Update CrownLabs operators SDKs

.github/workflows/lint.yml

@@ -13,70 +13,67 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{github.event.pull_request.head.repo.full_name}}
           persist-credentials: false
 
       - name: Setup Go
-        uses: actions/setup-go@v3
+        uses: actions/setup-go@v5
         with:
-          go-version: 1.19
+          go-version-file: ./operators/go.mod
 
       - name: Check linting
-        uses: golangci/golangci-lint-action@v3
+        uses: golangci/golangci-lint-action@v4
         with:
-          version: v1.50.1
+          version: v1.56
           working-directory: operators
-          args: --timeout=600s
-
 
   gomodtidy:
     name: Enforce go.mod tidiness
     runs-on: ubuntu-latest
 
     steps:
-    - name: Checkout
-      uses: actions/checkout@v3
-      with:
-        ref: "${{ github.event.pull_request.head.sha }}"
-        repository: ${{github.event.pull_request.head.repo.full_name}}
-        persist-credentials: false
-
-    - name: Setup Go
-      uses: actions/setup-go@v3
-      with:
-        go-version: 1.19
-
-    - name: Execute go mod tidy and check the outcome
-      working-directory: ./operators
-      run: |
-        go mod tidy
-        exit_code=$(git diff --exit-code)
-        exit ${exit_code}
-
-    - name: Issue a comment in case the of failure
-      uses: peter-evans/create-or-update-comment@v2
-      with:
-        token: ${{ secrets.CI_TOKEN }}
-        issue-number: ${{ github.event.pull_request.number }}
-        body: |
-          The `go.mod` and/or `go.sum` files appear not to be correctly tidied.
-
-          Please, rerun `go mod tidy` to fix the issues.
-        reactions: confused
-      if: |
-        failure() && github.event.pull_request.head.repo.full_name == github.repository
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          ref: "${{ github.event.pull_request.head.sha }}"
+          repository: ${{github.event.pull_request.head.repo.full_name}}
+          persist-credentials: false
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: ./operators/go.mod
 
+      - name: Execute go mod tidy and check the outcome
+        working-directory: ./operators
+        run: |
+          go mod tidy
+          exit_code=$(git diff --exit-code)
+          exit ${exit_code}
+
+      - name: Issue a comment in case the of failure
+        uses: peter-evans/create-or-update-comment@v4
+        with:
+          token: ${{ secrets.CI_TOKEN }}
+          issue-number: ${{ github.event.pull_request.number }}
+          body: |
+            The `go.mod` and/or `go.sum` files appear not to be correctly tidied.
+
+            Please, rerun `go mod tidy` to fix the issues.
+          reactions: confused
+        if: |
+          failure() && github.event.pull_request.head.repo.full_name == github.repository
 
   python-lint:
     name: Lint python files
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{github.event.pull_request.head.repo.full_name}}
@@ -85,14 +82,13 @@ jobs:
       - name: Check linting
         uses: TrueBrain/actions-flake8@v2
 
-
   markdown-lint:
     name: Lint markdown files (check links validity)
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{github.event.pull_request.head.repo.full_name}}
@@ -101,16 +97,15 @@ jobs:
       - name: Check the validity of the links in the documentation
         uses: gaurav-nelson/[email protected]
         with:
-          use-quiet-mode: 'yes'
-
+          use-quiet-mode: "yes"
 
   shell-lint:
     name: Lint shell files
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{github.event.pull_request.head.repo.full_name}}
@@ -119,23 +114,22 @@ jobs:
       - name: Run shellcheck
         uses: azohra/[email protected]
         with:
-          exclude-paths: "**/.husky/*-commit" 
-
+          exclude-paths: "**/.husky/*-commit"
 
   frontend-lint:
     name: Lint frontend files
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{github.event.pull_request.head.repo.full_name}}
           persist-credentials: false
 
       - name: Setup nodeJS
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 14
 
@@ -147,21 +141,20 @@ jobs:
         working-directory: ./frontend
         run: yarn check-format-lint
 
-
   qlkube-lint:
     name: Lint qlkube files
     runs-on: ubuntu-latest
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           repository: ${{github.event.pull_request.head.repo.full_name}}
           persist-credentials: false
 
