🧹 update operator-sdk (#994)

* update operator-sdk

Signed-off-by: Ivan Milchev <[email protected]>

* do not check for copyright bundle.Dockerfile

Signed-off-by: Ivan Milchev <[email protected]>

* make looking up for conditions more stable

Signed-off-by: Ivan Milchev <[email protected]>

* make all oom tests look up for conditions by name

Signed-off-by: Ivan Milchev <[email protected]>

* fix build

Signed-off-by: Ivan Milchev <[email protected]>

---------

Signed-off-by: Ivan Milchev <[email protected]>

.copywrite.hcl

@@ -16,5 +16,6 @@ project {
     "charts/mondoo-operator/**",
     "config/**/*.yaml",
     "controllers/admission/webhook-manifests.yaml",
+    "bundle.Dockerfile",
   ]
 }

.github/env

@@ -1,2 +1,2 @@
-golang-version=1.21.3
-operator-sdk-version=v1.26.0
+golang-version=1.21.5
+operator-sdk-version=v1.33.0

Makefile

@@ -59,7 +59,7 @@ endif
 IMG ?= $(IMAGE_TAG_BASE):$(VERSION)
 
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
-ENVTEST_K8S_VERSION = 1.24
+ENVTEST_K8S_VERSION = 1.26
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -161,7 +161,7 @@ endif
 
 ##@ Build
 
-build: generate fmt vet ## Build manager binary.
+build: manifests generate fmt vet ## Build manager binary.
 	CGO_ENABLED=0 GOOS=$(TARGET_OS) GOARCH=$(TARGET_ARCH) go build -o bin/mondoo-operator -ldflags $(LDFLAGS) cmd/mondoo-operator/main.go
 
 run: manifests generate fmt vet ## Run a controller from your host.

PROJECT

@@ -1,6 +1,6 @@
 domain: mondoo.com
 layout:
-- go.kubebuilder.io/v4-alpha
+- go.kubebuilder.io/v4
 plugins:
   manifests.sdk.operatorframework.io/v2: {}
   scorecard.sdk.operatorframework.io/v2: {}

api/v1alpha2/mondooauditconfig_types.go

@@ -200,7 +200,7 @@ const (
 	// Indicates weather Admission controller is Degraded because of the ScanAPI
 	ScanAPIDegraded MondooAuditConfigConditionType = "ScanAPIDegraded"
 	// Indicates weather the operator itself is Degraded
-	MondooOperaotrDegraded MondooAuditConfigConditionType = "MondooOperatorDegraded"
+	MondooOperatorDegraded MondooAuditConfigConditionType = "MondooOperatorDegraded"
 	// MondooIntegrationDegraded will hold the status for any issues encountered while trying to CheckIn()
 	// on behalf of the Mondoo integration MRN
 	MondooIntegrationDegraded MondooAuditConfigConditionType = "IntegrationDegraded"

bundle.Dockerfile

@@ -1,6 +1,3 @@
-# Copyright (c) Mondoo, Inc.
-# SPDX-License-Identifier: BUSL-1.1
-
 FROM scratch
 
 # Core bundle labels.
@@ -9,9 +6,9 @@ LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
 LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
 LABEL operators.operatorframework.io.bundle.package.v1=mondoo-operator
 LABEL operators.operatorframework.io.bundle.channels.v1=stable-v1
-LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.32.0
+LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.33.0
 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
-LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v4-alpha
+LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v4
 
 # Labels for testing.
 LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1

cmd/mondoo-operator/operator/operator_status.go

@@ -114,5 +114,5 @@ func updateOperatorConditions(config *k8sv1alpha2.MondooAuditConfig, degradedSta
 		status = corev1.ConditionTrue
 	}
 
