diff --git a/Makefile b/Makefile index 3e7b856ea..44d11d607 100644 --- a/Makefile +++ b/Makefile @@ -83,7 +83,7 @@ ci: all tidy vendor bazel-generate generate-verify all: test forklift-controller # Run tests -test: generate fmt vet manifests +test: manifests generate fmt vet go test ./pkg/... ./cmd/... -coverprofile cover.out # Experimental e2e target @@ -108,15 +108,15 @@ e2e-sanity-openstack-extended: # Build forklift-controller binary -forklift-controller: generate fmt vet +forklift-controller: manifests generate fmt vet go build -o bin/forklift-controller github.com/konveyor/forklift-controller/cmd/forklift-controller # Build manager binary with compiler optimizations disabled -debug: generate fmt vet +debug: manifests generate fmt vet go build -o bin/forklift-controller -gcflags=all="-N -l" github.com/konveyor/forklift-controller/cmd/forklift-controller # Run against the configured Kubernetes cluster in ~/.kube/config -run: generate fmt vet +run: manifests generate fmt vet export METRICS_PORT=8888;\ KUBEVIRT_CLIENT_GO_SCHEME_REGISTRATION_VERSION=v1 go run ./cmd/forklift-controller/main.go diff --git a/operator/config/default/kustomization.yaml b/operator/config/default/kustomization.yaml index d2bdc2c32..22d0557cc 100644 --- a/operator/config/default/kustomization.yaml +++ b/operator/config/default/kustomization.yaml @@ -9,8 +9,10 @@ namespace: forklift-operator-system namePrefix: "" # Labels to add to all resources and selectors. -#commonLabels: -# someName: someValue +#labels: +#- includeSelectors: true +# pairs: +# someName: someValue resources: - ../crd diff --git a/operator/config/default/manager_auth_proxy_patch.yaml b/operator/config/default/manager_auth_proxy_patch.yaml index a380b7011..2afc97cc5 100644 --- a/operator/config/default/manager_auth_proxy_patch.yaml +++ b/operator/config/default/manager_auth_proxy_patch.yaml @@ -16,7 +16,7 @@ spec: # capabilities: # drop: # - "ALL" - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.11.0 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.13.1 args: - "--secure-listen-address=0.0.0.0:8443" - "--upstream=http://127.0.0.1:8080/" diff --git a/operator/config/rbac/role.yaml b/operator/config/rbac/role.yaml index c37828a77..be4b227c0 100644 --- a/operator/config/rbac/role.yaml +++ b/operator/config/rbac/role.yaml @@ -4,6 +4,12 @@ kind: ClusterRole metadata: name: manager-role rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - watch - apiGroups: - config.openshift.io resources: diff --git a/operator/config/testing/kustomization.yaml b/operator/config/testing/kustomization.yaml index 410916239..9c402ad26 100644 --- a/operator/config/testing/kustomization.yaml +++ b/operator/config/testing/kustomization.yaml @@ -4,8 +4,10 @@ namespace: osdk-test namePrefix: osdk- # Labels to add to all resources and selectors. -#commonLabels: -# someName: someValue +#labels: +#- includeSelectors: true +# pairs: +# someName: someValue patchesStrategicMerge: - manager_image.yaml diff --git a/operator/molecule/default/converge.yml b/operator/molecule/default/converge.yml index 9e65e378f..6296136cb 100644 --- a/operator/molecule/default/converge.yml +++ b/operator/molecule/default/converge.yml @@ -8,7 +8,7 @@ tasks: - name: Create Namespace - k8s: + kubernetes.core.k8s: api_version: v1 kind: Namespace name: '{{ namespace }}' diff --git a/operator/molecule/default/destroy.yml b/operator/molecule/default/destroy.yml index 9a41e7dec..094c70d4c 100644 --- a/operator/molecule/default/destroy.yml +++ b/operator/molecule/default/destroy.yml @@ -12,7 +12,7 @@ state: absent - name: Destroy Namespace - k8s: + kubernetes.core.k8s: api_version: v1 kind: Namespace name: '{{ namespace }}' diff --git a/operator/molecule/default/kustomize.yml b/operator/molecule/default/kustomize.yml index 587164877..1b73a488b 100644 --- a/operator/molecule/default/kustomize.yml +++ b/operator/molecule/default/kustomize.yml @@ -8,14 +8,14 @@ changed_when: false - name: Set resources to {{ state }} - k8s: + kubernetes.core.k8s: definition: '{{ item }}' state: '{{ state }}' wait: no loop: '{{ resources.stdout | from_yaml_all | list }}' - name: Wait for resources to get to {{ state }} - k8s: + kubernetes.core.k8s: definition: '{{ item }}' state: '{{ state }}' wait: yes diff --git a/operator/molecule/default/molecule.yml b/operator/molecule/default/molecule.yml index ea58004dc..91fcfcaf9 100644 --- a/operator/molecule/default/molecule.yml +++ b/operator/molecule/default/molecule.yml @@ -3,18 +3,12 @@ dependency: name: galaxy driver: name: delegated -lint: | - set -e - yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" . platforms: - name: cluster groups: - k8s provisioner: name: ansible - lint: | - set -e - ansible-lint inventory: group_vars: all: @@ -31,6 +25,3 @@ provisioner: K8S_AUTH_KUBECONFIG: ${KUBECONFIG:-"~/.kube/config"} verifier: name: ansible - lint: | - set -e - ansible-lint diff --git a/operator/molecule/default/tasks/forkliftcontroller_test.yml b/operator/molecule/default/tasks/forkliftcontroller_test.yml index c3f8cd983..a426253e9 100644 --- a/operator/molecule/default/tasks/forkliftcontroller_test.yml +++ b/operator/molecule/default/tasks/forkliftcontroller_test.yml @@ -1,6 +1,6 @@ --- - name: Create the forklift.konveyor.io/v1beta1.ForkliftController - k8s: + kubernetes.core.k8s: state: present namespace: '{{ namespace }}' definition: "{{ lookup('template', '/'.join([samples_dir, cr_file])) | from_yaml }}" diff --git a/operator/molecule/kind/molecule.yml b/operator/molecule/kind/molecule.yml index d4361f32f..534c8ce4c 100644 --- a/operator/molecule/kind/molecule.yml +++ b/operator/molecule/kind/molecule.yml @@ -3,9 +3,6 @@ dependency: name: galaxy driver: name: delegated -lint: | - set -e - yamllint -d "{extends: relaxed, rules: {line-length: {max: 120}}}" . platforms: - name: cluster groups: @@ -15,9 +12,6 @@ provisioner: playbooks: prepare: ../default/prepare.yml verify: ../default/verify.yml - lint: | - set -e - ansible-lint inventory: group_vars: all: @@ -37,6 +31,3 @@ provisioner: KUBECONFIG: ${MOLECULE_EPHEMERAL_DIRECTORY}/kubeconfig verifier: name: ansible - lint: | - set -e - ansible-lint diff --git a/operator/requirements.yml b/operator/requirements.yml index b64a6f7a2..71b36faf1 100644 --- a/operator/requirements.yml +++ b/operator/requirements.yml @@ -1,10 +1,8 @@ --- collections: - - name: community.kubernetes - version: "2.0.1" - name: operator_sdk.util - version: "0.4.0" + version: "0.5.0" - name: kubernetes.core - version: "2.3.1" + version: "2.4.0" - name: cloud.common - version: "2.1.1" + version: "2.1.4" diff --git a/operator/roles/forkliftcontroller/meta/main.yml b/operator/roles/forkliftcontroller/meta/main.yml index c979c5daf..7006ba00f 100644 --- a/operator/roles/forkliftcontroller/meta/main.yml +++ b/operator/roles/forkliftcontroller/meta/main.yml @@ -14,7 +14,7 @@ galaxy_info: platforms: - name: EL versions: - - 8 + - 9 galaxy_tags: - forklift @@ -28,4 +28,4 @@ galaxy_info: dependencies: [] collections: - operator_sdk.util -- community.kubernetes +- kubernetes.core diff --git a/operator/roles/forkliftcontroller/tasks/cleanup.yml b/operator/roles/forkliftcontroller/tasks/cleanup.yml index 74d8abd4b..8fd17e61b 100644 --- a/operator/roles/forkliftcontroller/tasks/cleanup.yml +++ b/operator/roles/forkliftcontroller/tasks/cleanup.yml @@ -2,7 +2,7 @@ - block: - name: "Get {{ resource_kind }} resources labeled {{ feature_label }}" - k8s_info: + kubernetes.core.k8s_info: namespace: "{{ app_namespace }}" kind: "{{ resource_kind }}" label_selectors: @@ -10,7 +10,7 @@ register: results - name: "Clean up {{ resource_kind }} resources labeled {{ feature_label }}" - k8s: + kubernetes.core.k8s: namespace: "{{ app_namespace }}" kind: "{{ results.resources[0].kind }}" name: "{{ results.resources[0].metadata.name }}" diff --git a/operator/roles/forkliftcontroller/tasks/main.yml b/operator/roles/forkliftcontroller/tasks/main.yml index d823f6485..f650b59fe 100644 --- a/operator/roles/forkliftcontroller/tasks/main.yml +++ b/operator/roles/forkliftcontroller/tasks/main.yml @@ -48,39 +48,39 @@ trusted_ca_enabled: true - name: "Create an empty ConfigMap that will hold the trusted CA" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'configmap-trusted-ca.yml.j2') }}" - name: "Setup the webhook secret" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'secret-webhook-server-secret.yml.j2') }}" - name: "Setup controller config map" - k8s: + kubernetes.core.k8s: state : present definition: "{{ lookup('template', 'controller/configmap-controller.yml.j2') }}" - name: "Setup inventory service" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'controller/service-inventory.yml.j2') }}" - name: "Setup controller deployment" - k8s: + kubernetes.core.k8s: state : present definition: "{{ lookup('template', 'controller/deployment-controller.yml.j2') }}" merge_type: "merge" - name: "Setup inventory route" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'controller/route-inventory.yml.j2') }}" when: not k8s_cluster|bool - name: "Setup forklift-controller security context constraints" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'controller/controller-scc.yml.j2') }}" when: not k8s_cluster|bool @@ -88,80 +88,80 @@ - when: feature_volume_populator|bool block: - name: "Setup populator controller deployment" - k8s: + kubernetes.core.k8s: state: "{{ volume_populator_state }}" definition: "{{ lookup('template', 'populator/deployment-populator-controller.yml.j2') }}" - when: k8s_cluster|bool block: - name: "Create a trusted CA issuer" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'cert-manager-trusted-ca.yml.j2') }}" - name: "Configure webhook certificate on K8s" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/ca.yml.j2') }}" - name: "Configure validation certificate on K8s" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'validation/ca.yml.j2') }}" - name: "Configure inventory certificate on K8s" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'controller/ca.yml.j2') }}" - name: "Configure must-gather certificate on K8s" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'must-gather-api/ca.yml.j2') }}" - name: "Setup api service" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/service-forklift-api.yml.j2') }}" - name: "Setup api deployment" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/deployment-forklift-api.yml.j2') }}" - name: "Delete aggregated validation webhook configurations" - k8s: + kubernetes.core.k8s: state: absent definition: "{{ lookup('template', 'api/validatingwebhookconfiguration-forklift-api.yml.j2') }}" - name: "Setup secrets validating webhook configuration" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/validatingwebhookconfiguration-secrets.yml.j2') }}" - name: "Setup plans validating webhook configuration" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/validatingwebhookconfiguration-plans.yml.j2') }}" - name: "Setup providers validating webhook configuration" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/validatingwebhookconfiguration-providers.yml.j2') }}" - name: "Delete aggregated mutating webhook configurations" - k8s: + kubernetes.core.k8s: state: absent definition: "{{ lookup('template', 'api/mutatingwebhookconfiguration-forklift-api.yml.j2') }}" - name: "Setup secrets mutating webhook configuration" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/mutatingwebhookconfiguration-secrets.yml.j2') }}" - name: "Setup plans mutating webhook configuration" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'api/mutatingwebhookconfiguration-plans.yml.j2') }}" - name: "Setup default provider" - k8s: + kubernetes.core.k8s: state: present definition: "{{ lookup('template', 'controller/provider-host.yml.j2') }}" when: "'kubevirt.io' in api_groups" @@ -169,29 +169,29 @@ - when: feature_validation|bool block: - name: "Setup validation service" - k8s: + kubernetes.core.k8s: state: "{{ validation_state }}" definition: "{{ lookup('template', 'validation/service-validation.yml.j2') }}" - name: "Setup validation config map" - k8s: + kubernetes.core.k8s: state: "{{ validation_state }}" definition: "{{ lookup('template', 'validation/configmap-validation.yml.j2') }}" - name: "Setup validation deployment" - k8s: + kubernetes.core.k8s: state: "{{ validation_state }}" definition: "{{ lookup('template', 'validation/deployment-validation.yml.j2') }}" - when: feature_must_gather_api|bool block: - name: "Setup must-gather-api service" - k8s: + kubernetes.core.k8s: state: "{{ must_gather_api_state }}" definition: "{{ lookup('template', 'must-gather-api/service-must-gather-api.yml.j2') }}" - name: "Setup must-gather-api deployment" - k8s: + kubernetes.core.k8s: state: "{{ must_gather_api_state }}" definition: "{{ lookup('template', 'must-gather-api/deployment-must-gather-api.yml.j2') }}" @@ -199,27 +199,27 @@ block: - name: "Setup UI plugin configmap" - k8s: + kubernetes.core.k8s: state: "{{ ui_plugin_state }}" definition: "{{ lookup('template', 'ui-plugin/configmap-ui-plugin.yml.j2') }}" - name: "Setup UI plugin service" - k8s: + kubernetes.core.k8s: state: "{{ ui_plugin_state }}" definition: "{{ lookup('template', 'ui-plugin/service-ui-plugin.yml.j2') }}" - name: "Setup UI plugin deployment" - k8s: + kubernetes.core.k8s: state: "{{ ui_plugin_state }}" definition: "{{ lookup('template', 'ui-plugin/deployment-ui-plugin.yml.j2') }}" - name: "Setup console plugin" - k8s: + kubernetes.core.k8s: state: "{{ ui_plugin_state }}" definition: "{{ lookup('template', 'ui-plugin/console-plugin.yml.j2') }}" - name: "Get cluster console information" - k8s_info: + kubernetes.core.k8s_info: api_version: operator.openshift.io/v1 kind: console name: cluster @@ -230,7 +230,7 @@ console_plugins: "{{ console_operator['resources'][0]['spec']['plugins'] | default([]) }}" - name: "Enable console plugin" - k8s: + kubernetes.core.k8s: api_version: operator.openshift.io/v1 kind: console name: cluster diff --git a/pkg/forklift-api/webhooks/mutating-webhook/mutating-webhook.go b/pkg/forklift-api/webhooks/mutating-webhook/mutating-webhook.go index 0cfe73ba4..1ea604009 100644 --- a/pkg/forklift-api/webhooks/mutating-webhook/mutating-webhook.go +++ b/pkg/forklift-api/webhooks/mutating-webhook/mutating-webhook.go @@ -4,7 +4,7 @@ import ( "encoding/json" "net/http" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime" diff --git a/pkg/forklift-api/webhooks/mutating-webhook/mutators/plan-mutator.go b/pkg/forklift-api/webhooks/mutating-webhook/mutators/plan-mutator.go index b2b59af52..a06ab22ed 100644 --- a/pkg/forklift-api/webhooks/mutating-webhook/mutators/plan-mutator.go +++ b/pkg/forklift-api/webhooks/mutating-webhook/mutators/plan-mutator.go @@ -8,7 +8,7 @@ import ( net "github.com/k8snetworkplumbingwg/network-attachment-definition-client/pkg/apis/k8s.cni.cncf.io/v1" api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1" "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/util" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" core "k8s.io/api/core/v1" k8serr "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/forklift-api/webhooks/mutating-webhook/mutators/secret-mutator.go b/pkg/forklift-api/webhooks/mutating-webhook/mutators/secret-mutator.go index 1ced3ee8b..93dbbefbd 100644 --- a/pkg/forklift-api/webhooks/mutating-webhook/mutators/secret-mutator.go +++ b/pkg/forklift-api/webhooks/mutating-webhook/mutators/secret-mutator.go @@ -15,7 +15,7 @@ import ( "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/util" liberr "github.com/konveyor/forklift-controller/pkg/lib/error" "github.com/konveyor/forklift-controller/pkg/lib/logging" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" core "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/pkg/forklift-api/webhooks/util/util.go b/pkg/forklift-api/webhooks/util/util.go index 51c220b6b..ae09f5a5c 100644 --- a/pkg/forklift-api/webhooks/util/util.go +++ b/pkg/forklift-api/webhooks/util/util.go @@ -7,7 +7,7 @@ import ( "net/http" api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" ) diff --git a/pkg/forklift-api/webhooks/validating-webhook/admitters/plan-admitter.go b/pkg/forklift-api/webhooks/validating-webhook/admitters/plan-admitter.go index c6f571036..7a80c8ad1 100644 --- a/pkg/forklift-api/webhooks/validating-webhook/admitters/plan-admitter.go +++ b/pkg/forklift-api/webhooks/validating-webhook/admitters/plan-admitter.go @@ -9,7 +9,7 @@ import ( "encoding/json" "fmt" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1" "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/util" diff --git a/pkg/forklift-api/webhooks/validating-webhook/admitters/provider-admitter.go b/pkg/forklift-api/webhooks/validating-webhook/admitters/provider-admitter.go index 816b82130..076e3cdbb 100644 --- a/pkg/forklift-api/webhooks/validating-webhook/admitters/provider-admitter.go +++ b/pkg/forklift-api/webhooks/validating-webhook/admitters/provider-admitter.go @@ -7,7 +7,7 @@ import ( api "github.com/konveyor/forklift-controller/pkg/apis/forklift/v1beta1" "github.com/konveyor/forklift-controller/pkg/forklift-api/webhooks/util" liberr "github.com/konveyor/forklift-controller/pkg/lib/error" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/pkg/forklift-api/webhooks/validating-webhook/admitters/secret-admitter.go b/pkg/forklift-api/webhooks/validating-webhook/admitters/secret-admitter.go index 1144ecc5d..764e9a01a 100644 --- a/pkg/forklift-api/webhooks/validating-webhook/admitters/secret-admitter.go +++ b/pkg/forklift-api/webhooks/validating-webhook/admitters/secret-admitter.go @@ -17,7 +17,7 @@ import ( libcontainer "github.com/konveyor/forklift-controller/pkg/lib/inventory/container" "github.com/konveyor/forklift-controller/pkg/lib/logging" "github.com/konveyor/forklift-controller/pkg/settings" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" core "k8s.io/api/core/v1" k8serr "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/pkg/forklift-api/webhooks/validating-webhook/validating-webhook.go b/pkg/forklift-api/webhooks/validating-webhook/validating-webhook.go index c154cc3f7..cf090877e 100644 --- a/pkg/forklift-api/webhooks/validating-webhook/validating-webhook.go +++ b/pkg/forklift-api/webhooks/validating-webhook/validating-webhook.go @@ -5,7 +5,7 @@ import ( "fmt" "net/http" - admissionv1 "k8s.io/api/admission/v1beta1" + admissionv1 "k8s.io/api/admission/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime"