From bac6b758fde5d102afef371c7affd69188642001 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20Schw=C3=A4gerl?= Date: Thu, 13 Feb 2025 10:16:29 +0100 Subject: [PATCH 01/14] chore: Bump sec-scanners config and rt-watcher version (#2252) --- config/watcher/kustomization.yaml | 2 +- sec-scanners-config.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/config/watcher/kustomization.yaml b/config/watcher/kustomization.yaml index dc72ac98d9..a66b240661 100644 --- a/config/watcher/kustomization.yaml +++ b/config/watcher/kustomization.yaml @@ -18,7 +18,7 @@ patches: value: --skr-watcher-path=/skr-webhook - op: add path: /spec/template/spec/containers/0/args/- - value: --skr-watcher-image-tag=1.1.10 + value: --skr-watcher-image-tag=1.1.11 - op: add path: /spec/template/spec/containers/0/args/- value: --skr-watcher-image-registry=europe-docker.pkg.dev/kyma-project/prod diff --git a/sec-scanners-config.yaml b/sec-scanners-config.yaml index ef9d2e2e8e..75a3f7fc94 100644 --- a/sec-scanners-config.yaml +++ b/sec-scanners-config.yaml @@ -3,7 +3,7 @@ kind: kcp checkmarxOne: checkmarx_preset: golang protecode: - - europe-docker.pkg.dev/kyma-project/prod/lifecycle-manager:1.2.8 + - europe-docker.pkg.dev/kyma-project/prod/lifecycle-manager:1.3.0 - europe-docker.pkg.dev/kyma-project/prod/lifecycle-manager:latest whitesource: language: golang-mod From da5b7e1ad5cd70b7d6d571572f5051b508cc4d84 Mon Sep 17 00:00:00 2001 From: Raj <54686422+LeelaChacha@users.noreply.github.com> Date: Fri, 14 Feb 2025 08:44:59 +0100 Subject: [PATCH 02/14] feat: Add Maintenance Window Config Read Status to Monitoring Dashboard (#2247) * feat: Add Maintenance Window Config Read Status to Monitoring Dashboard * chore: Adjust Maintenance Window Grafana Panel Description * refactor: Formalize Grafana Panel Title `Maintenance Window Config Read Status` -> `Maintenance Window Configuration Read Status` --- config/grafana/overview.json | 122 +++++++++++++++++++++++++++++++---- 1 file changed, 108 insertions(+), 14 deletions(-) diff --git a/config/grafana/overview.json b/config/grafana/overview.json index e8bea48b09..796a2e7612 100644 --- a/config/grafana/overview.json +++ b/config/grafana/overview.json @@ -77,7 +77,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -215,7 +215,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -315,7 +315,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -596,7 +596,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 2, "points": false, "renderer": "flot", @@ -699,7 +699,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -813,7 +813,7 @@ "showThresholdMarkers": true, "text": {} }, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "targets": [ { "datasource": { @@ -1167,7 +1167,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -1277,7 +1277,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -1387,7 +1387,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -1500,7 +1500,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 5, "points": false, "renderer": "flot", @@ -1622,7 +1622,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 2, "points": false, "renderer": "flot", @@ -1730,7 +1730,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 2, "points": false, "renderer": "flot", @@ -1826,7 +1826,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 2, "points": false, "renderer": "flot", @@ -1920,7 +1920,7 @@ "alertThreshold": true }, "percentage": false, - "pluginVersion": "7.5.29", + "pluginVersion": "7.5.35", "pointradius": 2, "points": false, "renderer": "flot", @@ -1977,6 +1977,100 @@ "align": false, "alignLevel": null } + }, + { + "collapsed": false, + "datasource": null, + "gridPos": { + "h": 1, + "w": 24, + "x": 0, + "y": 110 + }, + "id": 84, + "panels": [], + "title": "Maintenance Windows", + "type": "row" + }, + { + "datasource": null, + "description": "Indicates whether the KLM successfully read the maintenance policy file from the mounted ConfigMap.", + "fieldConfig": { + "defaults": { + "color": { + "mode": "thresholds" + }, + "mappings": [ + { + "from": "", + "id": 1, + "text": "Failed", + "to": "", + "type": 1, + "value": "0" + }, + { + "from": "", + "id": 2, + "text": "Success", + "to": "", + "type": 1, + "value": "1" + } + ], + "thresholds": { + "mode": "absolute", + "steps": [ + { + "color": "red", + "value": null + }, + { + "color": "green", + "value": 1 + } + ] + } + }, + "overrides": [] + }, + "gridPos": { + "h": 7, + "w": 24, + "x": 0, + "y": 111 + }, + "id": 86, + "options": { + "colorMode": "background", + "graphMode": "none", + "justifyMode": "auto", + "orientation": "auto", + "reduceOptions": { + "calcs": [ + "lastNotNull" + ], + "fields": "", + "values": false + }, + "text": {}, + "textMode": "auto" + }, + "pluginVersion": "7.5.35", + "targets": [ + { + "exemplar": true, + "expr": "maintenance_window_config_read_success", + "format": "time_series", + "interval": "", + "legendFormat": "{{pod}}", + "refId": "A" + } + ], + "timeFrom": null, + "timeShift": null, + "title": "Maintenance Window Configuration Read Status", + "type": "stat" } ], "refresh": "", From d6c9cfff9a9acaa83163f692f0b2605221c9ce35 Mon Sep 17 00:00:00 2001 From: Mohammed Mesaoudi Date: Mon, 17 Feb 2025 09:38:52 +0100 Subject: [PATCH 03/14] fix: Trigger warnings messages on PR (#2253) * Test fix * Fix the github to inherit the permission from the base / upstream repo. --- .github/workflows/check-manifests-changes.yml | 2 +- .github/workflows/check-pipeline-changes.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check-manifests-changes.yml b/.github/workflows/check-manifests-changes.yml index fa3ce6c236..a928ea7ba1 100644 --- a/.github/workflows/check-manifests-changes.yml +++ b/.github/workflows/check-manifests-changes.yml @@ -5,7 +5,7 @@ env: MAIN_CACHE_KEY: main-manifests-${{ github.run_id }}-${{ github.run_attempt }} on: - pull_request: + pull_request_target: jobs: create-pr-manifests: diff --git a/.github/workflows/check-pipeline-changes.yml b/.github/workflows/check-pipeline-changes.yml index 9f56e12f5d..bd348d177a 100644 --- a/.github/workflows/check-pipeline-changes.yml +++ b/.github/workflows/check-pipeline-changes.yml @@ -1,7 +1,7 @@ name: "Check Pipeline Changes" on: - pull_request: + pull_request_target: jobs: check-pipeline-changes: From b3f8166429b4e976769510b987d2c59218880089 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 13:16:44 +0100 Subject: [PATCH 04/14] chore(dependabot): bump the k8s-dependencies group across 2 directories with 6 updates (#2256) Bumps the k8s-dependencies group with 4 updates in the / directory: [k8s.io/api](https://github.com/kubernetes/api), [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver), [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) and [k8s.io/kubectl](https://github.com/kubernetes/kubectl). Bumps the k8s-dependencies group with 2 updates in the /api directory: [k8s.io/api](https://github.com/kubernetes/api) and [k8s.io/client-go](https://github.com/kubernetes/client-go). Updates `k8s.io/api` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/api/compare/v0.32.1...v0.32.2) Updates `k8s.io/apiextensions-apiserver` from 0.32.1 to 0.32.2 - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.32.1...v0.32.2) Updates `k8s.io/apimachinery` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.1...v0.32.2) Updates `k8s.io/cli-runtime` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.32.1...v0.32.2) Updates `k8s.io/client-go` from 0.32.1 to 0.32.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.32.1...v0.32.2) Updates `k8s.io/kubectl` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/kubectl/compare/v0.32.1...v0.32.2) Updates `k8s.io/api` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/api/compare/v0.32.1...v0.32.2) Updates `k8s.io/apimachinery` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.1...v0.32.2) Updates `k8s.io/client-go` from 0.32.1 to 0.32.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.32.1...v0.32.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/cli-runtime dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/kubectl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/api dependency-type: indirect update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/client-go dependency-type: indirect update-type: version-update:semver-patch dependency-group: k8s-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- api/go.mod | 6 +++--- api/go.sum | 12 ++++++------ go.mod | 14 +++++++------- go.sum | 28 ++++++++++++++-------------- 4 files changed, 30 insertions(+), 30 deletions(-) diff --git a/api/go.mod b/api/go.mod index 8acff30c37..693f23cf01 100644 --- a/api/go.mod +++ b/api/go.mod @@ -5,7 +5,7 @@ go 1.23.6 require ( github.com/Masterminds/semver/v3 v3.3.1 github.com/stretchr/testify v1.10.0 - k8s.io/apimachinery v0.32.1 + k8s.io/apimachinery v0.32.2 sigs.k8s.io/controller-runtime v0.20.1 ) @@ -43,8 +43,8 @@ require ( google.golang.org/protobuf v1.35.1 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/api v0.32.1 // indirect - k8s.io/client-go v0.32.1 // indirect + k8s.io/api v0.32.2 // indirect + k8s.io/client-go v0.32.2 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect diff --git a/api/go.sum b/api/go.sum index c0fd630d0a..271a20848b 100644 --- a/api/go.sum +++ b/api/go.sum @@ -132,14 +132,14 @@ gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.32.1 h1:f562zw9cy+GvXzXf0CKlVQ7yHJVYzLfL6JAS4kOAaOc= -k8s.io/api v0.32.1/go.mod h1:/Yi/BqkuueW1BgpoePYBRdDYfjPF5sgTr5+YqDZra5k= +k8s.io/api v0.32.2 h1:bZrMLEkgizC24G9eViHGOPbW+aRo9duEISRIJKfdJuw= +k8s.io/api v0.32.2/go.mod h1:hKlhk4x1sJyYnHENsrdCWw31FEmCijNGPJO5WzHiJ6Y= k8s.io/apiextensions-apiserver