       - name: Setup nodeJS
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 14
 

.github/workflows/test.yml

@@ -66,23 +66,22 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v3
         with:
-          go-version: 1.19
+          go-version: '1.21'
 
       - uses: actions/setup-python@v4
         with:
           python-version: "3.10"
 
       - name: Install Kubebuilder
         run: |
-          version=2.3.1 # latest stable version
-          kubernetes_version=1.25.0
-          curl -L -O "https://github.com/kubernetes-sigs/kubebuilder/releases/download/v${version}/kubebuilder_${version}_linux_$(go env GOARCH).tar.gz"
-          tar -zxvf kubebuilder_${version}_linux_$(go env GOARCH).tar.gz
-          mv kubebuilder_${version}_linux_$(go env GOARCH) kubebuilder
+          version=3.14.1 # latest stable version
+          kubernetes_version=1.28.0
+          curl -L -O "https://github.com/kubernetes-sigs/kubebuilder/releases/download/v${version}/kubebuilder_linux_$(go env GOARCH)"
           curl --fail -sSLo envtest-bins.tar.gz "https://go.kubebuilder.io/test-tools/${kubernetes_version}/$(go env GOOS)/$(go env GOARCH)"
-          tar -zxvf envtest-bins.tar.gz kubebuilder/bin/kube-apiserver --overwrite -C kubebuilder/bin
+          tar -zxvf envtest-bins.tar.gz && rm -f envtest-bins.tar.gz
+          mv kubebuilder_linux_$(go env GOARCH) kubebuilder/bin/kubebuilder
           sudo mv kubebuilder /usr/local/
-
+          sudo chmod +x /usr/local/kubebuilder/bin/*
       - name: Perform the tests
         working-directory: operators/
         run: |

.golangci.yml

@@ -1,14 +1,17 @@
 run:
-  skip-files:
-    - "zz_generated.*.go"
-    - ".*mock.go"
+  deadline: 5m
+  allow-parallel-runners: true
 
 linters-settings:
   exhaustive:
     check-generated: false
     default-signifies-exhaustive: true
   gci:
-    local-prefixes: github.com/netgroup-polito/CrownLabs
+    sections:
+      - standard
+      - default
+      - prefix(github.com/netgroup-polito/CrownLabs)
+
   goconst:
     min-len: 2
     min-occurrences: 2
@@ -43,7 +46,7 @@ linters-settings:
   goimports:
     local-prefixes: github.com/netgroup-polito/CrownLabs
   govet:
-    check-shadowing: true
+    shadow: true
   misspell:
     locale: US
   nolintlint:
@@ -57,7 +60,7 @@ linters:
   enable:
     - asciicheck
     - bodyclose
-    - depguard
+    # - depguard
     - dogsled
     - dupl
     - durationcheck
@@ -115,6 +118,10 @@ issues:
     # errcheck: Almost all programs ignore errors on these functions and in most cases it's ok
     - Error return value of .((os\.)?std(out|err)\..*|.*Close|.*Flush|os\.Remove(All)?|.*printf?|os\.(Un)?Setenv). is not checked
 
+  exclude-files:
+    - "zz_generated.*.go"
+    - ".*mock.go"
+
   exclude-rules:
     - linters:
         - govet
@@ -125,6 +132,10 @@ issues:
       # Excluding, as many packages are currently affected by this
       text: "don't use an underscore in package name"
 
+    - linters:
+        - revive
+      text: "should not use dot imports"
+
     - linters:
         - stylecheck
       # Excluding, as many packages are currently affected by this
@@ -134,3 +145,12 @@ issues:
     - path: _test\.go
       linters:
         - gosec
+
+    - path: "api/*"
+      linters:
+        - lll
+
+    - path: "internal/*"
+      linters:
+        - dupl
+        - lll

infrastructure/docker-registry/README.md

@@ -40,7 +40,7 @@ To install Harbor, it is possible to leverage the [official Helm Chart](https://
   6. PVC that can be shared across nodes (i.e., with `ReadWriteMany` access mode) or external object storage
 
