chore: re-scaffold kubebuilder project (#451)

## Issue 449 ## Description This PR re-scaffolds the project using `kubebuilder alpha generate`. The 2 major changes are: - Remove all usage of `kube-rbac-proxy` and replace with [WithAuthenticationAndAuthorization ](https://pkg.go.dev/sigs.k8s.io/controller-runtime/pkg/metrics/filters#WithAuthenticationAndAuthorization) due to `kube-rbac-proxy` being deprecated - Initialize e2e tests. For now, we are only testing basic functionality. The tests should be expanded to cover validator-specific use-cases. --------- Signed-off-by: Artur Shad Nik <[email protected]>
validator-labs · Dec 11, 2024 · 025d729 · 025d729
1 parent f574d8c
commit 025d729
Show file tree

Hide file tree

Showing 37 changed files with 1,061 additions and 504 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -1,13 +1,15 @@
 run:
-  timeout: 10m
+  timeout: 5m
   allow-parallel-runners: true
 
 issues:
   # don't skip warning about doc comments
   # don't exclude the default set of lint
   exclude-use-default: false
+  # restore some of the defaults
+  # (fill in the rest as needed)
   exclude-dirs:
-    - test
+    - tests
   exclude-files:
     - ".*_test\\.go"
 
@@ -16,6 +18,7 @@ linters:
   enable:
     - dupl
     - errcheck
+    - copyloopvar
     - ginkgolinter
     - goconst
     - gocyclo
@@ -33,3 +36,8 @@ linters:
     - unconvert
     - unparam
     - unused
+
+linters-settings:
+  revive:
+    rules:
+      - name: comment-spacings
diff --git a/api/v1alpha1/validationresult_types.go b/api/v1alpha1/validationresult_types.go
@@ -118,11 +118,11 @@ func DefaultValidationCondition() ValidationCondition {
 	}
 }
 
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
-//+kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="Age"
-//+kubebuilder:printcolumn:name="Plugin",type="string",JSONPath=".spec.plugin",description="Plugin"
-//+kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state",description="State"
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="Age"
+// +kubebuilder:printcolumn:name="Plugin",type="string",JSONPath=".spec.plugin",description="Plugin"
+// +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state",description="State"
 
 // ValidationResult is the Schema for the validationresults API.
 type ValidationResult struct {
@@ -151,7 +151,7 @@ func (r *ValidationResult) Hash() string {
 	return base64.StdEncoding.EncodeToString(hash)
 }
 
-//+kubebuilder:object:root=true
+// +kubebuilder:object:root=true
 
 // ValidationResultList contains a list of ValidationResult.
 type ValidationResultList struct {

diff --git a/api/v1alpha1/validatorconfig_types.go b/api/v1alpha1/validatorconfig_types.go
@@ -121,8 +121,8 @@ type ConditionType string
 // HelmChartDeployedCondition defines whether the helm chart was installed/pulled/upgraded correctly.
 const HelmChartDeployedCondition ConditionType = "HelmChartDeployed"
 
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
 
 // ValidatorConfig is the Schema for the validatorconfigs API.
 type ValidatorConfig struct {
@@ -133,7 +133,7 @@ type ValidatorConfig struct {
 	Status ValidatorConfigStatus `json:"status,omitempty"`
 }
 
-//+kubebuilder:object:root=true
+// +kubebuilder:object:root=true
 
 // ValidatorConfigList contains a list of ValidatorConfig.
 type ValidatorConfigList struct {

diff --git a/build b/build
diff --git a/chart/validator/README.md b/chart/validator/README.md
diff --git a/chart/validator/templates/deployment.yaml b/chart/validator/templates/deployment.yaml
@@ -39,18 +39,6 @@ spec:
           runAsNonRoot: false
       {{- end }}
       containers:
-      - args: {{- toYaml .Values.controllerManager.kubeRbacProxy.args | nindent 8 }}
-        env:
-        - name: KUBERNETES_CLUSTER_DOMAIN
-          value: {{ quote .Values.kubernetesClusterDomain }}
-        image: {{ .Values.controllerManager.kubeRbacProxy.image.repository }}:{{ .Values.controllerManager.kubeRbacProxy.image.tag | default .Chart.AppVersion }}
-        name: kube-rbac-proxy
-        ports:
-        - containerPort: 8443
-          name: https
-          protocol: TCP
-        resources: {{- toYaml .Values.controllerManager.kubeRbacProxy.resources | nindent 10 }}
-        securityContext: {{- toYaml .Values.controllerManager.kubeRbacProxy.containerSecurityContext | nindent 10 }}
       - args: {{- toYaml .Values.controllerManager.manager.args | nindent 8 }}
         command:
         - /manager

diff --git a/chart/validator/templates/proxy-rbac.yaml → ...alidator/templates/metrics-auth-rbac.yaml b/chart/validator/templates/proxy-rbac.yaml → ...alidator/templates/metrics-auth-rbac.yaml
@@ -1,9 +1,8 @@
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
 metadata:
-  name: {{ include "chart.fullname" . }}-proxy-role
+  name: {{ include "chart.fullname" . }}-metrics-auth-role
   labels:
-    app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: validator
     app.kubernetes.io/part-of: validator
   {{- include "chart.labels" . | nindent 4 }}
@@ -24,16 +23,15 @@ rules:
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
 metadata:
-  name: {{ include "chart.fullname" . }}-proxy-rolebinding
+  name: {{ include "chart.fullname" . }}-metrics-auth-rolebinding
   labels:
-    app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: validator
     app.kubernetes.io/part-of: validator
   {{- include "chart.labels" . | nindent 4 }}
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: ClusterRole
-  name: '{{ include "chart.fullname" . }}-proxy-role'
+  name: '{{ include "chart.fullname" . }}-metrics-auth-role'
 subjects:
 - kind: ServiceAccount
   name: '{{ include "chart.fullname" . }}-controller-manager'

diff --git a/chart/validator/templates/metrics-reader-rbac.yaml b/chart/validator/templates/metrics-reader-rbac.yaml
@@ -3,7 +3,6 @@ kind: ClusterRole
 metadata:
   name: {{ include "chart.fullname" . }}-metrics-reader
   labels:
-    app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: validator
     app.kubernetes.io/part-of: validator
   {{- include "chart.labels" . | nindent 4 }}

diff --git a/chart/validator/templates/metrics-service.yaml b/chart/validator/templates/metrics-service.yaml
@@ -3,7 +3,6 @@ kind: Service
 metadata:
   name: {{ include "chart.fullname" . }}-controller-manager-metrics-service
   labels:
-    app.kubernetes.io/component: kube-rbac-proxy
     app.kubernetes.io/created-by: validator
     app.kubernetes.io/part-of: validator
     control-plane: controller-manager
+30 −2		.github/workflows/test.yaml
+14 −1		makelib/common.mk