v0.32.0 h1:S0Xlqt51qzzqjKPxfgX1xh4HBZE+p8KKBq+k2SWNOE0= k8s.io/apiextensions-apiserver v0.32.0/go.mod h1:86hblMvN5yxMvZrZFX2OhIHAuFIMJIZ19bTvzkP+Fmw= -k8s.io/apimachinery v0.32.1 h1:683ENpaCBjma4CYqsmZyhEzrGz6cjn1MY/X2jB2hkZs= -k8s.io/apimachinery v0.32.1/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= -k8s.io/client-go v0.32.1 h1:otM0AxdhdBIaQh7l1Q0jQpmo7WOFIk5FFa4bg6YMdUU= -k8s.io/client-go v0.32.1/go.mod h1:aTTKZY7MdxUaJ/KiUs8D+GssR9zJZi77ZqtzcGXIiDg= +k8s.io/apimachinery v0.32.2 h1:yoQBR9ZGkA6Rgmhbp/yuT9/g+4lxtsGYwW6dR6BDPLQ= +k8s.io/apimachinery v0.32.2/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/client-go v0.32.2 h1:4dYCD4Nz+9RApM2b/3BtVvBHw54QjMFUl1OLcJG5yOA= +k8s.io/client-go v0.32.2/go.mod h1:fpZ4oJXclZ3r2nDOv+Ux3XcJutfrwjKTCHz2H3sww94= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= diff --git a/go.mod b/go.mod index 13132ad2f2..0d3bcde08e 100644 --- a/go.mod +++ b/go.mod @@ -41,12 +41,12 @@ require ( github.com/go-co-op/gocron v1.37.0 github.com/kyma-project/template-operator/api v0.0.0-20240404131948-52c84f14e73c github.com/prometheus/client_model v0.6.1 - k8s.io/api v0.32.1 - k8s.io/apiextensions-apiserver v0.32.1 - k8s.io/apimachinery v0.32.1 - k8s.io/cli-runtime v0.32.1 - k8s.io/client-go v0.32.1 - k8s.io/kubectl v0.32.1 + k8s.io/api v0.32.2 + k8s.io/apiextensions-apiserver v0.32.2 + k8s.io/apimachinery v0.32.2 + k8s.io/cli-runtime v0.32.2 + k8s.io/client-go v0.32.2 + k8s.io/kubectl v0.32.2 ) require ( @@ -367,7 +367,7 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect helm.sh/helm/v3 v3.17.0 // indirect - k8s.io/component-base v0.32.1 // indirect + k8s.io/component-base v0.32.2 // indirect k8s.io/klog/v2 v2.130.1 // indirect k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect oras.land/oras-go v1.2.6 // indirect diff --git a/go.sum b/go.sum index 399c626ad5..5e2c413e1a 100644 --- a/go.sum +++ b/go.sum @@ -1322,24 +1322,24 @@ istio.io/api v1.24.2 h1:jYjcN6Iq0RPtQj/3KMFsybxmfqmjGN/dxhL7FGJEdIM= istio.io/api v1.24.2/go.mod h1:MQnRok7RZ20/PE56v0LxmoWH0xVxnCQPNuf9O7PAN1I= istio.io/client-go v1.24.2 h1:JTTfBV6dv+AAW+AfccyrdX4T1f9CpsXd1Yzo1s/IYAI= istio.io/client-go v1.24.2/go.mod h1:dgZ9EmJzh1EECzf6nQhwNL4R6RvlyeH/RXeNeNp/MRg= -k8s.io/api v0.32.1 h1:f562zw9cy+GvXzXf0CKlVQ7yHJVYzLfL6JAS4kOAaOc= -k8s.io/api v0.32.1/go.mod h1:/Yi/BqkuueW1BgpoePYBRdDYfjPF5sgTr5+YqDZra5k= -k8s.io/apiextensions-apiserver v0.32.1 h1:hjkALhRUeCariC8DiVmb5jj0VjIc1N0DREP32+6UXZw= -k8s.io/apiextensions-apiserver v0.32.1/go.mod h1:sxWIGuGiYov7Io1fAS2X06NjMIk5CbRHc2StSmbaQto= -k8s.io/apimachinery v0.32.1 h1:683ENpaCBjma4CYqsmZyhEzrGz6cjn1MY/X2jB2hkZs= -k8s.io/apimachinery v0.32.1/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= -k8s.io/cli-runtime v0.32.1 h1:19nwZPlYGJPUDbhAxDIS2/oydCikvKMHsxroKNGA2mM= -k8s.io/cli-runtime v0.32.1/go.mod h1:NJPbeadVFnV2E7B7vF+FvU09mpwYlZCu8PqjzfuOnkY= -k8s.io/client-go v0.32.1 h1:otM0AxdhdBIaQh7l1Q0jQpmo7WOFIk5FFa4bg6YMdUU= -k8s.io/client-go v0.32.1/go.mod h1:aTTKZY7MdxUaJ/KiUs8D+GssR9zJZi77ZqtzcGXIiDg= -k8s.io/component-base v0.32.1 h1:/5IfJ0dHIKBWysGV0yKTFfacZ5yNV1sulPh3ilJjRZk= -k8s.io/component-base v0.32.1/go.mod h1:j1iMMHi/sqAHeG5z+O9BFNCF698a1u0186zkjMZQ28w= +k8s.io/api v0.32.2 h1:bZrMLEkgizC24G9eViHGOPbW+aRo9duEISRIJKfdJuw= +k8s.io/api v0.32.2/go.mod h1:hKlhk4x1sJyYnHENsrdCWw31FEmCijNGPJO5WzHiJ6Y= +k8s.io/apiextensions-apiserver v0.32.2 h1:2YMk285jWMk2188V2AERy5yDwBYrjgWYggscghPCvV4= +k8s.io/apiextensions-apiserver v0.32.2/go.mod h1:GPwf8sph7YlJT3H6aKUWtd0E+oyShk/YHWQHf/OOgCA= +k8s.io/apimachinery v0.32.2 h1:yoQBR9ZGkA6Rgmhbp/yuT9/g+4lxtsGYwW6dR6BDPLQ= +k8s.io/apimachinery v0.32.2/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/cli-runtime v0.32.2 h1:aKQR4foh9qeyckKRkNXUccP9moxzffyndZAvr+IXMks= +k8s.io/cli-runtime v0.32.2/go.mod h1:a/JpeMztz3xDa7GCyyShcwe55p8pbcCVQxvqZnIwXN8= +k8s.io/client-go v0.32.2 h1:4dYCD4Nz+9RApM2b/3BtVvBHw54QjMFUl1OLcJG5yOA= +k8s.io/client-go v0.32.2/go.mod h1:fpZ4oJXclZ3r2nDOv+Ux3XcJutfrwjKTCHz2H3sww94= +k8s.io/component-base v0.32.2 h1:1aUL5Vdmu7qNo4ZsE+569PV5zFatM9hl+lb3dEea2zU= +k8s.io/component-base v0.32.2/go.mod h1:PXJ61Vx9Lg+P5mS8TLd7bCIr+eMJRQTyXe8KvkrvJq0= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 h1:hcha5B1kVACrLujCKLbr8XWMxCxzQx42DY8QKYJrDLg= k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7/go.mod h1:GewRfANuJ70iYzvn+i4lezLDAFzvjxZYK1gn1lWcfas= -k8s.io/kubectl v0.32.1 h1:/btLtXLQUU1rWx8AEvX9jrb9LaI6yeezt3sFALhB8M8= -k8s.io/kubectl v0.32.1/go.mod h1:sezNuyWi1STk4ZNPVRIFfgjqMI6XMf+oCVLjZen/pFQ= +k8s.io/kubectl v0.32.2 h1:TAkag6+XfSBgkqK9I7ZvwtF0WVtUAvK8ZqTt+5zi1Us= +k8s.io/kubectl v0.32.2/go.mod h1:+h/NQFSPxiDZYX/WZaWw9fwYezGLISP0ud8nQKg+3g8= k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= ocm.software/ocm v0.20.0 h1:XiMcyZh8EKlsgzu0Zqf3AIPMqwbbywtgD2vqNDsk148= From 8b4c383df52a78588250056ba3fe8d1bc090cfca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 12:50:37 +0000 Subject: [PATCH 05/14] chore(dependabot): bump github.com/cert-manager/cert-manager from 1.17.0 to 1.17.1 (#2254) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore(dependabot): bump github.com/cert-manager/cert-manager Bumps [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager) from 1.17.0 to 1.17.1. - [Release notes](https://github.com/cert-manager/cert-manager/releases) - [Changelog](https://github.com/cert-manager/cert-manager/blob/master/RELEASE.md) - [Commits](https://github.com/cert-manager/cert-manager/compare/v1.17.0...v1.17.1) --- updated-dependencies: - dependency-name: github.com/cert-manager/cert-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * bump cert manager in versions.yaml --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Christoph Schwägerl --- go.mod | 2 +- go.sum | 4 ++-- versions.yaml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/go.mod b/go.mod index 0d3bcde08e..da7d8ff68b 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ replace ( require ( github.com/Masterminds/semver/v3 v3.3.1 - github.com/cert-manager/cert-manager v1.17.0 + github.com/cert-manager/cert-manager v1.17.1 github.com/go-logr/logr v1.4.2 github.com/go-logr/zapr v1.3.0 github.com/golang/mock v1.6.0 diff --git a/go.sum b/go.sum index 5e2c413e1a..e1fcd1c0ad 100644 --- a/go.sum +++ b/go.sum @@ -237,8 +237,8 @@ github.com/buildkite/roko v1.2.0/go.mod h1:23R9e6nHxgedznkwwfmqZ6+0VJZJZ2Sg/uVcp github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cert-manager/cert-manager v1.17.0 h1:ba7K/WLzcTCFzB+5fQiwD4LAqaRc0c+KwKCD9KqHPSg= -github.com/cert-manager/cert-manager v1.17.0/go.mod h1:zeG4D+AdzqA7hFMNpYCJgcQ2VOfFNBa+Jzm3kAwiDU4= +github.com/cert-manager/cert-manager v1.17.1 h1:Aig+lWMoLsmpGd9TOlTvO4t0Ah3D+/vGB37x/f+ZKt0= +github.com/cert-manager/cert-manager v1.17.1/go.mod h1:zeG4D+AdzqA7hFMNpYCJgcQ2VOfFNBa+Jzm3kAwiDU4= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.3 h1:9liNh8t+u26xl5ddmWLmsOsdNLwkdRTg5AG+JnTiM80= diff --git a/versions.yaml b/versions.yaml index 50470dc763..662cee015e 100644 --- a/versions.yaml +++ b/versions.yaml @@ -1,5 +1,5 @@ # defines the versions of the tools used in the project -certManager: "1.15.0" +certManager: "1.17.1" controllerTools: "0.14.0" docker: "27.4.0" go: "1.23.6" From c9f91238fc2cf42a4059451040ff4f5025a87fbe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 15:00:16 +0100 Subject: [PATCH 06/14] chore(dependabot): bump ocm.software/ocm from 0.20.0 to 0.20.1 (#2260) Bumps [ocm.software/ocm](https://github.com/open-component-model/ocm) from 0.20.0 to 0.20.1. - [Release notes](https://github.com/open-component-model/ocm/releases) - [Changelog](https://github.com/open-component-model/ocm/blob/main/RELEASE_PROCESS.md) - [Commits](https://github.com/open-component-model/ocm/compare/v0.20...v0.20.1) --- updated-dependencies: - dependency-name: ocm.software/ocm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index da7d8ff68b..7b5e33d286 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( golang.org/x/sync v0.11.0 golang.org/x/time v0.10.0 k8s.io/utils v0.0.0-20241210054802-24370beab758 - ocm.software/ocm v0.20.0 + ocm.software/ocm v0.20.1 sigs.k8s.io/controller-runtime v0.20.1 sigs.k8s.io/yaml v1.4.0 ) @@ -118,6 +118,7 @@ require ( github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/chai2010/gettext-go v1.0.3 // indirect + github.com/chainguard-dev/git-urls v1.0.2 // indirect github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 // indirect github.com/clbanning/mxj/v2 v2.7.0 // indirect github.com/cloudflare/cfssl v1.6.5 // indirect @@ -319,7 +320,6 @@ require ( github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/fasttemplate v1.2.2 // indirect github.com/vbatts/tar-split v0.11.6 // indirect - github.com/whilp/git-urls v1.0.0 // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xanzy/go-gitlab v0.112.0 // indirect github.com/xanzy/ssh-agent v0.3.3 // indirect diff --git a/go.sum b/go.sum index e1fcd1c0ad..11143bcd68 100644 --- a/go.sum +++ b/go.sum @@ -243,6 +243,8 @@ github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UF github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/chai2010/gettext-go v1.0.3 h1:9liNh8t+u26xl5ddmWLmsOsdNLwkdRTg5AG+JnTiM80= github.com/chai2010/gettext-go v1.0.3/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA= +github.com/chainguard-dev/git-urls v1.0.2 h1:pSpT7ifrpc5X55n4aTTm7FFUE+ZQHKiqpiwNkJrVcKQ= +github.com/chainguard-dev/git-urls v1.0.2/go.mod h1:rbGgj10OS7UgZlbzdUQIQpT0k/D4+An04HJY7Ol+Y/o= github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589 h1:krfRl01rzPzxSxyLyrChD+U+MzsBXbm0OwYYB67uF+4= github.com/chrismellard/docker-credential-acr-env v0.0.0-20230304212654-82a0ddb27589/go.mod