 ### Redis Configuration
-In our architecture we have a [Redis-Sentinel](https://redis.io/docs/manual/sentinel/) service, instead of [Redis Cluster](https://redis.io/docs/manual/scaling/), because with this architecture Sentinel manages automatically the failover of the master.
+In our architecture we have a [Redis-Sentinel](https://redis.io/docs/latest/operate/oss_and_stack/management/sentinel/) service, instead of [Redis Cluster](https://redis.io/docs/latest/operate/oss_and_stack/management/scaling/), because with this architecture Sentinel manages automatically the failover of the master.
 To enable the `Redis-Sentinel ` architecture it is necessary to configure the following parameter in the redis file values (`redis-service-values.yaml`):
 ```yaml
   sentinel.enabled=true

infrastructure/monitoring/kube-prometheus-stack/README.md

@@ -174,7 +174,7 @@ The access to Alertmanager and Prometheus is limited to users belonging to the `
 #### Additional references
 
 1. [ingress-nginx - External OAUTH authentication](https://github.com/kubernetes/ingress-nginx/tree/master/docs/examples/auth/oauth-external-auth)
-2. [oauth2-proxy - Configuration](https://oauth2-proxy.github.io/oauth2-proxy/docs/configuration/overview)
+2. [oauth2-proxy - Configuration](https://oauth2-proxy.github.io/oauth2-proxy/configuration/overview)
 
 ### Monitor the Bind DNS Server
 

operators/Makefile

@@ -1,3 +1,10 @@
+### NOTE: THIS FILE IS CURRENTLY NOT UP TO DATE WITH THE ACTUAL KUBEBUILDER 3 BOILERPLATE
+
+# Image URL to use all building/pushing image targets
+IMG ?= controller:latest
+# ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
+ENVTEST_K8S_VERSION = 1.29.0
+
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
 GOBIN=$(shell go env GOPATH)/bin
@@ -59,7 +66,7 @@ generate: controller-gen
 # download controller-gen if necessary
 controller-gen:
 ifeq (, $(shell which controller-gen))
-	@go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.11.1
+	@go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.14.0
 CONTROLLER_GEN=$(GOBIN)/controller-gen
 else
 CONTROLLER_GEN=$(shell which controller-gen)

operators/PROJECT

@@ -0,0 +1,10 @@
+# Code generated by tool. DO NOT EDIT.
+# This file is used to track the info used to scaffold your project
+# and allow the plugins properly work.
+# More info: https://book.kubebuilder.io/reference/project-config.html
+domain: crownlabs.polito.it
+layout:
+- go.kubebuilder.io/v4
+projectName: operators
+repo: github.com/netgroup-polito/CrownLabs/operators
+version: "3"

operators/build/golang-common/Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.19 as builder
+FROM golang:1.21 as builder
 WORKDIR /tmp/builder
 
 COPY go.mod ./go.mod
@@ -12,7 +12,7 @@ COPY . ./
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=$(go env GOARCH) go build -ldflags="-s -w" ./cmd/$COMPONENT
 
 
-FROM alpine:3.14
+FROM alpine:3.19
 
 RUN apk update && \
     apk add --no-cache ca-certificates && \

operators/cmd/bastion-operator/main.go

@@ -25,6 +25,8 @@ import (
 	"k8s.io/klog/v2"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/healthz"
+	"sigs.k8s.io/controller-runtime/pkg/metrics/server"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
 
 	crownlabsv1alpha1 "github.com/netgroup-polito/CrownLabs/operators/api/v1alpha1"
 	crownlabsv1alpha2 "github.com/netgroup-polito/CrownLabs/operators/api/v1alpha2"
@@ -55,8 +57,8 @@ func main() {
 
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), ctrl.Options{
 		Scheme:                 scheme,
-		MetricsBindAddress:     metricsAddr,
-		Port:                   9443,
+		Metrics:                server.Options{BindAddress: metricsAddr},
+		WebhookServer:          webhook.NewServer(webhook.Options{Port: 9443}),
 		LeaderElection:         enableLeaderElection,
 		HealthProbeBindAddress: ":8081",
 		LivenessEndpointName:   "/healthz",