Skip to content

Commit

Permalink
Update dependencies and CI utilities
Browse files Browse the repository at this point in the history
Much cleaner YAML from kustomize, and some cleanup in configuration for
golang-ci. Kubernetes 1.30 wasn't fully working in things here yet, it
seemed like some wrinkles inside of dependencies. But Kubernetes 1.29
comes with an extra configmap to consider during test setup.

Makefile organization was slightly to help with tracking the versions of
utilities.

Signed-off-by: Justin Kulikauskas <[email protected]>
  • Loading branch information
JustinKuli committed May 8, 2024
1 parent e3f94a2 commit 5cee15c
Show file tree
Hide file tree
Showing 13 changed files with 294 additions and 341 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,5 +36,5 @@ jobs:
- name: golangci-lint
uses: golangci/golangci-lint-action@v5
with:
version: v1.55
version: v1.58
# Automatically uses ./.golangci.yml for configuration
70 changes: 8 additions & 62 deletions .golangci.yaml
Original file line number Diff line number Diff line change
@@ -1,30 +1,14 @@
# Reference: https://github.com/golangci/golangci-lint/blob/master/.golangci.reference.yml
run:
# timeout for analysis, e.g. 30s, 5m, default is 1m
deadline: 20m
timeout: 20m

# which dirs to skip: they won't be analyzed;
# can use regexp here: generated.*, regexp is applied on full path;
# default value is empty list, but next dirs are always skipped independently
# from this option's value:
# vendor$, third_party$, testdata$, examples$, Godeps$, builtin$
skip-dirs:
- genfiles$
- vendor$
- vbh$

# which files to skip: they will be analyzed, but issues from them
# won't be reported. Default value is empty list, but there is
# no need to include all autogenerated files, we confidently recognize
# autogenerated files. If it's not please let us know.
skip-files:
- ".*\\.pb\\.go"
- ".*\\.gen\\.go"

linters:
enable-all: true
disable:
- bodyclose
- copyloopvar # prefer old style for now, more reliable across various scanners
- cyclop
- deadcode #deprecated
- depguard
Expand All @@ -40,13 +24,14 @@ linters:
- goconst
- gocyclo
- godot
- goerr113
- err113
- golint # replaced by revive
- gomnd
- gomoddirectives
- gosec
- ifshort
- interfacer
- intrange # prefer old style
- ireturn # New linter to consider
- maligned
- maintidx # New linter to consider
Expand Down Expand Up @@ -122,69 +107,26 @@ linters-settings:
gocritic:
enabled-checks:
- appendCombine
- argOrder
- assignOp
- badCond
- boolExprSimplify
- builtinShadow
- captLocal
- caseOrder
- codegenComment
- commentedOutCode
- commentedOutImport
- defaultCaseOrder
- deprecatedComment
- docStub
- dupArg
- dupBranchBody
- dupCase
- dupSubExpr
- elseif
- emptyFallthrough
- equalFold
- flagDeref
- flagName
- hexLiteral
- indexAlloc
- initClause
- methodExprCall
- nilValReturn
- octalLiteral
- offBy1
- rangeExprCopy
- regexpMust
- sloppyLen
- stringXbytes
- switchTrue
- typeAssertChain
- typeSwitchVar
- typeUnparen
- underef
- unlambda
- unnecessaryBlock
- unslice
- valSwap
- weakCond

# Unused
# - yodaStyleExpr
# - appendAssign
# - commentFormatting
# - emptyStringTest
# - exitAfterDefer
# - ifElseChain
# - hugeParam
# - importShadow
# - nestingReduce
# - paramTypeCombine
# - ptrToRefParam
# - rangeValCopy
# - singleCaseSwitch
# - sloppyReassign
# - unlabelStmt
# - unnamedResult
# - wrapperFunc

issues:
# List of regexps of issue texts to exclude, empty list by default.
# But independently from this option we use default exclude patterns,
Expand Down Expand Up @@ -223,6 +165,10 @@ issues:
- linters:
- lll
source: \/\/ ?https?:\/\/
# Don't enforce whitespace rules on test files
- path: _test\.go$
linters:
- wsl

# Independently from option `exclude` we use default exclude patterns,
# it can be disabled by this option. To list all
Expand Down
19 changes: 13 additions & 6 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -24,29 +24,36 @@ SHELL = /usr/bin/env bash -o pipefail
# Note: this replaces `go-get-tool`.
go-install = @set -e ; mkdir -p $(LOCAL_BIN) ; GOBIN=$(LOCAL_BIN) go install $(1)

# Define local utilities near the top so they work correctly as targets
# Define local utilities before other targets so they work correctly
# Note: this pattern of variables, paths, and target names allows users to
# override the version used, and helps Make by not using PHONY targets.
# To 'refresh' versions, remove the local bin directory.