h1:OuDyvmLnMCwa2ep4Jkm6nyA0ocJuZlGyk2gGseVzERM= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= @@ -993,8 +995,6 @@ github.com/vbatts/tar-split v0.11.6 h1:4SjTW5+PU11n6fZenf2IPoV8/tz3AaYHMWjf23env github.com/vbatts/tar-split v0.11.6/go.mod h1:dqKNtesIOr2j2Qv3W/cHjnvk9I8+G7oAkFDFN6TCBEI= github.com/weppos/publicsuffix-go v0.40.3-0.20240815124645-a8ed110559c9 h1:4pH9wXOWQdW8kVMJ8P/kxbuxJKR+iNvDeC8zEVLy7eM= github.com/weppos/publicsuffix-go v0.40.3-0.20240815124645-a8ed110559c9/go.mod h1:o4XOb/pL91sSlesP+I2Xcp38P4/emRvDF6N6xUWvwzg= -github.com/whilp/git-urls v1.0.0 h1:95f6UMWN5FKW71ECsXRUd3FVYiXdrE7aX4NZKcPmIjU= -github.com/whilp/git-urls v1.0.0/go.mod h1:J16SAmobsqc3Qcy98brfl5f5+e0clUvg1krgwk/qCfE= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xanzy/go-gitlab v0.112.0 h1:6Z0cqEooCvBMfBIHw+CgO4AKGRV8na/9781xOb0+DKw= @@ -1342,8 +1342,8 @@ k8s.io/kubectl v0.32.2 h1:TAkag6+XfSBgkqK9I7ZvwtF0WVtUAvK8ZqTt+5zi1Us= k8s.io/kubectl v0.32.2/go.mod h1:+h/NQFSPxiDZYX/WZaWw9fwYezGLISP0ud8nQKg+3g8= k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -ocm.software/ocm v0.20.0 h1:XiMcyZh8EKlsgzu0Zqf3AIPMqwbbywtgD2vqNDsk148= -ocm.software/ocm v0.20.0/go.mod h1:/uXUFtbPfa/MUYDCL34BPo8AYVygJWbG26i6JWsAZ/w= +ocm.software/ocm v0.20.1 h1:fHqczw6vrXh6l/c65NvqqgNXcmYWqb254C45DiQoftM= +ocm.software/ocm v0.20.1/go.mod h1:dmB8RhgfWZKMhU7KBe3QAyUNjfhMYdFklw0/mQ+gAzU= oras.land/oras-go v1.2.6 h1:z8cmxQXBU8yZ4mkytWqXfo6tZcamPwjsuxYU81xJ8Lk= oras.land/oras-go v1.2.6/go.mod h1:OVPc1PegSEe/K8YiLfosrlqlqTN9PUyFvOw5Y9gwrT8= oras.land/oras-go/v2 v2.5.0 h1:o8Me9kLY74Vp5uw07QXPiitjsw7qNXi8Twd+19Zf02c= From e7521a49c9696948dc7afa1b2cc9b4fec0514164 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 14:31:42 +0000 Subject: [PATCH 07/14] chore(dependabot): bump the istio-dependencies group across 1 directory with 2 updates (#2244) Bumps the istio-dependencies group with 2 updates in the / directory: [istio.io/api](https://github.com/istio/api) and [istio.io/client-go](https://github.com/istio/client-go). Updates `istio.io/api` from 1.24.2 to 1.24.3 - [Commits](https://github.com/istio/api/compare/1.24.2...1.24.3) Updates `istio.io/client-go` from 1.24.2 to 1.24.3 - [Commits](https://github.com/istio/client-go/compare/1.24.2...1.24.3) --- updated-dependencies: - dependency-name: istio.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: istio-dependencies - dependency-name: istio.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: istio-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 7b5e33d286..d3afe03d23 100644 --- a/go.mod +++ b/go.mod @@ -33,8 +33,8 @@ require ( ) require ( - istio.io/api v1.24.2 - istio.io/client-go v1.24.2 + istio.io/api v1.24.3 + istio.io/client-go v1.24.3 ) require ( diff --git a/go.sum b/go.sum index 11143bcd68..5d51632387 100644 --- a/go.sum +++ b/go.sum @@ -1318,10 +1318,10 @@ helm.sh/helm/v3 v3.17.0 h1:DUD4AGdNVn7PSTYfxe1gmQG7s18QeWv/4jI9TubnhT0= helm.sh/helm/v3 v3.17.0/go.mod h1:Mo7eGyKPPHlS0Ml67W8z/lbkox/gD9Xt1XpD6bxvZZA= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= -istio.io/api v1.24.2 h1:jYjcN6Iq0RPtQj/3KMFsybxmfqmjGN/dxhL7FGJEdIM= -istio.io/api v1.24.2/go.mod h1:MQnRok7RZ20/PE56v0LxmoWH0xVxnCQPNuf9O7PAN1I= -istio.io/client-go v1.24.2 h1:JTTfBV6dv+AAW+AfccyrdX4T1f9CpsXd1Yzo1s/IYAI= -istio.io/client-go v1.24.2/go.mod h1:dgZ9EmJzh1EECzf6nQhwNL4R6RvlyeH/RXeNeNp/MRg= +istio.io/api v1.24.3 h1:iwWWPM0uEQ+oxRHvIWoB8MQ4bjF3dRQj+M5IDVczg0M= +istio.io/api v1.24.3/go.mod h1:MQnRok7RZ20/PE56v0LxmoWH0xVxnCQPNuf9O7PAN1I= +istio.io/client-go v1.24.3 h1:TB8IcM3yyMCDzKRJo0YfFOUGNQmkhwH/JE/Yr3lzVAk= +istio.io/client-go v1.24.3/go.mod h1:zSyw/c4luKQKosFIHQaWAQOA0c3bODu4SahQCAMlKA4= k8s.io/api v0.32.2 h1:bZrMLEkgizC24G9eViHGOPbW+aRo9duEISRIJKfdJuw= k8s.io/api v0.32.2/go.mod h1:hKlhk4x1sJyYnHENsrdCWw31FEmCijNGPJO5WzHiJ6Y= k8s.io/apiextensions-apiserver v0.32.2 h1:2YMk285jWMk2188V2AERy5yDwBYrjgWYggscghPCvV4= From 141c454d7230067da7aa1685b6fb81ec54fa9e50 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 15:01:57 +0000 Subject: [PATCH 08/14] chore(dependabot): bump sigs.k8s.io/controller-runtime from 0.20.1 to 0.20.2 (#2261) chore(dependabot): bump sigs.k8s.io/controller-runtime Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.20.1 to 0.20.2. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.20.1...v0.20.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index d3afe03d23..9ad07e6465 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,7 @@ require ( golang.org/x/time v0.10.0 k8s.io/utils v0.0.0-20241210054802-24370beab758 ocm.software/ocm v0.20.1 - sigs.k8s.io/controller-runtime v0.20.1 + sigs.k8s.io/controller-runtime v0.20.2 sigs.k8s.io/yaml v1.4.0 ) @@ -155,7 +155,7 @@ require ( github.com/emicklei/go-restful/v3 v3.12.1 // indirect github.com/emirpasic/gods v1.18.1 // indirect github.com/evanphx/json-patch v5.9.0+incompatible // indirect - github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect github.com/fatih/color v1.18.0 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect diff --git a/go.sum b/go.sum index 5d51632387..fdbfba210d 100644 --- a/go.sum +++ b/go.sum @@ -372,8 +372,8 @@ github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7 github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0= github.com/evanphx/json-patch v5.9.0+incompatible h1:fBXyNpNMuTTDdquAq/uisOr2lShz4oaXpDTX2bLe7ls= github.com/evanphx/json-patch v5.9.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= -github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= -github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= +github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4= github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc= github.com/fatih/color v1.18.0 h1:S8gINlzdQ840/4pfAwic/ZE0djQEH3wM94VfqLTZcOM= @@ -1348,8 +1348,8 @@ oras.land/oras-go v1.2.6 h1:z8cmxQXBU8yZ4mkytWqXfo6tZcamPwjsuxYU81xJ8Lk= oras.land/oras-go v1.2.6/go.mod h1:OVPc1PegSEe/K8YiLfosrlqlqTN9PUyFvOw5Y9gwrT8= oras.land/oras-go/v2 v2.5.0 h1:o8Me9kLY74Vp5uw07QXPiitjsw7qNXi8Twd+19Zf02c= oras.land/oras-go/v2 v2.5.0/go.mod h1:z4eisnLP530vwIOUOJeBIj0aGI0L1C3d53atvCBqZHg= -sigs.k8s.io/controller-runtime v0.20.1 h1:JbGMAG/X94NeM3xvjenVUaBjy6Ui4Ogd/J5ZtjZnHaE= -sigs.k8s.io/controller-runtime v0.20.1/go.mod h1:BrP3w158MwvB3ZbNpaAcIKkHQ7YGpYnzpoSTZ8E14WU= +sigs.k8s.io/controller-runtime v0.20.2 h1:/439OZVxoEc02psi1h4QO3bHzTgu49bb347Xp4gW1pc= +sigs.k8s.io/controller-runtime v0.20.2/go.mod h1:xg2XB0K5ShQzAgsoujxuKN4LNXR2LfwwHsPj7Iaw+XY= sigs.k8s.io/gateway-api v1.1.0 h1:DsLDXCi6jR+Xz8/xd0Z1PYl2Pn0TyaFMOPPZIj4inDM= sigs.k8s.io/gateway-api v1.1.0/go.mod h1:ZH4lHrL2sDi0FHZ9jjneb8kKnGzFWyrTya35sWUTrRs= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= From 978f3ff609963ccfde7f63be3ba80ffd9c2cd28a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 13:25:21 +0100 Subject: [PATCH 09/14] chore(dependabot): bump sigs.k8s.io/controller-runtime from 0.20.1 to 0.20.2 in /api (#2262) chore(dependabot): bump sigs.k8s.io/controller-runtime in /api Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.20.1 to 0.20.2. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.20.1...v0.20.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- api/go.mod | 5 ++--- api/go.sum | 20 ++++++++++---------- 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/api/go.mod b/api/go.mod index 693f23cf01..1378e0a0e9 100644 --- a/api/go.mod +++ b/api/go.mod @@ -6,7 +6,7 @@ require ( github.com/Masterminds/semver/v3 v3.3.1 github.com/stretchr/testify v1.10.0 k8s.io/apimachinery v0.32.2 - sigs.k8s.io/controller-runtime v0.20.1 + sigs.k8s.io/controller-runtime v0.20.2 ) require github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect @@ -14,7 +14,7 @@ require github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // in require ( github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/emicklei/go-restful/v3 v3.12.1 // indirect - github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/evanphx/json-patch/v5 v5.9.11 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect @@ -32,7 +32,6 @@ require ( github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/x448/float16 v0.8.4 // indirect golang.org/x/net v0.33.0 // indirect golang.org/x/oauth2 v0.23.0 // indirect diff --git a/api/go.sum b/api/go.sum index 271a20848b..4db8cc16a5 100644 --- a/api/go.sum +++ b/api/go.sum @@ -6,8 +6,8 @@ github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= -github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= -github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU= +github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM= github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= @@ -57,10 +57,10 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= -github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= -github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= -github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= +github.com/onsi/ginkgo/v2 v2.22.0 h1:Yed107/8DjTr0lKCNt7Dn8yQ6ybuDRQoMGrNFKzMfHg= +github.com/onsi/ginkgo/v2 v2.22.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.36.1 h1:bJDPBO7ibjxcbHMgSCoo4Yj18UWbKDlLwX1x9sybDcw= +github.com/onsi/gomega v1.36.