE = ${DOCKER_REGISTRY}/${ORGANIZATION}/${BINARY_NAME}:${VERSION}
+IMG = ${DOCKER_REGISTRY}/${ORGANIZATION}/${BINARY_NAME}:${VERSION}
+
 # Produce CRDs that work back to Kubernetes 1.11 (no version conversion)
-CRD_OPTIONS ?= "crd:trivialVersions=true"
+CRD_OPTIONS ?= "crd:trivialVersions=true,preserveUnknownFields=false"
 
-BUILD_FLAGS=-ldflags "-X main.version=${VERSION}"
+# Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
+ifeq (,$(shell go env GOBIN))
+GOBIN=$(shell go env GOPATH)/bin
+else
+GOBIN=$(shell go env GOBIN)
+endif
 
-all: manager
+# Setting SHELL to bash allows bash commands to be executed by recipes.
+# This is a requirement for 'setup-envtest.sh' in the test target.
+# Options are set to exit when a recipe line exits non-zero or a piped command fails.
+SHELL = /usr/bin/env bash -o pipefail
+.SHELLFLAGS = -ec
 
-# Run tests
-test: generate fmt vet manifests
-	go test -v ./backend/... ./errors/... ./controllers/... -coverprofile cover.out
+all: build
 
-# Build manager binary
-manager: generate fmt vet
-	go build ${BUILD_FLAGS} -o bin/${BINARY_NAME} main.go
+##@ General
 
-# Run against the configured Kubernetes cluster in ~/.kube/config
-run: generate fmt vet
-	go run ./main.go
+# The help target prints out all targets with their descriptions organized
+# beneath their categories. The categories are represented by '##@' and the
+# target descriptions by '##'. The awk commands is responsible for reading the
+# entire set of makefiles included in this invocation, looking for lines of the
+# file as xyz: ## something, and then pretty-format the target and help. Then,
+# if there's a line with ##@ something, that gets pretty-printed as a category.
+# More info on the usage of ANSI control characters for terminal formatting:
+# https://en.wikipedia.org/wiki/ANSI_escape_code#SGR_parameters
+# More info on the awk command:
+# http://linuxcommand.org/lc3_adv_awk.php
 
-# Install CRDs into a cluster
-install: manifests
-	kubectl apply -f config/crd/bases
+help: ## Display this help.
+	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m\n"} /^[a-zA-Z_0-9-]+:.*?##/ { printf "  \033[36m%-15s\033[0m %s\n", $$1, $$2 } /^##@/ { printf "\n\033[1m%s\033[0m\n", substr($$0, 5) } ' $(MAKEFILE_LIST)
 
-# Deploy controller in the configured Kubernetes cluster in ~/.kube/config
-deploy: manifests
-	kubectl apply -f config/crd/bases
-	kustomize build config/default | kubectl apply -f -
+##@ Development
 
-# Generate manifests e.g. CRD, RBAC etc.
-manifests: controller-gen
+manifests: controller-gen ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
 	$(CONTROLLER_GEN) $(CRD_OPTIONS) rbac:roleName=manager-role webhook paths="./..." output:crd:artifacts:config=config/crd/bases
 
-# Run go fmt against code
-fmt:
+generate: controller-gen ## Generate code containing DeepCopy, DeepCopyInto, and DeepCopyObject method implementations.
+	$(CONTROLLER_GEN) object:headerFile="hack/boilerplate.go.txt" paths="./..."
+
+fmt: ## Run go fmt against code.
 	go fmt ./...
 
-# Run go vet against code
-vet:
+vet: ## Run go vet against code.
 	go vet ./...
 
-# Generate code
-generate: controller-gen
-	$(CONTROLLER_GEN) object:headerFile=./hack/boilerplate.go.txt paths=./api/...
+ENVTEST_ASSETS_DIR=$(shell pwd)/testbin
+# Kube-apiserver for 1.19.0 and later were crashing on start for some reason when testing hence below.
+# TODO: Work out why later versions were crashing and remove/update
+export ENVTEST_K8S_VERSION=1.17.9
+test: manifests generate fmt vet ## Run tests.
+	mkdir -p ${ENVTEST_ASSETS_DIR}
+	test -f ${ENVTEST_ASSETS_DIR}/setup-envtest.sh || curl -sSLo ${ENVTEST_ASSETS_DIR}/setup-envtest.sh https://raw.githubusercontent.com/kubernetes-sigs/controller-runtime/v0.8.3/hack/setup-envtest.sh
+	source ${ENVTEST_ASSETS_DIR}/setup-envtest.sh; fetch_envtest_tools $(ENVTEST_ASSETS_DIR); setup_envtest_env $(ENVTEST_ASSETS_DIR); go test ./... -coverprofile cover.out
 
-# find or download controller-gen
-# download controller-gen if necessary
-controller-gen:
-ifeq (, $(shell which controller-gen))
-	go get sigs.k8s.io/controller-tools/cmd/controller-gen@v0.2.0-beta.2
-CONTROLLER_GEN=$(shell go env GOPATH)/bin/controller-gen
-else
-CONTROLLER_GEN=$(shell which controller-gen)
-endif
+##@ Build
+
+build: generate fmt vet ## Build manager binary.
+	go build ${BUILD_FLAGS} -o bin/${BINARY_NAME} main.go
+
+run: manifests generate fmt vet ## Run a controller from your host.
+	go run ./main.go
 
