diff --git a/.golangci.yml b/.golangci.yml index d546fae9..b7793eb1 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -2,7 +2,11 @@ run: # Extend default timeout for running in single-core CI timeout: 5m tests: false - +issues: + exclude-rules: + - path: pkg/mod + linters: + - '*' linters: enable: # Default linters plus these: diff --git a/Dockerfile b/Dockerfile index e0561ab2..cfa2ec6c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.22.7-alpine as builder +FROM --platform=$BUILDPLATFORM golang:1.23.5-alpine as builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/Makefile b/Makefile index 77bef172..ad952eae 100644 --- a/Makefile +++ b/Makefile @@ -100,7 +100,7 @@ envtest: lint: lint-deps - golangci-lint run + golangci-lint run --skip-dirs "pkg/mod" lint-deps: @if ! which golangci-lint >/dev/null || [[ "$$(golangci-lint --version)" != *${LINT_VERSION}* ]]; then \ diff --git a/api/common/utils/secret_template.go b/api/common/utils/secret_template.go index f9148959..9244a2ca 100644 --- a/api/common/utils/secret_template.go +++ b/api/common/utils/secret_template.go @@ -7,7 +7,7 @@ import ( "io" "text/template" - "github.com/Masterminds/sprig/v3" + sprigv3 "github.com/Masterminds/sprig/v3" "github.com/SAP/sap-btp-service-operator/api/common" "github.com/pkg/errors" corev1 "k8s.io/api/core/v1" @@ -336,7 +336,7 @@ func ParseTemplate(templateName, text string) (*template.Template, error) { } func filteredFuncMap() template.FuncMap { - funcs := sprig.TxtFuncMap() + funcs := sprigv3.TxtFuncMap() for sprigFunc := range funcs { if _, ok := allowedSprigFunctions[sprigFunc]; !ok { diff --git a/api/v1/servicebinding_types.go b/api/v1/servicebinding_types.go index 01296125..743dd586 100644 --- a/api/v1/servicebinding_types.go +++ b/api/v1/servicebinding_types.go @@ -189,11 +189,11 @@ func (sb *ServiceBinding) SetReady(ready metav1.ConditionStatus) { } func (sb *ServiceBinding) GetAnnotations() map[string]string { - return sb.Annotations + return sb.ObjectMeta.Annotations } func (sb *ServiceBinding) SetAnnotations(annotations map[string]string) { - sb.Annotations = annotations + sb.ObjectMeta.Annotations = annotations } // +kubebuilder:object:root=true diff --git a/api/v1/servicebinding_validating_webhook.go b/api/v1/servicebinding_validating_webhook.go index 439ae64c..749308ac 100644 --- a/api/v1/servicebinding_validating_webhook.go +++ b/api/v1/servicebinding_validating_webhook.go @@ -47,7 +47,7 @@ var _ webhook.Validator = &ServiceBinding{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type func (sb *ServiceBinding) ValidateCreate() (admission.Warnings, error) { - servicebindinglog.Info("validate create", "name", sb.Name) + servicebindinglog.Info("validate create", "name", sb.ObjectMeta.Name) if sb.Spec.CredRotationPolicy != nil { if err := sb.validateCredRotatingConfig(); err != nil { return nil, err @@ -58,7 +58,7 @@ func (sb *ServiceBinding) ValidateCreate() (admission.Warnings, error) { // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type func (sb *ServiceBinding) ValidateUpdate(old runtime.Object) (admission.Warnings, error) { - servicebindinglog.Info("validate update", "name", sb.Name) + servicebindinglog.Info("validate update", "name", sb.ObjectMeta.Name) if sb.Spec.CredRotationPolicy != nil { if err := sb.validateCredRotatingConfig(); err != nil { return nil, err @@ -87,10 +87,10 @@ func (sb *ServiceBinding) ValidateUpdate(old runtime.Object) (admission.Warnings } func (sb *ServiceBinding) validateRotationLabels(old *ServiceBinding) bool { - if sb.Labels[common.StaleBindingIDLabel] != old.Labels[common.StaleBindingIDLabel] { + if sb.ObjectMeta.Labels[common.StaleBindingIDLabel] != old.ObjectMeta.Labels[common.StaleBindingIDLabel] { return false } - return sb.Labels[common.StaleBindingRotationOfLabel] == old.Labels[common.StaleBindingRotationOfLabel] + return sb.ObjectMeta.Labels[common.StaleBindingRotationOfLabel] == old.ObjectMeta.Labels[common.StaleBindingRotationOfLabel] } func (sb *ServiceBinding) specChanged(oldBinding *ServiceBinding) bool { @@ -110,7 +110,7 @@ func (sb *ServiceBinding) specChanged(oldBinding *ServiceBinding) bool { // ValidateDelete implements webhook.Validator so a webhook will be registered for the type func (sb *ServiceBinding) ValidateDelete() (admission.Warnings, error) { - servicebindinglog.Info("validate delete", "name", sb.Name) + servicebindinglog.Info("validate delete", "name", sb.ObjectMeta.Name) // TODO(user): fill in your validation logic upon object deletion. return nil, nil diff --git a/api/v1/serviceinstance_types.go b/api/v1/serviceinstance_types.go index 60e5b858..0cbee582 100644 --- a/api/v1/serviceinstance_types.go +++ b/api/v1/serviceinstance_types.go @@ -186,11 +186,11 @@ func (si *ServiceInstance) SetReady(ready metav1.ConditionStatus) { si.Status.Ready = ready } func (si *ServiceInstance) GetAnnotations() map[string]string { - return si.Annotations + return si.ObjectMeta.Annotations } func (si *ServiceInstance) SetAnnotations(annotations map[string]string) { - si.Annotations = annotations + si.ObjectMeta.Annotations = annotations } // +kubebuilder:object:root=true diff --git a/api/v1/serviceinstance_validating_webhook.go b/api/v1/serviceinstance_validating_webhook.go index c7c83982..d6a1e3a1 100644 --- a/api/v1/serviceinstance_validating_webhook.go +++ b/api/v1/serviceinstance_validating_webhook.go @@ -47,7 +47,7 @@ func (si *ServiceInstance) ValidateCreate() (warnings admission.Warnings, err er } func (si *ServiceInstance) ValidateUpdate(old runtime.Object) (warnings admission.Warnings, err error) { - serviceinstancelog.Info("validate update", "name", si.Name) + serviceinstancelog.Info("validate update", "name", si.ObjectMeta.Name) oldInstance := old.(*ServiceInstance) if oldInstance.Spec.BTPAccessCredentialsSecret != si.Spec.BTPAccessCredentialsSecret { @@ -57,11 +57,11 @@ func (si *ServiceInstance) ValidateUpdate(old runtime.Object) (warnings admissio } func (si *ServiceInstance) ValidateDelete() (warnings admission.Warnings, err error) { - serviceinstancelog.Info("validate delete", "name", si.Name) - if si.Annotations != nil { - preventDeletion, ok := si.Annotations[common.PreventDeletion] + serviceinstancelog.Info("validate delete", "name", si.ObjectMeta.Name) + if si.ObjectMeta.Annotations != nil { + preventDeletion, ok := si.ObjectMeta.Annotations[common.PreventDeletion] if ok && strings.ToLower(preventDeletion) == "true" { - return nil, fmt.Errorf("service instance '%s' is marked with \"prevent deletion\"", si.Name) + return nil, fmt.Errorf("service instance '%s' is marked with \"prevent deletion\"", si.ObjectMeta.Name) } } return nil, nil diff --git a/config/crd/bases/services.cloud.sap.com_servicebindings.yaml b/config/crd/bases/services.cloud.sap.com_servicebindings.yaml index 0cfb92f0..7a0fb9eb 100644 --- a/config/crd/bases/services.cloud.sap.com_servicebindings.yaml +++ b/config/crd/bases/services.cloud.sap.com_servicebindings.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: servicebindings.services.cloud.sap.com spec: group: services.cloud.sap.com @@ -82,7 +82,6 @@ spec: description: |- Parameters for the binding. - The Parameters field is NOT secret or secured in any way and should NEVER be used to hold sensitive information. To set parameters that contain secret information, you should ALWAYS store that information @@ -199,16 +198,8 @@ spec: conditions: description: Service binding conditions items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -249,12 +240,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -362,7 +348,6 @@ spec: description: |- Parameters for the binding. - The Parameters field is NOT secret or secured in any way and should NEVER be used to hold sensitive information. To set parameters that contain secret information, you should ALWAYS store that information @@ -464,16 +449,8 @@ spec: conditions: description: Service binding conditions items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -514,12 +491,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/config/crd/bases/services.cloud.sap.com_serviceinstances.yaml