CONTROLLER_GEN_VERSION ?= v0.15.0 # https://github.com/kubernetes-sigs/controller-tools/releases/latest
CONTROLLER_GEN ?= $(LOCAL_BIN)/controller-gen
$(CONTROLLER_GEN): $(LOCAL_BIN)
$(call go-install,sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0)
$(call go-install,sigs.k8s.io/controller-tools/cmd/controller-gen@$(CONTROLLER_GEN_VERSION))

ENVTEST ?= $(LOCAL_BIN)/setup-envtest
$(ENVTEST): $(LOCAL_BIN)
$(call go-install,sigs.k8s.io/controller-runtime/tools/setup-envtest@latest)

KUSTOMIZE_VERSION ?= v5.4.1 # https://github.com/kubernetes-sigs/kustomize/releases/latest
KUSTOMIZE ?= $(LOCAL_BIN)/kustomize
$(KUSTOMIZE): $(LOCAL_BIN)
$(call go-install,sigs.k8s.io/kustomize/kustomize/[email protected])
$(call go-install,sigs.k8s.io/kustomize/kustomize/v5@$(KUSTOMIZE_VERSION))

GOLANGCI_VERSION ?= v1.58.0 # https://github.com/golangci/golangci-lint/releases/latest
GOLANGCI ?= $(LOCAL_BIN)/golangci-lint
$(GOLANGCI): $(LOCAL_BIN)
$(call go-install,github.com/golangci/golangci-lint/cmd/golangci-lint@v1.55.2)
$(call go-install,github.com/golangci/golangci-lint/cmd/golangci-lint@$(GOLANGCI_VERSION))

# To change this version, adjust it in the go.mod file
# https://github.com/onsi/ginkgo/releases/latest
GINKGO_VERSION := $(shell awk '/github.com\/onsi\/ginkgo\/v2/ {print $$2}' go.mod)
GINKGO ?= $(LOCAL_BIN)/ginkgo
$(GINKGO): $(LOCAL_BIN)
$(call go-install,github.com/onsi/ginkgo/v2/ginkgo@$(shell awk '/github.com\/onsi\/ginkgo\/v2/ {print $$2}' go.mod))
$(call go-install,github.com/onsi/ginkgo/v2/ginkgo@$(GINKGO_VERSION))

.PHONY: manifests
manifests: $(CONTROLLER_GEN) $(KUSTOMIZE) ## Generate WebhookConfiguration, ClusterRole and CustomResourceDefinition objects.
Expand Down Expand Up @@ -77,7 +84,7 @@ lint: $(GOLANGCI)
$(GOLANGCI) run
yamllint -c $(ROOTDIR)/.yamllint.yaml .

ENVTEST_K8S_VERSION ?= 1.26
ENVTEST_K8S_VERSION ?= 1.29
.PHONY: test
test: manifests generate $(GINKGO) $(ENVTEST) ## Run tests.
KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" $(GINKGO) \
Expand Down
1 change: 0 additions & 1 deletion api/v1beta1/zz_generated.deepcopy.go