-	config.Status.Conditions = mondoo.SetMondooAuditCondition(config.Status.Conditions, k8sv1alpha2.MondooOperaotrDegraded, status, reason, msg, updateCheck, affectedPods, memoryLimit)
+	config.Status.Conditions = mondoo.SetMondooAuditCondition(config.Status.Conditions, k8sv1alpha2.MondooOperatorDegraded, status, reason, msg, updateCheck, affectedPods, memoryLimit)
 }

config/default/manager_auth_proxy_patch.yaml

@@ -13,7 +13,7 @@ spec:
     spec:
       containers:
       - name: kube-rbac-proxy
-        image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.0
+        image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.1
         args:
         - "--secure-listen-address=0.0.0.0:8443"
         - "--upstream=http://127.0.0.1:8080/"

controllers/status/operator_status.go

@@ -189,7 +189,7 @@ func ReportStatusRequestFromAuditConfig(
 	}
 
 	messages[5].Identifier = MondooOperatorIdentifier
-	mondooOperator := mondoo.FindMondooAuditConditions(m.Status.Conditions, v1alpha2.MondooOperaotrDegraded)
+	mondooOperator := mondoo.FindMondooAuditConditions(m.Status.Conditions, v1alpha2.MondooOperatorDegraded)
 	if mondooOperator != nil {
 		if mondooOperator.Status == v1.ConditionTrue {
 			messages[5].Status = mondooclient.MessageStatus_MESSAGE_ERROR

controllers/status/operator_status_test.go

@@ -75,7 +75,7 @@ func TestReportStatusRequestFromAuditConfig_AllEnabled(t *testing.T) {
 		{Message: "Node Scanning is available", Status: v1.ConditionFalse, Type: v1alpha2.NodeScanningDegraded},
 		{Message: "Admission controller is available", Status: v1.ConditionFalse, Type: v1alpha2.AdmissionDegraded},
 		{Message: "ScanAPI controller is available", Status: v1.ConditionFalse, Type: v1alpha2.ScanAPIDegraded},
-		{Message: "Mondoo Operator controller is available", Status: v1.ConditionFalse, Type: v1alpha2.MondooOperaotrDegraded},
+		{Message: "Mondoo Operator controller is available", Status: v1.ConditionFalse, Type: v1alpha2.MondooOperatorDegraded},
 	}
 
 	reportStatus := ReportStatusRequestFromAuditConfig(integrationMrn, m, nodes, v, logger)
@@ -133,7 +133,7 @@ func TestReportStatusRequestFromAuditConfig_AllEnabled_DeprecatedFields(t *testi
 		{Message: "Node Scanning is available", Status: v1.ConditionFalse, Type: v1alpha2.NodeScanningDegraded},
 		{Message: "Admission controller is available", Status: v1.ConditionFalse, Type: v1alpha2.AdmissionDegraded},
 		{Message: "ScanAPI controller is available", Status: v1.ConditionFalse, Type: v1alpha2.ScanAPIDegraded},
-		{Message: "Mondoo Operator controller is available", Status: v1.ConditionFalse, Type: v1alpha2.MondooOperaotrDegraded},
+		{Message: "Mondoo Operator controller is available", Status: v1.ConditionFalse, Type: v1alpha2.MondooOperatorDegraded},
 	}
 
 	reportStatus := ReportStatusRequestFromAuditConfig(integrationMrn, m, nodes, v, logger)
@@ -187,7 +187,7 @@ func TestReportStatusRequestFromAuditConfig_AllError(t *testing.T) {
 		{Message: "Node Scanning error", Status: v1.ConditionTrue, Type: v1alpha2.NodeScanningDegraded},
 		{Message: "Admission controller error", Status: v1.ConditionTrue, Type: v1alpha2.AdmissionDegraded},
 		{Message: "ScanAPI controller error", Status: v1.ConditionTrue, Type: v1alpha2.ScanAPIDegraded},
-		{Message: "Mondoo Operator controller is unavailable", Status: v1.ConditionTrue, Type: v1alpha2.MondooOperaotrDegraded},
+		{Message: "Mondoo Operator controller is unavailable", Status: v1.ConditionTrue, Type: v1alpha2.MondooOperatorDegraded},
 	}
 
 	reportStatus := ReportStatusRequestFromAuditConfig(integrationMrn, m, nodes, v, logger)