 # Run tests in docker
 docker-test:
@@ -69,19 +83,57 @@ docker-build: docker-test
 		--file ./deploy/Dockerfile \
 		--target release \
 		--build-arg SECRETS_MANAGER_VERSION=${VERSION} \
-		--tag ${IMAGE}
+		--tag ${IMG}
 	@echo "updating kustomize image patch file for manager resource"
-	sed -i'' -e 's@image: .*@image: '"${IMAGE}"'@' ./config/default/manager_image_patch.yaml
+	sed -i'' -e 's@image: .*@image: '"${IMG}"'@' ./config/default/manager_image_patch.yaml
 
 # Push the docker image
 docker-push:
-	docker push ${IMAGE}
+	docker push ${IMG}
 
 update-major-version:
-	deploy/version/update.sh --minor
+	deploy/version/update.sh --major
 
 update-minor-version:
 	deploy/version/update.sh --minor
 
 update-patch-version:
-	deploy/version/update.sh --patch
+	deploy/version/update.sh --patch
+
+##@ Deployment
+
+install: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config.
+	$(KUSTOMIZE) build config/crd | kubectl apply -f -
+
+uninstall: manifests kustomize ## Uninstall CRDs from the K8s cluster specified in ~/.kube/config.
+	$(KUSTOMIZE) build config/crd | kubectl delete -f -
+
+deploy: manifests kustomize ## Deploy controller to the K8s cluster specified in ~/.kube/config.
+	cd config/manager && $(KUSTOMIZE) edit set image controller=${IMG}
+	$(KUSTOMIZE) build config/default | kubectl apply -f -
+
+undeploy: ## Undeploy controller from the K8s cluster specified in ~/.kube/config.
+	$(KUSTOMIZE) build config/default | kubectl delete -f -
+
+
+CONTROLLER_GEN = $(shell pwd)/bin/controller-gen
+controller-gen: ## Download controller-gen locally if necessary.
+	$(call go-get-tool,$(CONTROLLER_GEN),sigs.k8s.io/controller-tools/cmd/controller-gen@v0.4.1)
+
+KUSTOMIZE = $(shell pwd)/bin/kustomize
+kustomize: ## Download kustomize locally if necessary.
+	$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.8.7)
+
+# go-get-tool will 'go get' any package $2 and install it to $1.
+PROJECT_DIR := $(shell dirname $(abspath $(lastword $(MAKEFILE_LIST))))
+define go-get-tool
+@[ -f $(1) ] || { \
+set -e ;\
+TMP_DIR=$$(mktemp -d) ;\
+cd $$TMP_DIR ;\
+go mod init tmp ;\
+echo "Downloading $(2)" ;\
+GOBIN=$(PROJECT_DIR)/bin go get $(2) ;\
+rm -rf $$TMP_DIR ;\
+}
+endef
diff --git a/PROJECT b/PROJECT
@@ -1,7 +1,16 @@
-version: "2"
 domain: secrets-manager.tuenti.io
+layout:
+- go.kubebuilder.io/v3
+projectName: secrets-manager
 repo: github.com/tuenti/secrets-manager
 resources:
-- group: secretsmanager
-  version: v1alpha1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: secrets-manager.tuenti.io
+  group: secretsmanager
   kind: SecretDefinition
+  path: github.com/tuenti/secrets-manager/api/v1alpha1
+  version: v1alpha1
+version: "3"
diff --git a/api/v1alpha1/groupversion_info.go b/api/v1alpha1/groupversion_info.go
@@ -1,4 +1,5 @@
 /*
+Copyright 2021.
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
@@ -14,8 +15,8 @@ limitations under the License.
 */
 
 // Package v1alpha1 contains API Schema definitions for the secretsmanager v1alpha1 API group
-// +kubebuilder:object:generate=true
-// +groupName=secrets-manager.tuenti.io
+//+kubebuilder:object:generate=true
+//+groupName=secrets-manager.tuenti.io
 package v1alpha1
 
 import (

diff --git a/api/v1alpha1/suite_test.go b/api/v1alpha1/suite_test.go
@@ -26,6 +26,7 @@ import (
 	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/envtest"
+	"sigs.k8s.io/controller-runtime/pkg/envtest/printer"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 )
@@ -42,11 +43,12 @@ func TestAPIs(t *testing.T) {
 
 	RunSpecsWithDefaultAndCustomReporters(t,
 		"v1alpha1 Suite",
-		[]Reporter{envtest.NewlineReporter{}})
+		[]Reporter{printer.NewlineReporter{}})
 }
 
 var _ = BeforeSuite(func(done Done) {
-	logf.SetLogger(zap.LoggerTo(GinkgoWriter, true))
+
+	logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true)))
 
 	By("bootstrapping test environment")
 	testEnv = &envtest.Environment{

diff --git a/backend/vault_test.go b/backend/vault_test.go
@@ -322,6 +322,7 @@ func TestVaultLoginKubernetes(t *testing.T) {
 	err2 := c.vaultKubernetesLogin(strings.NewReader(fakeKubernetesSAToken))
 	assert.NotNil(t, err2)
 }
+
 func TestVaultBackendInvalidCfg(t *testing.T) {
 	ctx, cancel := context.WithCancel(context.Background())
 	defer cancel()
@@ -571,7 +572,7 @@ func TestMain(m *testing.M) {
 		invalidSecretID: defaultInvalidAppRole,
 	}
 
-	logger = zap.Logger(false).WithName("vault-test")
+	logger = zap.New(zap.UseDevMode(true))
 
 	os.Exit(m.Run())
 }