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= @@ -134,8 +134,8 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= k8s.io/api v0.32.2 h1:bZrMLEkgizC24G9eViHGOPbW+aRo9duEISRIJKfdJuw= k8s.io/api v0.32.2/go.mod h1:hKlhk4x1sJyYnHENsrdCWw31FEmCijNGPJO5WzHiJ6Y= -k8s.io/apiextensions-apiserver v0.32.0 h1:S0Xlqt51qzzqjKPxfgX1xh4HBZE+p8KKBq+k2SWNOE0= -k8s.io/apiextensions-apiserver v0.32.0/go.mod h1:86hblMvN5yxMvZrZFX2OhIHAuFIMJIZ19bTvzkP+Fmw= +k8s.io/apiextensions-apiserver v0.32.1 h1:hjkALhRUeCariC8DiVmb5jj0VjIc1N0DREP32+6UXZw= +k8s.io/apiextensions-apiserver v0.32.1/go.mod h1:sxWIGuGiYov7Io1fAS2X06NjMIk5CbRHc2StSmbaQto= k8s.io/apimachinery v0.32.2 h1:yoQBR9ZGkA6Rgmhbp/yuT9/g+4lxtsGYwW6dR6BDPLQ= k8s.io/apimachinery v0.32.2/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= k8s.io/client-go v0.32.2 h1:4dYCD4Nz+9RApM2b/3BtVvBHw54QjMFUl1OLcJG5yOA= @@ -146,8 +146,8 @@ k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJ k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4= k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.20.1 h1:JbGMAG/X94NeM3xvjenVUaBjy6Ui4Ogd/J5ZtjZnHaE= -sigs.k8s.io/controller-runtime v0.20.1/go.mod h1:BrP3w158MwvB3ZbNpaAcIKkHQ7YGpYnzpoSTZ8E14WU= +sigs.k8s.io/controller-runtime v0.20.2 h1:/439OZVxoEc02psi1h4QO3bHzTgu49bb347Xp4gW1pc= +sigs.k8s.io/controller-runtime v0.20.2/go.mod h1:xg2XB0K5ShQzAgsoujxuKN4LNXR2LfwwHsPj7Iaw+XY= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/structured-merge-diff/v4 v4.4.2 h1:MdmvkGuXi/8io6ixD5wud3vOLwc1rj0aNqRlpuvjmwA= From 2ba6995617099d29f6e4f63c9ba3a3607030c08b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20Schw=C3=A4gerl?= Date: Tue, 18 Feb 2025 14:27:59 +0100 Subject: [PATCH 10/14] feat: Transform Kyma.Status before syncing to SKR (#2259) * chore: Transform Kyma.Status before syncing to SKR * lint exception --- internal/remote/skr_context.go | 29 +++++- internal/remote/skr_context_test.go | 147 ++++++++++++++++++++++------ 2 files changed, 143 insertions(+), 33 deletions(-) diff --git a/internal/remote/skr_context.go b/internal/remote/skr_context.go index 2bf3dc42a3..aeb34fac1e 100644 --- a/internal/remote/skr_context.go +++ b/internal/remote/skr_context.go @@ -171,7 +171,7 @@ func (s *SkrContext) SynchronizeKyma(ctx context.Context, kcpKyma, remoteKyma *v return err } - remoteKyma.Status = kcpKyma.Status + syncStatus(&kcpKyma.Status, &remoteKyma.Status) if err := s.Client.Status().Update(ctx, remoteKyma); err != nil { err = fmt.Errorf("failed to update runtime kyma status: %w", err) s.event.Warning(kcpKyma, statusUpdateFailure, err) @@ -218,3 +218,30 @@ func (s *SkrContext) syncWatcherLabelsAnnotations(controlPlaneKyma, remoteKyma * remoteKyma.Annotations[shared.OwnedByAnnotation] = fmt.Sprintf(shared.OwnedByFormat, controlPlaneKyma.GetNamespace(), controlPlaneKyma.GetName()) } + +// syncStatus copies the Kyma status and transofrms it from KCP perspective to SKR perspective. +// E.g., it removes manifest references or changes namespaces. +func syncStatus(kcpStatus, skrStatus *v1beta2.KymaStatus) { + *skrStatus = *kcpStatus.DeepCopy() + + useRemoteNamespaceForModuleTemplates(skrStatus) + removeManifestReference(skrStatus) +} + +func useRemoteNamespaceForModuleTemplates(status *v1beta2.KymaStatus) { + for i := range status.Modules { + if status.Modules[i].Template == nil { + continue + } + status.Modules[i].Template.Namespace = shared.DefaultRemoteNamespace + } +} + +func removeManifestReference(status *v1beta2.KymaStatus) { + for i := range status.Modules { + if status.Modules[i].Manifest == nil { + continue + } + status.Modules[i].Manifest = nil + } +} diff --git a/internal/remote/skr_context_test.go b/internal/remote/skr_context_test.go index af037ae945..8e40fb7e41 100644 --- a/internal/remote/skr_context_test.go +++ b/internal/remote/skr_context_test.go @@ -1,4 +1,4 @@ -package remote_test +package remote //nolint:testpackage // testing package internals import ( "testing" @@ -6,16 +6,16 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/kyma-project/lifecycle-manager/api/shared" "github.com/kyma-project/lifecycle-manager/api/v1beta2" - "github.com/kyma-project/lifecycle-manager/internal/remote" - "github.com/kyma-project/lifecycle-manager/pkg/testutils" + "github.com/kyma-project/lifecycle-manager/pkg/testutils/builder" ) func TestReplaceWithVirtualKyma(t *testing.T) { t.Parallel() type testKyma struct { - channel string - modules []string + channel string + moduleNames []string } tests := []struct { name string @@ -24,64 +24,147 @@ func TestReplaceWithVirtualKyma(t *testing.T) { expectedKyma testKyma }{ { - "module in kcp Kyma gets replaced with remote Kyma", + "modules in kcp Kyma get replaced with modules in remote Kyma", testKyma{ - channel: "regular", - modules: []string{"module1"}, + channel: "regular", + moduleNames: []string{"module1", "module3"}, }, testKyma{ - channel: "regular", - modules: []string{"module2"}, + channel: "regular", + moduleNames: []string{"module2"}, }, testKyma{ - channel: "regular", - modules: []string{"module1"}, + channel: "regular", + moduleNames: []string{"module1", "module3"}, }, }, { - "channel updated in remoteKyma be the final channel", + "channel in kcp Kym gets replaced with channel in remote Kyma", testKyma{ channel: "regular", - modules: []string{"module1"}, }, testKyma{ channel: "fast", - modules: []string{"module1"}, }, testKyma{ channel: "regular", - modules: []string{"module1"}, }, }, } for _, testCase := range tests { t.Run(testCase.name, func(t *testing.T) { t.Parallel() - kcpKyma := createKyma(testCase.kcpKyma.channel, testCase.kcpKyma.modules) - remoteKyma := createKyma(testCase.remoteKyma.channel, testCase.remoteKyma.modules) - remote.ReplaceSpec(kcpKyma, remoteKyma) + kcpKyma := createKyma(testCase.kcpKyma.channel, testCase.kcpKyma.moduleNames) + remoteKyma := createKyma(testCase.remoteKyma.channel, testCase.remoteKyma.moduleNames) + ReplaceSpec(kcpKyma, remoteKyma) assert.Equal(t, testCase.expectedKyma.channel, kcpKyma.Spec.Channel) var virtualModules []string for _, module := range kcpKyma.Spec.Modules { virtualModules = append(virtualModules, module.Name) } - require.ElementsMatch(t, testCase.expectedKyma.modules, virtualModules) + require.ElementsMatch(t, testCase.expectedKyma.moduleNames, virtualModules) + }) + } +} + +func createKyma(channel string, moduleNames []string) *v1beta2.Kyma { + kyma := builder.NewKymaBuilder(). + WithChannel(channel). + Build() + + modules := []v1beta2.Module{} + for _, moduleName := range moduleNames { + modules = append(modules, v1beta2.Module{ + Name: moduleName, + Channel: v1beta2.DefaultChannel, + Managed: true, }) } + + kyma.Spec.Modules = modules + + return kyma +} + +func Test_syncStatus_AssignsRemoteNamespace(t *testing.T) { + skrStatus := &v1beta2.KymaStatus{} + kcpStatus := &v1beta2.KymaStatus{ + Modules: []v1beta2.ModuleStatus{ + { + Name: "module-1", + Template: &v1beta2.TrackingObject{ + PartialMeta: v1beta2.PartialMeta{ + Namespace: "kcp-system", + }, + }, + }, + { + Name: "module-2", + Template: &v1beta2.TrackingObject{ + PartialMeta: v1beta2.PartialMeta{ + Namespace: "kcp-system", + }, + }, + }, + { + Name: "module-3", + }, + }, + } + + syncStatus(kcpStatus, skrStatus) + + for _, module := range skrStatus.Modules { + if module.Template == nil { + continue + } + assert.Equal(t, shared.DefaultRemoteNamespace, module.Template.Namespace) + } + + for _, module := range kcpStatus.Modules { + if module.Template == nil { + continue + } + assert.Equal(t, "kcp-system", module.Template.Namespace) + } } -func createKyma(channel string, modules []string) *v1beta2.Kyma { - kcpKyma := testutils.NewTestKyma("test-kyma") - - kcpKyma.Spec.Channel = channel - for _, module := range modules { - kcpKyma.Spec.Modules = append( - kcpKyma.Spec.Modules, v1beta2.Module{ - Name: module, - Channel: v1beta2.DefaultChannel, - Managed: true, - }) +func Test_syncStatus_RemovesManifestReference(t *testing.T) { + skrStatus := &v1beta2.KymaStatus{} + kcpStatus := &v1beta2.KymaStatus{ + Modules: []v1beta2.ModuleStatus{ + { + Name: "module-1", + Manifest: &v1beta2.TrackingObject{ + PartialMeta: v1beta2.PartialMeta{ + Namespace: "kcp-system", + }, + }, + }, + { + Name: "module-2", + Manifest: &v1beta2.TrackingObject{ + PartialMeta: v1beta2.PartialMeta{ + Namespace: "kcp-system", + }, + }, + }, + { + Name: "module-3", + }, + }, } - return kcpKyma + + syncStatus(kcpStatus, skrStatus) + + for _, module := range skrStatus.Modules { + if module.Manifest == nil { + continue + } + assert.Nil(t, module.Manifest) + } + + assert.NotNil(t, kcpStatus.Modules[0].Manifest) + assert.NotNil(t, kcpStatus.Modules[1].Manifest) } From 4e7a9b38d909b87b36249e3ad59cf64b27276e31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20Schw=C3=A4gerl?= Date: Tue, 18 Feb 2025 16:28:41 +0100 Subject: [PATCH 11/14] chore: Split Kyma sync into Status and Metadata sync (#2257) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * chore: Transform Kyma.Status before syncing to SKR * refactor labels/annotation sync * test SynchronizeKyma * adapt expected coverage * sync only if labels and annotations changed * refactor tests * split and refactor to only sync metadata * revert patch to update * fix revert * sync only metdata instead of full object * bump coverage * fix lint * chore(dependabot): bump the k8s-dependencies group across 2 directories with 6 updates (#2256) Bumps the k8s-dependencies group with 4 updates in the / directory: [k8s.io/api](https://github.com/kubernetes/api), [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver), [k8s.io/cli-runtime](https://github.com/kubernetes/cli-runtime) and [k8s.io/kubectl](https://github.com/kubernetes/kubectl). Bumps the k8s-dependencies group with 2 updates in the /api directory: [k8s.io/api](https://github.com/kubernetes/api) and [k8s.io/client-go](https://github.com/kubernetes/client-go). Updates `k8s.io/api` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/api/compare/v0.32.1...v0.32.2) Updates `k8s.io/apiextensions-apiserver` from 0.32.1 to 0.32.2 - [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases) - [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.32.1...v0.32.2) Updates `k8s.io/apimachinery` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.1...v0.32.2) Updates `k8s.io/cli-runtime` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/cli-runtime/compare/v0.32.1...v0.32.2) Updates `k8s.io/client-go` from 0.32.1 to 0.32.