tests/integration/audit_config_base_suite.go

@@ -35,6 +35,7 @@ import (
 	"go.mondoo.com/mondoo-operator/controllers/scanapi"
 	"go.mondoo.com/mondoo-operator/pkg/utils/k8s"
 	"go.mondoo.com/mondoo-operator/pkg/utils/logger"
+	"go.mondoo.com/mondoo-operator/pkg/utils/mondoo"
 	"go.mondoo.com/mondoo-operator/pkg/version"
 	"go.mondoo.com/mondoo-operator/tests/framework/installer"
 	"go.mondoo.com/mondoo-operator/tests/framework/nexus"
@@ -273,13 +274,15 @@ func (s *AuditConfigBaseSuite) testOOMMondooOperatorController(auditConfig mondo
 	// a new replicaset should be created
 	// the first Pod tries to start and gets killed
 	// on the 2nd start we should get an OOMkilled status update
-	err := s.testCluster.K8sHelper.CheckForDegradedCondition(&auditConfig, mondoov2.MondooOperaotrDegraded, corev1.ConditionTrue)
+	err := s.testCluster.K8sHelper.CheckForDegradedCondition(&auditConfig, mondoov2.MondooOperatorDegraded, corev1.ConditionTrue)
 	s.NoError(err, "Failed to find degraded condition")
 
 	foundMondooAuditConfig, err := s.testCluster.K8sHelper.GetMondooAuditConfigFromCluster(auditConfig.Name, auditConfig.Namespace)
 	s.NoError(err, "Failed to find MondooAuditConfig")
-	s.Contains(foundMondooAuditConfig.Status.Conditions[5].Message, "OOM", "Failed to find OOMKilled message in degraded condition")
-	s.Len(foundMondooAuditConfig.Status.Conditions[5].AffectedPods, 1, "Failed to find only one pod in degraded condition")
+	cond := mondoo.FindMondooAuditConditions(foundMondooAuditConfig.Status.Conditions, mondoov2.MondooOperatorDegraded)
+	s.Require().NotNil(cond)
+	s.Contains(cond.Message, "OOM", "Failed to find OOMKilled message in degraded condition")
+	s.Len(cond.AffectedPods, 1, "Failed to find only one pod in degraded condition")
 
 	// Give the integration a chance to update
 	time.Sleep(2 * time.Second)
@@ -299,12 +302,14 @@ func (s *AuditConfigBaseSuite) testOOMMondooOperatorController(auditConfig mondo
 	zap.S().Info("Increasing memory limit to get controller running again.")
 	s.NoError(s.testCluster.K8sHelper.Clientset.Update(s.ctx, &operatorDeployment))
 
-	err = s.testCluster.K8sHelper.CheckForDegradedCondition(&auditConfig, mondoov2.MondooOperaotrDegraded, corev1.ConditionFalse)
+	err = s.testCluster.K8sHelper.CheckForDegradedCondition(&auditConfig, mondoov2.MondooOperatorDegraded, corev1.ConditionFalse)
 	s.NoError(err, "Failed to find degraded condition")
 	foundMondooAuditConfig, err = s.testCluster.K8sHelper.GetMondooAuditConfigFromCluster(auditConfig.Name, auditConfig.Namespace)
 	s.NoError(err, "Failed to find MondooAuditConfig")
-	s.NotContains(foundMondooAuditConfig.Status.Conditions[5].Message, "OOM", "Found OOMKilled message in condition")
-	s.Len(foundMondooAuditConfig.Status.Conditions[5].AffectedPods, 0, "Found a pod in condition")
+	cond = mondoo.FindMondooAuditConditions(foundMondooAuditConfig.Status.Conditions, mondoov2.MondooOperatorDegraded)
+	s.Require().NotNil(cond)
+	s.NotContains(cond.Message, "OOM", "Found OOMKilled message in condition")
+	s.Len(cond.AffectedPods, 0, "Found a pod in condition")
 
 	// Give the integration a chance to update
 	time.Sleep(2 * time.Second)
@@ -555,8 +560,10 @@ func (s *AuditConfigBaseSuite) testOOMScanAPI(auditConfig mondoov2.MondooAuditCo
 	foundMondooAuditConfig, err := s.testCluster.K8sHelper.GetMondooAuditConfigFromCluster(auditConfig.Name, auditConfig.Namespace)
 	s.NoError(err, "Failed to find MondooAuditConfig")
 