b/config/crd/bases/services.cloud.sap.com_serviceinstances.yaml index 70fc85e3..e42dfb04 100644 --- a/config/crd/bases/services.cloud.sap.com_serviceinstances.yaml +++ b/config/crd/bases/services.cloud.sap.com_serviceinstances.yaml @@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.15.0 + controller-gen.kubebuilder.io/version: v0.16.1 name: serviceinstances.services.cloud.sap.com spec: group: services.cloud.sap.com @@ -89,7 +89,6 @@ spec: description: |- Provisioning parameters for the instance. - The Parameters field is NOT secret or secured in any way and should NEVER be used to hold sensitive information. To set parameters that contain secret information, you should ALWAYS store that information @@ -140,10 +139,6 @@ spec: shared: description: Indicates the desired shared state type: boolean - watchParametersFromChanges: - description: indicate instance will update on secrets from parametersFrom - change - type: boolean userInfo: description: |- UserInfo contains information about the user that last modified this @@ -175,6 +170,10 @@ spec: all active users. type: string type: object + watchParametersFromChanges: + description: indicate instance will update on secrets from parametersFrom + change + type: boolean required: - serviceOfferingName - servicePlanName @@ -185,16 +184,8 @@ spec: conditions: description: Service instance conditions items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -235,12 +226,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string @@ -352,7 +338,6 @@ spec: description: |- Provisioning parameters for the instance. - The Parameters field is NOT secret or secured in any way and should NEVER be used to hold sensitive information. To set parameters that contain secret information, you should ALWAYS store that information @@ -444,16 +429,8 @@ spec: conditions: description: Service instance conditions items: - description: "Condition contains details for one aspect of the current - state of this API Resource.\n---\nThis struct is intended for - direct use as an array at the field path .status.conditions. For - example,\n\n\n\ttype FooStatus struct{\n\t // Represents the - observations of a foo's current state.\n\t // Known .status.conditions.type - are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // - +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t - \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" - patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t - \ // other fields\n\t}" + description: Condition contains details for one aspect of the current + state of this API Resource. properties: lastTransitionTime: description: |- @@ -494,12 +471,7 @@ spec: - Unknown type: string type: - description: |- - type of condition in CamelCase or in foo.example.com/CamelCase. - --- - Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be - useful (see .node.status.conditions), the ability to deconflict is important. - The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + description: type of condition in CamelCase or in foo.example.com/CamelCase. maxLength: 316 pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ type: string diff --git a/controllers/secret_controller.go b/controllers/secret_controller.go index 60a7f955..c43a72bd 100644 --- a/controllers/secret_controller.go +++ b/controllers/secret_controller.go @@ -40,7 +40,7 @@ func (r *SecretReconciler) Reconcile(ctx context.Context, req reconcile.Request) log.Info(fmt.Sprintf("reconciling params secret %s", req.NamespacedName)) // Fetch the Secret secret := &corev1.Secret{} - if err := r.Get(ctx, req.NamespacedName, secret); err != nil { + if err := r.Client.Get(ctx, req.NamespacedName, secret); err != nil { if !apierrors.IsNotFound(err) { log.Error(err, "unable to fetch Secret") } diff --git a/go.mod b/go.mod index f4cda1a3..d3acbd58 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/SAP/sap-btp-service-operator -go 1.22.7 +go 1.23.5 require ( github.com/Masterminds/sprig/v3 v3.2.3