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.32.1...v0.32.2) Updates `k8s.io/kubectl` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/kubectl/compare/v0.32.1...v0.32.2) Updates `k8s.io/api` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/api/compare/v0.32.1...v0.32.2) Updates `k8s.io/apimachinery` from 0.32.1 to 0.32.2 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.1...v0.32.2) Updates `k8s.io/client-go` from 0.32.1 to 0.32.2 - [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/kubernetes/client-go/compare/v0.32.1...v0.32.2) --- updated-dependencies: - dependency-name: k8s.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/apiextensions-apiserver dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/cli-runtime dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/kubectl dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/api dependency-type: indirect update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/apimachinery dependency-type: direct:production update-type: version-update:semver-patch dependency-group: k8s-dependencies - dependency-name: k8s.io/client-go dependency-type: indirect update-type: version-update:semver-patch dependency-group: k8s-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump github.com/cert-manager/cert-manager from 1.17.0 to 1.17.1 (#2254) * chore(dependabot): bump github.com/cert-manager/cert-manager Bumps [github.com/cert-manager/cert-manager](https://github.com/cert-manager/cert-manager) from 1.17.0 to 1.17.1. - [Release notes](https://github.com/cert-manager/cert-manager/releases) - [Changelog](https://github.com/cert-manager/cert-manager/blob/master/RELEASE.md) - [Commits](https://github.com/cert-manager/cert-manager/compare/v1.17.0...v1.17.1) --- updated-dependencies: - dependency-name: github.com/cert-manager/cert-manager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * bump cert manager in versions.yaml --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Christoph Schwägerl * chore(dependabot): bump ocm.software/ocm from 0.20.0 to 0.20.1 (#2260) Bumps [ocm.software/ocm](https://github.com/open-component-model/ocm) from 0.20.0 to 0.20.1. - [Release notes](https://github.com/open-component-model/ocm/releases) - [Changelog](https://github.com/open-component-model/ocm/blob/main/RELEASE_PROCESS.md) - [Commits](https://github.com/open-component-model/ocm/compare/v0.20...v0.20.1) --- updated-dependencies: - dependency-name: ocm.software/ocm dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump the istio-dependencies group across 1 directory with 2 updates (#2244) Bumps the istio-dependencies group with 2 updates in the / directory: [istio.io/api](https://github.com/istio/api) and [istio.io/client-go](https://github.com/istio/client-go). Updates `istio.io/api` from 1.24.2 to 1.24.3 - [Commits](https://github.com/istio/api/compare/1.24.2...1.24.3) Updates `istio.io/client-go` from 1.24.2 to 1.24.3 - [Commits](https://github.com/istio/client-go/compare/1.24.2...1.24.3) --- updated-dependencies: - dependency-name: istio.io/api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: istio-dependencies - dependency-name: istio.io/client-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: istio-dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump sigs.k8s.io/controller-runtime from 0.20.1 to 0.20.2 (#2261) chore(dependabot): bump sigs.k8s.io/controller-runtime Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.20.1 to 0.20.2. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.20.1...v0.20.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(dependabot): bump sigs.k8s.io/controller-runtime from 0.20.1 to 0.20.2 in /api (#2262) chore(dependabot): bump sigs.k8s.io/controller-runtime in /api Bumps [sigs.k8s.io/controller-runtime](https://github.com/kubernetes-sigs/controller-runtime) from 0.20.1 to 0.20.2. - [Release notes](https://github.com/kubernetes-sigs/controller-runtime/releases) - [Changelog](https://github.com/kubernetes-sigs/controller-runtime/blob/main/RELEASE.md) - [Commits](https://github.com/kubernetes-sigs/controller-runtime/compare/v0.20.1...v0.20.2) --- updated-dependencies: - dependency-name: sigs.k8s.io/controller-runtime dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * remove merge duplications * Apply suggestions from code review Co-authored-by: Nesma Badr * dedicated merge maps util * remove overhead from tests * rename vars * fix coverage --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nesma Badr --- internal/controller/kyma/controller.go | 10 +- internal/declarative/v2/default_transforms.go | 6 +- internal/manifest/modulecr/client.go | 2 +- internal/remote/crd_upgrade.go | 2 +- .../remote/modulereleasemeta_syncworker.go | 2 +- internal/remote/moduletemplate_syncworker.go | 2 +- internal/remote/skr_context.go | 89 ++++-- internal/remote/skr_context_test.go | 289 +++++++++++++++++- internal/util/collections/collections.go | 23 +- internal/util/collections/collections_test.go | 102 ++++++- pkg/testutils/builder/kyma.go | 7 + pkg/watcher/skr_webhook_manifest_manager.go | 2 +- pkg/watcher/skr_webhook_resources.go | 2 +- unit-test-coverage.yaml | 4 +- 14 files changed, 473 insertions(+), 69 deletions(-) diff --git a/internal/controller/kyma/controller.go b/internal/controller/kyma/controller.go index 1b70afcc2b..afa1afbce6 100644 --- a/internal/controller/kyma/controller.go +++ b/internal/controller/kyma/controller.go @@ -274,9 +274,15 @@ func (r *Reconciler) syncStatusToRemote(ctx context.Context, kcpKyma *v1beta2.Ky if err != nil { return fmt.Errorf("failed to get skrContext: %w", err) } - if err := skrContext.SynchronizeKyma(ctx, kcpKyma, remoteKyma); err != nil { - return fmt.Errorf("sync run failure: %w", err) + + if err := skrContext.SynchronizeKymaMetadata(ctx, kcpKyma, remoteKyma); err != nil { + return fmt.Errorf("failed to sync SKR Kyma CR Metadata: %w", err) + } + + if err := skrContext.SynchronizeKymaStatus(ctx, kcpKyma, remoteKyma); err != nil { + return fmt.Errorf("failed to sync SKR Kyma CR Status: %w", err) } + return nil } diff --git a/internal/declarative/v2/default_transforms.go b/internal/declarative/v2/default_transforms.go index 42dc06a496..edacb77868 100644 --- a/internal/declarative/v2/default_transforms.go +++ b/internal/declarative/v2/default_transforms.go @@ -31,7 +31,7 @@ func DisclaimerTransform(_ context.Context, _ Object, resources []*unstructured. func KymaComponentTransform(_ context.Context, obj Object, resources []*unstructured.Unstructured) error { for _, resource := range resources { - resource.SetLabels(collections.MergeMaps(resource.GetLabels(), map[string]string{ + resource.SetLabels(collections.MergeMapsSilent(resource.GetLabels(), map[string]string{ "app.kubernetes.io/component": obj.GetName(), "app.kubernetes.io/part-of": "Kyma", })) @@ -41,11 +41,11 @@ func KymaComponentTransform(_ context.Context, obj Object, resources []*unstruct func ManagedByOwnedBy(_ context.Context, obj Object, resources []*unstructured.Unstructured) error { for _, resource := range resources { - resource.SetLabels(collections.MergeMaps(resource.GetLabels(), map[string]string{ + resource.SetLabels(collections.MergeMapsSilent(resource.GetLabels(), map[string]string{ shared.ManagedBy: shared.ManagedByLabelValue, })) - resource.SetAnnotations(collections.MergeMaps(resource.GetAnnotations(), map[string]string{ + resource.SetAnnotations(collections.MergeMapsSilent(resource.GetAnnotations(), map[string]string{ shared.OwnedByAnnotation: fmt.Sprintf(OwnedByFormat, obj.GetNamespace(), obj.GetName()), })) } diff --git a/internal/manifest/modulecr/client.go b/internal/manifest/modulecr/client.go index 928d84f754..0b8ce7fb7d 100644 --- a/internal/manifest/modulecr/client.go +++ b/internal/manifest/modulecr/client.go @@ -118,7 +118,7 @@ func (c *Client) SyncModuleCR(ctx context.Context, manifest *v1beta2.Manifest) e } resource := manifest.Spec.Resource.DeepCopy() - resource.SetLabels(collections.MergeMaps(resource.GetLabels(), map[string]string{ + resource.SetLabels(collections.MergeMapsSilent(resource.GetLabels(), map[string]string{ shared.ManagedBy: shared.ManagedByLabelValue, })) diff --git a/internal/remote/crd_upgrade.go b/internal/remote/crd_upgrade.go index 6bf8b57aa4..e453339e29 100644 --- a/internal/remote/crd_upgrade.go +++ b/internal/remote/crd_upgrade.go @@ -87,7 +87,7 @@ func PatchCRD(ctx context.Context, clnt client.Client, crd *apiextensionsv1.Cust crdToApply.Spec.Conversion.Strategy = apiextensionsv1.NoneConverter crdToApply.Spec.Conversion.Webhook = nil - crdToApply.SetLabels(collections.MergeMaps(crdToApply.GetLabels(), map[string]string{ + crdToApply.SetLabels(collections.MergeMapsSilent(crdToApply.GetLabels(), map[string]string{ shared.ManagedBy: shared.ManagedByLabelValue, })) diff --git a/internal/remote/modulereleasemeta_syncworker.go b/internal/remote/modulereleasemeta_syncworker.go index 60d84b9c1f..abdfe59ebe 100644 --- a/internal/remote/modulereleasemeta_syncworker.go +++ b/internal/remote/modulereleasemeta_syncworker.go @@ -114,7 +114,7 @@ func prepareModuleReleaseMetaForSSA(moduleReleaseMeta *v1beta2.ModuleReleaseMeta moduleReleaseMeta.SetResourceVersion("") moduleReleaseMeta.SetUID("") moduleReleaseMeta.SetManagedFields([]apimetav1.ManagedFieldsEntry{}) - moduleReleaseMeta.SetLabels(collections.MergeMaps(moduleReleaseMeta.GetLabels(), map[string]string{ + moduleReleaseMeta.SetLabels(collections.MergeMapsSilent(moduleReleaseMeta.GetLabels(), map[string]string{ shared.ManagedBy: shared.ManagedByLabelValue, })) diff --git a/internal/remote/moduletemplate_syncworker.go b/internal/remote/moduletemplate_syncworker.go index ac41dbc191..ff16218c83 100644 --- a/internal/remote/moduletemplate_syncworker.go +++ b/internal/remote/moduletemplate_syncworker.go @@ -114,7 +114,7 @@ func prepareModuleTemplateForSSA(moduleTemplate *v1beta2.ModuleTemplate, namespa moduleTemplate.SetResourceVersion("") moduleTemplate.SetUID("") moduleTemplate.SetManagedFields([]apimetav1.ManagedFieldsEntry{}) - moduleTemplate.SetLabels(collections.MergeMaps(moduleTemplate.GetLabels(), map[string]string{ + moduleTemplate.SetLabels(collections.MergeMapsSilent(moduleTemplate.GetLabels(), map[string]string{ shared.ManagedBy: shared.ManagedByLabelValue, })) diff --git a/internal/remote/skr_context.go b/internal/remote/skr_context.go index aeb34fac1e..d06a70a6bc 100644 --- a/internal/remote/skr_context.go +++ b/internal/remote/skr_context.go @@ -11,6 +11,7 @@ import ( apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1" "k8s.io/apimachinery/pkg/api/meta" apimetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/types" "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/controller/controllerutil" @@ -18,16 +19,19 @@ import ( "github.com/kyma-project/lifecycle-manager/api/shared" "github.com/kyma-project/lifecycle-manager/api/v1beta2" "github.com/kyma-project/lifecycle-manager/internal/event" + "github.com/kyma-project/lifecycle-manager/internal/util/collections" "github.com/kyma-project/lifecycle-manager/pkg/util" ) var ErrNotFoundAndKCPKymaUnderDeleting = errors.New("not found and kcp kyma under deleting") const ( + fieldManager = "kyma-sync-context" + crdInstallation event.Reason = "CRDInstallation" remoteInstallation event.Reason = "RemoteInstallation" - remoteUpdateFailure event.Reason = "RemoteSynchronization" - statusUpdateFailure event.Reason = "UpdateRuntimeStatus" + metadataSyncFailure event.Reason = "MetadataSynchronization" + statusSyncFailure event.Reason = "StatusSynchronization" ) type SkrContext struct { @@ -92,7 +96,7 @@ func (s *SkrContext) CreateKymaNamespace(ctx context.Context) error { patch := client.RawPatch(types.ApplyPatchType, buf.Bytes()) force := true - patchOpts := &client.PatchOptions{Force: &force, FieldManager: "kyma-sync-context"} + patchOpts := &client.PatchOptions{Force: &force, FieldManager: fieldManager} if err := s.Client.Patch(ctx, namespace, patch, patchOpts); err != nil { return fmt.Errorf("failed to ensure remote namespace exists: %w", err) } @@ -159,24 +163,52 @@ func (s *SkrContext) CreateOrFetchKyma( return remoteKyma, nil } -func (s *SkrContext) SynchronizeKyma(ctx context.Context, kcpKyma, remoteKyma *v1beta2.Kyma) error { - if !remoteKyma.GetDeletionTimestamp().IsZero() { +// SynchronizeKymaMetadata synchronizes the metadata to the SKR Kyma CR . +// It sets the required labels and annotations. +func (s *SkrContext) SynchronizeKymaMetadata(ctx context.Context, kcpKyma, skrKyma *v1beta2.Kyma) error { + if !skrKyma.GetDeletionTimestamp().IsZero() { + return nil + } + + changed := syncWatcherLabelsAnnotations(kcpKyma, skrKyma) + if !changed { return nil } - s.syncWatcherLabelsAnnotations(kcpKyma, remoteKyma) - if err := s.Client.Update(ctx, remoteKyma); err != nil { - err = fmt.Errorf("failed to synchronise runtime kyma: %w", err) - s.event.Warning(kcpKyma, remoteUpdateFailure, err) + metadataToSync := &unstructured.Unstructured{} + metadataToSync.SetName(skrKyma.GetName()) + metadataToSync.SetNamespace(skrKyma.GetNamespace()) + metadataToSync.SetGroupVersionKind(kcpKyma.GroupVersionKind()) // use KCP GVK as SKR GVK may not be available + metadataToSync.SetLabels(skrKyma.GetLabels()) + metadataToSync.SetAnnotations(skrKyma.GetAnnotations()) + + forceOwnership := true + err := s.Client.Patch(ctx, + metadataToSync, + client.Apply, + &client.PatchOptions{FieldManager: fieldManager, Force: &forceOwnership}) + if err != nil { + err = fmt.Errorf("failed to synchronise Kyma metadata to SKR: %w", err) + s.event.Warning(kcpKyma, metadataSyncFailure, err) return err } - syncStatus(&kcpKyma.Status, &remoteKyma.Status) - if err := s.Client.Status().Update(ctx, remoteKyma); err != nil { - err = fmt.Errorf("failed to update runtime kyma status: %w", err) - s.event.Warning(kcpKyma, statusUpdateFailure, err) + return nil +} + +// SynchronizeKymaStatus synchronizes the status to the SKR Kyma CR. +func (s *SkrContext) SynchronizeKymaStatus(ctx context.Context, kcpKyma, skrKyma *v1beta2.Kyma) error { + if !skrKyma.GetDeletionTimestamp().IsZero() { + return nil + } + + syncStatus(&kcpKyma.Status, &skrKyma.Status) + if err := s.Client.Status().Update(ctx, skrKyma); err != nil { + err = fmt.Errorf("failed to synchronise Kyma status to SKR: %w", err) + s.event.Warning(kcpKyma, statusSyncFailure, err) return err } + return nil } @@ -202,21 +234,22 @@ func (s *SkrContext) getRemoteKyma(ctx context.Context) (*v1beta2.Kyma, error) { return skrKyma, nil } -// syncWatcherLabelsAnnotations inserts labels into the given KymaCR, which are needed to ensure -// a working e2e-flow for the runtime-watcher. -func (s *SkrContext) syncWatcherLabelsAnnotations(controlPlaneKyma, remoteKyma *v1beta2.Kyma) { - if remoteKyma.Labels == nil { - remoteKyma.Labels = make(map[string]string) - } - - remoteKyma.Labels[shared.WatchedByLabel] = shared.WatchedByLabelValue - remoteKyma.Labels[shared.ManagedBy] = shared.ManagedByLabelValue - - if remoteKyma.Annotations == nil { - remoteKyma.Annotations = make(map[string]string) - } - remoteKyma.Annotations[shared.OwnedByAnnotation] = fmt.Sprintf(shared.OwnedByFormat, - controlPlaneKyma.GetNamespace(), controlPlaneKyma.GetName()) +// syncWatcherLabelsAnnotations adds required labels and annotations to the skrKyma. +// It returns true if any of the labels or annotations were changed. +func syncWatcherLabelsAnnotations(kcpKyma, skrKyma *v1beta2.Kyma) bool { + labels, labelsChanged := collections.MergeMaps(skrKyma.Labels, map[string]string{ + shared.WatchedByLabel: shared.WatchedByLabelValue, + shared.ManagedBy: shared.ManagedByLabelValue, + }) + skrKyma.Labels = labels + + annotations, annotationsChanged := collections.MergeMaps(skrKyma.Annotations, map[string]string{ + shared.OwnedByAnnotation: fmt.Sprintf(shared.OwnedByFormat, + kcpKyma.GetNamespace(), kcpKyma.GetName()), + }) + skrKyma.Annotations = annotations + + return labelsChanged || annotationsChanged } // syncStatus copies the Kyma status and transofrms it from KCP perspective to SKR perspective. diff --git a/internal/remote/skr_context_test.go b/internal/remote/skr_context_test.go index 8e40fb7e41..677537409d 100644 --- a/internal/remote/skr_context_test.go +++ b/internal/remote/skr_context_test.go @@ -1,16 +1,28 @@ package remote //nolint:testpackage // testing package internals import ( + "context" + "errors" + "fmt" "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + machineryruntime "k8s.io/apimachinery/pkg/runtime" + "k8s.io/client-go/rest" + "sigs.k8s.io/controller-runtime/pkg/client" "github.com/kyma-project/lifecycle-manager/api/shared" "github.com/kyma-project/lifecycle-manager/api/v1beta2" + "github.com/kyma-project/lifecycle-manager/internal/event" "github.com/kyma-project/lifecycle-manager/pkg/testutils/builder" ) +const ( + kymaName = "test-name" + kymaNamespace = "test-namespace" +) + func TestReplaceWithVirtualKyma(t *testing.T) { t.Parallel() type testKyma struct { @@ -68,23 +80,120 @@ func TestReplaceWithVirtualKyma(t *testing.T) { } } -func createKyma(channel string, moduleNames []string) *v1beta2.Kyma { - kyma := builder.NewKymaBuilder(). - WithChannel(channel). +func Test_SynchronizeKymaMetadata_SkipsIfSKRKymaIsDeleting(t *testing.T) { + skrKyma := builder.NewKymaBuilder().WithDeletionTimestamp().Build() + kcpKyma := builder.NewKymaBuilder().Build() + + event := &eventStub{} + client := &clientStub{} + skrContext := NewSkrContext(client, event) + + err := skrContext.SynchronizeKymaMetadata(context.Background(), kcpKyma, skrKyma) + + require.NoError(t, err) + assert.False(t, client.called) + assert.False(t, event.called) +} + +func Test_SynchronizeKymaMetadata_Syncs(t *testing.T) { + skrKyma := builder.NewKymaBuilder().Build() + kcpKyma := builder.NewKymaBuilder().Build() + + event := &eventStub{} + client := &clientStub{} + skrContext := NewSkrContext(client, event) + + err := skrContext.SynchronizeKymaMetadata(context.Background(), kcpKyma, skrKyma) + + require.NoError(t, err) + assert.True(t, client.called) + assert.False(t, event.called) +} + +func Test_SynchronizeKymaMetadata_SkipsSyncIfLabelsAndAnnotationsUnchanged(t *testing.T) { + skrKyma := builder.NewKymaBuilder(). + WithLabel(shared.WatchedByLabel, shared.WatchedByLabelValue). + WithLabel(shared.ManagedBy, shared.ManagedByLabelValue). + WithAnnotation(shared.OwnedByAnnotation, fmt.Sprintf(shared.OwnedByFormat, kymaNamespace, kymaName)). Build() + kcpKyma := builder.NewKymaBuilder().WithName(kymaName).WithNamespace(kymaNamespace).Build() - modules := []v1beta2.Module{} - for _, moduleName := range moduleNames { - modules = append(modules, v1beta2.Module{ - Name: moduleName, - Channel: v1beta2.DefaultChannel, - Managed: true, - }) - } + event := &eventStub{} + client := &clientStub{} + skrContext := NewSkrContext(client, event) - kyma.Spec.Modules = modules + err := skrContext.SynchronizeKymaMetadata(context.Background(), kcpKyma, skrKyma) - return kyma + require.NoError(t, err) + assert.False(t, client.called) + assert.False(t, event.called) +} + +func