-	s.Contains(foundMondooAuditConfig.Status.Conditions[4].Message, "OOM", "Failed to find OOMKilled message in degraded condition")
-	s.Len(foundMondooAuditConfig.Status.Conditions[4].AffectedPods, 1, "Failed to find only one pod in degraded condition")
+	cond := mondoo.FindMondooAuditConditions(foundMondooAuditConfig.Status.Conditions, mondoov2.ScanAPIDegraded)
+	s.Require().NotNil(cond)
+	s.Contains(cond.Message, "OOM", "Failed to find OOMKilled message in degraded condition")
+	s.Len(cond.AffectedPods, 1, "Failed to find only one pod in degraded condition")
 
 	// Give the integration a chance to update
 	time.Sleep(2 * time.Second)
@@ -576,8 +583,11 @@ func (s *AuditConfigBaseSuite) testOOMScanAPI(auditConfig mondoov2.MondooAuditCo
 	s.NoError(err, "Failed to find degraded condition")
 	foundMondooAuditConfig, err = s.testCluster.K8sHelper.GetMondooAuditConfigFromCluster(auditConfig.Name, auditConfig.Namespace)
 	s.NoError(err, "Failed to find MondooAuditConfig")
-	s.NotContains(foundMondooAuditConfig.Status.Conditions[4].Message, "OOM", "Found OOMKilled message in condition")
-	s.Len(foundMondooAuditConfig.Status.Conditions[4].AffectedPods, 0, "Found a pod in condition")
+
+	cond = mondoo.FindMondooAuditConditions(foundMondooAuditConfig.Status.Conditions, mondoov2.ScanAPIDegraded)
+	s.Require().NotNil(cond)
+	s.NotContains(cond.Message, "OOM", "Found OOMKilled message in condition")
+	s.Len(cond.AffectedPods, 0, "Found a pod in condition")
 
 	// Give the integration a chance to update
 	time.Sleep(2 * time.Second)
@@ -640,8 +650,10 @@ func (s *AuditConfigBaseSuite) testOOMNodeScan(auditConfig mondoov2.MondooAuditC
 
 	foundMondooAuditConfig, err := s.testCluster.K8sHelper.GetMondooAuditConfigFromCluster(auditConfig.Name, auditConfig.Namespace)
 	s.NoError(err, "Failed to find MondooAuditConfig")
-	s.Contains(foundMondooAuditConfig.Status.Conditions[0].Message, "OOM", "Failed to find OOMKilled message in degraded condition")
-	s.Len(foundMondooAuditConfig.Status.Conditions[0].AffectedPods, 1, "Failed to find only one pod in degraded condition")
+	cond := mondoo.FindMondooAuditConditions(foundMondooAuditConfig.Status.Conditions, mondoov2.NodeScanningDegraded)
+	s.Require().NotNil(cond)
+	s.Contains(cond.Message, "OOM", "Failed to find OOMKilled message in degraded condition")
+	s.Len(cond.AffectedPods, 1, "Failed to find only one pod in degraded condition")
 
 	// Give the integration a chance to update
 	time.Sleep(2 * time.Second)
@@ -665,8 +677,10 @@ func (s *AuditConfigBaseSuite) testOOMNodeScan(auditConfig mondoov2.MondooAuditC
 	s.NoError(err, "Failed to find degraded condition")
 	foundMondooAuditConfig, err = s.testCluster.K8sHelper.GetMondooAuditConfigFromCluster(auditConfig.Name, auditConfig.Namespace)
 	s.NoError(err, "Failed to find MondooAuditConfig")
-	s.NotContains(foundMondooAuditConfig.Status.Conditions[0].Message, "OOM", "Found OOMKilled message in condition")
-	s.Len(foundMondooAuditConfig.Status.Conditions[0].AffectedPods, 0, "Found a pod in condition")
+	cond = mondoo.FindMondooAuditConditions(foundMondooAuditConfig.Status.Conditions, mondoov2.ScanAPIDegraded)
+	s.Require().NotNil(cond)
+	s.NotContains(cond.Message, "OOM", "Found OOMKilled message in condition")
+	s.Len(cond.AffectedPods, 0, "Found a pod in condition")
 
 	// Give the integration a chance to update
 	time.Sleep(2 * time.Second)