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

99 changes: 52 additions & 47 deletions config/crd/bases/policy.open-cluster-management.io_policycores.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.8.0
creationTimestamp: null
controller-gen.kubebuilder.io/version: v0.15.0
name: policycores.policy.open-cluster-management.io
spec:
group: policy.open-cluster-management.io
Expand All @@ -21,26 +20,32 @@ spec:
description: PolicyCore is the Schema for the policycores API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
description: |-
APIVersion defines the versioned schema of this representation of an object.
Servers should convert recognized schemas to the latest internal value, and
may reject unrecognized values.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
description: |-
Kind is a string value representing the REST resource this object represents.
Servers may infer this from the endpoint the client submits requests to.
Cannot be updated.
In CamelCase.
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
type: string
metadata:
type: object
spec:
description: PolicyCoreSpec defines fields that policies must implement
to be part of the Open Cluster Management policy framework. The intention
is for controllers to embed this struct in their *Spec definitions.
description: |-
PolicyCoreSpec defines fields that policies must implement to be part of the
Open Cluster Management policy framework. The intention is for controllers
to embed this struct in their *Spec definitions.
properties:
namespaceSelector:
description: NamespaceSelector indicates which namespaces on the cluster
this policy should apply to, when the policy applies to namespaced
objects.
description: |-
NamespaceSelector indicates which namespaces on the cluster this policy
should apply to, when the policy applies to namespaced objects.
properties:
exclude:
description: Exclude is a list of filepath expressions for namespaces
Expand All @@ -60,59 +65,63 @@ spec:
description: matchExpressions is a list of label selector requirements.
The requirements are ANDed.
items:
description: A label selector requirement is a selector that
contains values, a key, and an operator that relates the key
and values.
description: |-
A label selector requirement is a selector that contains values, a key, and an operator that
relates the key and values.
properties:
key:
description: key is the label key that the selector applies
to.
type: string
operator:
description: operator represents a key's relationship to
a set of values. Valid operators are In, NotIn, Exists
and DoesNotExist.
description: |-
operator represents a key's relationship to a set of values.
Valid operators are In, NotIn, Exists and DoesNotExist.
type: string
values:
description: values is an array of string values. If the
operator is In or NotIn, the values array must be non-empty.
If the operator is Exists or DoesNotExist, the values
array must be empty. This array is replaced during a strategic
description: |-
values is an array of string values. If the operator is In or NotIn,
the values array must be non-empty. If the operator is Exists or DoesNotExist,
the values array must be empty. This array is replaced during a strategic
merge patch.
items:
type: string
type: array
x-kubernetes-list-type: atomic
required:
- key
- operator
type: object
type: array
x-kubernetes-list-type: atomic
matchLabels:
additionalProperties:
type: string
description: matchLabels is a map of {key,value} pairs. A single
{key,value} in the matchLabels map is equivalent to an element
of matchExpressions, whose key field is "key", the operator
is "In", and the values array contains only "value". The requirements
are ANDed.
description: |-
matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels
map is equivalent to an element of matchExpressions, whose key field is "key", the
operator is "In", and the values array contains only "value". The requirements are ANDed.
type: object
type: object
x-kubernetes-map-type: atomic
remediationAction:
description: RemediationAction indicates what the policy controller
should do when the policy is not compliant. Accepted values include
inform, and enforce. Note that not all policy controllers will attempt
to automatically remediate a policy, even when set to "enforce".
description: |-
RemediationAction indicates what the policy controller should do when the
policy is not compliant. Accepted values include inform, and enforce.
Note that not all policy controllers will attempt to automatically
remediate a policy, even when set to "enforce".
enum:
- Inform
- inform
- Enforce
- enforce
type: string
severity:
description: 'Severity defines how serious the situation is when the
policy is not compliant. The severity should not change the behavior
of the policy, but may be read and used by other tools. Accepted
values include: low, medium, high, and critical.'
description: |-
Severity defines how serious the situation is when the policy is not
compliant. The severity should not change the behavior of the policy, but
may be read and used by other tools. Accepted values include: low,
medium, high, and critical.
enum:
- low
- Low
Expand All @@ -125,12 +134,14 @@ spec:
type: string
type: object
status:
description: PolicyCoreStatus defines fields that policies should implement
as part of the Open Cluster Management policy framework.
description: |-
PolicyCoreStatus defines fields that policies should implement as part of
the Open Cluster Management policy framework.
properties:
compliant:
description: 'ComplianceState indicates whether the policy is compliant
or not. Accepted values include: Compliant, NonCompliant, and UnknownCompliancy'
description: |-
ComplianceState indicates whether the policy is compliant or not.
Accepted values include: Compliant, NonCompliant, and UnknownCompliancy
enum:
- Compliant
- NonCompliant
Expand All @@ -142,9 +153,3 @@ spec:
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []
Loading

0 comments on commit 5cee15c

Please sign in to comment.