Test_SynchronizeKymaMetadata_ErrorsWhenFailedToSync(t *testing.T) { + skrKyma := builder.NewKymaBuilder().Build() + kcpKyma := builder.NewKymaBuilder().Build() + + expectedError := errors.New("test error") + event := &eventStub{} + client := &clientStub{err: expectedError} + skrContext := NewSkrContext(client, event) + + err := skrContext.SynchronizeKymaMetadata(context.Background(), kcpKyma, skrKyma) + + require.ErrorIs(t, err, expectedError) + assert.Contains(t, err.Error(), "failed to synchronise Kyma metadata to SKR") + assert.True(t, client.called) + assert.True(t, event.called) +} + +func Test_SynchronizeKymaStatus_SkipsIfSKRKymaIsDeleting(t *testing.T) { + skrKyma := builder.NewKymaBuilder().WithDeletionTimestamp().Build() + kcpKyma := builder.NewKymaBuilder().Build() + + event := &eventStub{} + statusClient := &statusClient{} + client := &clientStub{status: statusClient} + skrContext := NewSkrContext(client, event) + + err := skrContext.SynchronizeKymaStatus(context.Background(), kcpKyma, skrKyma) + + require.NoError(t, err) + assert.False(t, statusClient.called) + assert.False(t, event.called) +} + +func Test_SynchronizeKymaStatus_Syncs(t *testing.T) { + skrKyma := builder.NewKymaBuilder().Build() + kcpKyma := builder.NewKymaBuilder().Build() + + event := &eventStub{} + statusClient := &statusClient{} + client := &clientStub{status: statusClient} + skrContext := NewSkrContext(client, event) + + err := skrContext.SynchronizeKymaStatus(context.Background(), kcpKyma, skrKyma) + + require.NoError(t, err) + assert.True(t, statusClient.called) + assert.False(t, event.called) +} + +func Test_SynchronizeKymaStatus_ErrorsWhenFailedToSync(t *testing.T) { + skrKyma := builder.NewKymaBuilder().Build() + kcpKyma := builder.NewKymaBuilder().Build() + + expectedError := errors.New("test error") + event := &eventStub{} + statusClient := &statusClient{err: expectedError} + client := &clientStub{status: statusClient} + skrContext := NewSkrContext(client, event) + + err := skrContext.SynchronizeKymaStatus(context.Background(), kcpKyma, skrKyma) + + require.ErrorIs(t, err, expectedError) + assert.Contains(t, err.Error(), "failed to synchronise Kyma status to SKR") + assert.True(t, statusClient.called) + assert.True(t, event.called) } func Test_syncStatus_AssignsRemoteNamespace(t *testing.T) { @@ -159,12 +268,160 @@ func Test_syncStatus_RemovesManifestReference(t *testing.T) { syncStatus(kcpStatus, skrStatus) for _, module := range skrStatus.Modules { - if module.Manifest == nil { - continue - } assert.Nil(t, module.Manifest) } assert.NotNil(t, kcpStatus.Modules[0].Manifest) assert.NotNil(t, kcpStatus.Modules[1].Manifest) + assert.Nil(t, kcpStatus.Modules[2].Manifest) +} + +func Test_syncWatcherLabelsAnnotations_AddsLabelsAndAnnotations(t *testing.T) { + skrKyma := builder.NewKymaBuilder().Build() + kcpKyma := builder.NewKymaBuilder().WithName(kymaName).WithNamespace(kymaNamespace).Build() + + changed := syncWatcherLabelsAnnotations(kcpKyma, skrKyma) + + assert.True(t, changed) + assertLabelsAndAnnotations(t, skrKyma) +} + +func Test_syncWatcherLabelsAnnotations_AddsLabels(t *testing.T) { + skrKyma := builder.NewKymaBuilder(). + WithAnnotation(shared.OwnedByAnnotation, fmt.Sprintf(shared.OwnedByFormat, kymaNamespace, kymaName)). + Build() + kcpKyma := builder.NewKymaBuilder().WithName(kymaName).WithNamespace(kymaNamespace).Build() + + changed := syncWatcherLabelsAnnotations(kcpKyma, skrKyma) + + assert.True(t, changed) + assertLabelsAndAnnotations(t, skrKyma) +} + +func Test_syncWatcherLabelsAnnotations_AddsAnnotations(t *testing.T) { + skrKyma := builder.NewKymaBuilder(). + WithLabel(shared.WatchedByLabel, shared.WatchedByLabelValue). + WithLabel(shared.ManagedBy, shared.ManagedByLabelValue). + Build() + kcpKyma := builder.NewKymaBuilder().WithName(kymaName).WithNamespace(kymaNamespace).Build() + + changed := syncWatcherLabelsAnnotations(kcpKyma, skrKyma) + + assert.True(t, changed) + assertLabelsAndAnnotations(t, skrKyma) +} + +func Test_syncWatcherLabelsAnnotations_ChangesAnnotations(t *testing.T) { + skrKyma := builder.NewKymaBuilder(). + WithLabel(shared.WatchedByLabel, shared.WatchedByLabelValue). + WithLabel(shared.ManagedBy, shared.ManagedByLabelValue). + WithAnnotation(shared.OwnedByAnnotation, "foo"). + Build() + kcpKyma := builder.NewKymaBuilder().WithName(kymaName).WithNamespace(kymaNamespace).Build() + + changed := syncWatcherLabelsAnnotations(kcpKyma, skrKyma) + + assert.True(t, changed) + assertLabelsAndAnnotations(t, skrKyma) +} + +func Test_syncWatcherLabelsAnnotations_ChangesLabels(t *testing.T) { + skrKyma := builder.NewKymaBuilder(). + WithLabel(shared.WatchedByLabel, "foo"). + WithLabel(shared.ManagedBy, "bar"). + WithAnnotation(shared.OwnedByAnnotation, fmt.Sprintf(shared.OwnedByFormat, kymaNamespace, kymaName)). + Build() + kcpKyma := builder.NewKymaBuilder().WithName(kymaName).WithNamespace(kymaNamespace).Build() + + changed := syncWatcherLabelsAnnotations(kcpKyma, skrKyma) + + assert.True(t, changed) + assertLabelsAndAnnotations(t, skrKyma) +} + +func Test_syncWatcherLabelsAnnotations_ReturnsFalseIfLabelsAndAnnotationsUnchanged(t *testing.T) { + skrKyma := builder.NewKymaBuilder(). + WithLabel(shared.WatchedByLabel, shared.WatchedByLabelValue). + WithLabel(shared.ManagedBy, shared.ManagedByLabelValue). + WithAnnotation(shared.OwnedByAnnotation, fmt.Sprintf(shared.OwnedByFormat, kymaNamespace, kymaName)). + Build() + kcpKyma := builder.NewKymaBuilder().WithName(kymaName).WithNamespace(kymaNamespace).Build() + + changed := syncWatcherLabelsAnnotations(kcpKyma, skrKyma) + + assert.False(t, changed) + assertLabelsAndAnnotations(t, skrKyma) +} + +// test helpers + +func createKyma(channel string, moduleNames []string) *v1beta2.Kyma { + kyma := builder.NewKymaBuilder(). + WithChannel(channel). + Build() + + modules := []v1beta2.Module{} + for _, moduleName := range moduleNames { + modules = append(modules, v1beta2.Module{ + Name: moduleName, + Channel: v1beta2.DefaultChannel, + Managed: true, + }) + } + + kyma.Spec.Modules = modules + + return kyma +} + +func assertLabelsAndAnnotations(t *testing.T, skrKyma *v1beta2.Kyma) { + t.Helper() + + assert.Equal(t, shared.WatchedByLabelValue, skrKyma.Labels[shared.WatchedByLabel]) + assert.Equal(t, shared.ManagedByLabelValue, skrKyma.Labels[shared.ManagedBy]) + assert.Equal(t, + fmt.Sprintf(shared.OwnedByFormat, kymaNamespace, kymaName), + skrKyma.Annotations[shared.OwnedByAnnotation]) +} + +// test stubs + +type eventStub struct { + event.Event + called bool +} + +func (e *eventStub) Warning(object machineryruntime.Object, reason event.Reason, err error) { + e.called = true +} + +type clientStub struct { + err error + status client.SubResourceWriter + client.Client + called bool +} + +func (c *clientStub) Patch(ctx context.Context, obj client.Object, patch client.Patch, opts ...client.PatchOption) error { + c.called = true + return c.err +} + +func (c *clientStub) Status() client.SubResourceWriter { + return c.status +} + +func (*clientStub) Config() *rest.Config { + return nil +} + +type statusClient struct { + err error + client.SubResourceWriter + called bool +} + +func (s *statusClient) Update(ctx context.Context, obj client.Object, opts ...client.SubResourceUpdateOption) error { + s.called = true + return s.err } diff --git a/internal/util/collections/collections.go b/internal/util/collections/collections.go index 6edb0259e6..62edfb10b3 100644 --- a/internal/util/collections/collections.go +++ b/internal/util/collections/collections.go @@ -1,15 +1,26 @@ package collections -func MergeMaps(map1, map2 map[string]string) map[string]string { - mergedMap := make(map[string]string) +// MergeMapsSilent merges map2 into map1. +// It does not indicate if map1 changed. +func MergeMapsSilent(map1, map2 map[string]string) map[string]string { + mergedMap, _ := MergeMaps(map1, map2) + return mergedMap +} - for k, v := range map1 { - mergedMap[k] = v +// MergeMaps merges map2 into map1. +// It returns true if map1 changed. +func MergeMaps(map1, map2 map[string]string) (map[string]string, bool) { + changed := false + if map1 == nil { + map1 = make(map[string]string) } for k, v := range map2 { - mergedMap[k] = v + if map1[k] != v { + map1[k] = v + changed = true + } } - return mergedMap + return map1, changed } diff --git a/internal/util/collections/collections_test.go b/internal/util/collections/collections_test.go index 5632ad24a4..84945700e3 100644 --- a/internal/util/collections/collections_test.go +++ b/internal/util/collections/collections_test.go @@ -8,31 +8,33 @@ import ( "github.com/kyma-project/lifecycle-manager/internal/util/collections" ) -func TestMergeMaps_WhenMapIsEmpty(t *testing.T) { +func TestMergeMapsSilent_WhenMapIsEmpty(t *testing.T) { firstMap := map[string]string{} secondMap := map[string]string{ "key": "value", } - mergedMap := collections.MergeMaps(firstMap, secondMap) + mergedMap := collections.MergeMapsSilent(firstMap, secondMap) + require.Len(t, mergedMap, 1) require.Contains(t, mergedMap, "key") require.Equal(t, "value", mergedMap["key"]) } -func TestMergeMaps_WhenMapIsNil(t *testing.T) { +func TestMergeMapsSilent_WhenMapIsNil(t *testing.T) { var firstMap map[string]string secondMap := map[string]string{ "key": "value", } - mergedMap := collections.MergeMaps(firstMap, secondMap) + mergedMap := collections.MergeMapsSilent(firstMap, secondMap) + require.Len(t, mergedMap, 1) require.Contains(t, mergedMap, "key") require.Equal(t, "value", mergedMap["key"]) } -func TestMergeMaps_WhenBothMapsHaveValues(t *testing.T) { +func TestMergeMapsSilent_WhenBothMapsHaveValues(t *testing.T) { firstMap := map[string]string{ "key1": "value1", } @@ -40,10 +42,98 @@ func TestMergeMaps_WhenBothMapsHaveValues(t *testing.T) { "key2": "value2", } - mergedMap := collections.MergeMaps(firstMap, secondMap) + mergedMap := collections.MergeMapsSilent(firstMap, secondMap) + require.Len(t, mergedMap, 2) require.Contains(t, mergedMap, "key1") require.Equal(t, "value1", mergedMap["key1"]) require.Contains(t, mergedMap, "key2") require.Equal(t, "value2", mergedMap["key2"]) } + +func TestMergeMaps_WhenMapIsNil(t *testing.T) { + var firstMap map[string]string = nil + secondMap := map[string]string{ + "key": "value", + } + + mergedMap, changed := collections.MergeMaps(firstMap, secondMap) + + require.True(t, changed) + require.Len(t, mergedMap, 1) + for k, v := range secondMap { + require.Equal(t, v, mergedMap[k]) + } + require.Nil(t, firstMap) +} + +func TestMergeMaps_WhenMapIsEmpty(t *testing.T) { + firstMap := map[string]string{} + secondMap := map[string]string{ + "key": "value", + } + + mergedMap, changed := collections.MergeMaps(firstMap, secondMap) + + require.True(t, changed) + require.Len(t, mergedMap, 1) + for k, v := range secondMap { + require.Equal(t, v, mergedMap[k]) + } + for k, v := range firstMap { + require.Equal(t, v, mergedMap[k]) + } +} + +func TestMergeMaps_WhenSecondMapIsNil(t *testing.T) { + firstMap := map[string]string{ + "key": "value", + } + var secondMap map[string]string = nil + + mergedMap, changed := collections.MergeMaps(firstMap, secondMap) + + require.False(t, changed) + require.Len(t, mergedMap, 1) + for k, v := range firstMap { + require.Equal(t, v, mergedMap[k]) + } + require.Nil(t, secondMap) +} + +func TestMergeMaps_WhenEntriesDistinct(t *testing.T) { + firstMap := map[string]string{ + "key1": "value1", + } + secondMap := map[string]string{ + "key2": "value2", + } + + mergedMap, changed := collections.MergeMaps(firstMap, secondMap) + + require.Len(t, mergedMap, 2) + require.True(t, changed) + for k, v := range firstMap { + require.Equal(t, v, mergedMap[k]) + } + for k, v := range secondMap { + require.Equal(t, v, mergedMap[k]) + } +} + +func TestMergeMaps_WhenSecondMapOverwritingFirst(t *testing.T) { + firstMap := map[string]string{ + "key1": "value1", + } + secondMap := map[string]string{ + "key1": "value2", + } + + mergedMap, changed := collections.MergeMaps(firstMap, secondMap) + + require.Len(t, mergedMap, 1) + require.True(t, changed) + for k, v := range secondMap { + require.Equal(t, v, mergedMap[k]) + } +} diff --git a/pkg/testutils/builder/kyma.go b/pkg/testutils/builder/kyma.go index 219029a1e2..04550b1c22 100644 --- a/pkg/testutils/builder/kyma.go +++ b/pkg/testutils/builder/kyma.go @@ -2,6 +2,7 @@ package builder import ( "fmt" + "time" apimetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -128,6 +129,12 @@ func (kb KymaBuilder) WithSkipMaintenanceWindows(skip bool) KymaBuilder { return kb } +// WithDeletionTimestamp sets v1beta2.Kyma.ObjectMeta.DeletionTimestamp. +func (kb KymaBuilder) WithDeletionTimestamp() KymaBuilder { + kb.kyma.ObjectMeta.DeletionTimestamp = &apimetav1.Time{Time: time.Now()} + return kb +} + // Build returns the built v1beta2.Kyma. func (kb KymaBuilder) Build() *v1beta2.Kyma { return kb.kyma diff --git a/pkg/watcher/skr_webhook_manifest_manager.go b/pkg/watcher/skr_webhook_manifest_manager.go index 4355c81f25..1940b95cbd 100644 --- a/pkg/watcher/skr_webhook_manifest_manager.go +++ b/pkg/watcher/skr_webhook_manifest_manager.go @@ -214,7 +214,7 @@ func (m *SKRWebhookManifestManager) getRawManifestClientObjects(cfg *unstructure resources := make([]client.Object, 0) for _, baseRes := range m.baseResources { resource := baseRes.DeepCopy() - resource.SetLabels(collections.MergeMaps(resource.GetLabels(), map[string]string{ + resource.SetLabels(collections.MergeMapsSilent(resource.GetLabels(), map[string]string{ shared.ManagedBy: shared.ManagedByLabelValue, })) configuredResource, err := configureUnstructuredObject(cfg, resource) diff --git a/pkg/watcher/skr_webhook_resources.go b/pkg/watcher/skr_webhook_resources.go index 49d685f25a..1510875b24 100644 --- a/pkg/watcher/skr_webhook_resources.go +++ b/pkg/watcher/skr_webhook_resources.go @@ -194,7 +194,7 @@ func configureDeployment(cfg *unstructuredResourcesConfig, obj *unstructured.Uns } deployment.Spec.Template.Spec.Containers[0] = serverContainer - deployment.SetLabels(collections.MergeMaps(deployment.GetLabels(), map[string]string{ + deployment.SetLabels(collections.MergeMapsSilent(deployment.GetLabels(), map[string]string{ shared.ManagedBy: shared.ManagedByLabelValue, })) diff --git a/unit-test-coverage.yaml b/unit-test-coverage.yaml index 3576252fa6..78717fb221 100644 --- a/unit-test-coverage.yaml +++ b/unit-test-coverage.yaml @@ -17,7 +17,7 @@ packages: internal/maintenancewindows: 87.5 internal/istio: 63.3 internal/pkg/resources: 91.7 - internal/remote: 20.2 - internal/util/collections: 86 + internal/remote: 29 + internal/util/collections: 87 pkg/templatelookup: 88 pkg/templatelookup/moduletemplateinfolookup: 72 From cd403d87e9d871e33441bdecd7161ecbe43d53ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christoph=20Schw=C3=A4gerl?= Date: Wed, 19 Feb 2025 13:39:32 +0100 Subject: [PATCH 12/14] chore: Remove plan mapping TODO (#2264) --- api/shared/operator_labels.go | 3 +-- api/v1beta2/kyma_types.go | 1 - 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/api/shared/operator_labels.go b/api/shared/operator_labels.go index 8931a22951..2780b20d0e 100644 --- a/api/shared/operator_labels.go +++ b/api/shared/operator_labels.go @@ -47,8 +47,7 @@ const ( GlobalAccountIDLabel = KymaGroup + Separator + "global-account-id" RegionLabel = KymaGroup + Separator + "region" PlatformRegionLabel = KymaGroup + Separator + "platform-region" - // to be confirmed https://github.com/kyma-project/kyma/issues/18611#issuecomment-2441158676 - PlanLabel = KymaGroup + Separator + "broker-plan-name" + PlanLabel = KymaGroup + Separator + "broker-plan-name" EnableLabelValue = "true" DisableLabelValue = "false" diff --git a/api/v1beta2/kyma_types.go b/api/v1beta2/kyma_types.go index 631169ad99..176f57dadd 100644 --- a/api/v1beta2/kyma_types.go +++ b/api/v1beta2/kyma_types.go @@ -452,7 +452,6 @@ func (kyma *Kyma) GetPlatformRegion() string { return kyma.Labels[shared.PlatformRegionLabel] } -// to be confirmed https://github.com/kyma-project/kyma/issues/18611#issuecomment-2441158676 func (kyma *Kyma) GetPlan() string { return kyma.Labels[shared.PlanLabel] } From 9ebdc7e464dab255177574353302c99fed49944b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Feb 2025 17:00:57 +0100 Subject: [PATCH 13/14] chore(dependabot): bump github.com/prometheus/client_golang from 1.20.5 to 1.21.0 (#2265) chore(dependabot): bump github.com/prometheus/client_golang Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.20.5 to 1.21.0. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/v1.21.0/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.20.5...v1.21.0) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 9ad07e6465..58c1f22bf2 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( github.com/kyma-project/runtime-watcher/listener v0.0.0-20240502124257-9d96561ef070 github.com/onsi/ginkgo/v2 v2.22.2 github.com/onsi/gomega v1.36.2 - github.com/prometheus/client_golang v1.20.5 + github.com/prometheus/client_golang v1.21.0 github.com/stretchr/testify v1.10.0 go.uber.org/zap v1.27.0 golang.org/x/sync v0.11.0 @@ -276,7 +276,7 @@ require ( github.com/pjbgf/sha1cd v0.3.0 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus/common v0.61.0 // indirect + github.com/prometheus/common v0.62.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/redis/go-redis/v9 v9.7.0 // indirect github.com/robfig/cron/v3 v3.0.1 // indirect diff --git a/go.sum b/go.sum index fdbfba210d..ed4d05b166 100644 --- a/go.sum +++ b/go.sum @@ -830,8 +830,8 @@ github.com/prometheus/client_golang v0.9.0-pre1.0.20180209125602-c332b6f63c06/go github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw= github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo= github.com/prometheus/client_golang v1.1.0/go.mod h1:I1FGZT9+L76gKKOs5djB6ezCbFQP1xR9D75/vuwEF3g= -github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= -github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= +github.com/prometheus/client_golang v1.21.0 h1:DIsaGmiaBkSangBgMtWdNfxbMNdku5IK6iNhrEqWvdA= +github.com/prometheus/client_golang v1.21.0/go.mod h1:U9NM32ykUErtVBxdvD3zfi+EuFkkaBvMb09mIfe0Zgg= github.com/prometheus/client_model v0.0.0-20171117100541-99fa1f4be8e5/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo= github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA= @@ -841,8 +841,8 @@ github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQy github.com/prometheus/common v0.0.0-20180110214958-89604d197083/go.mod h1:daVV7qP5qjZbuso7PdcryaAu0sAZbrN9i7WWcTMWvro= github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4= github.com/prometheus/common v0.6.0/go.mod h1:eBmuwkDJBwy6iBfxCBob6t6dR6ENT/y+J+Zk0j9GMYc= -github.com/prometheus/common v0.61.0 h1:3gv/GThfX0cV2lpO7gkTUwZru38mxevy90Bj8YFSRQQ= -github.com/prometheus/common v0.61.0/go.mod h1:zr29OCN/2BsJRaFwG8QOBr41D6kkchKbpeNH7pAjb/s= +github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= +github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= github.com/prometheus/procfs v0.0.0-20180125133057-cb4147076ac7/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk= github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA= From e99371103a28fe9b2ddc239cfab8e2870c32b4ab Mon Sep 17 00:00:00 2001 From: Tomasz Smelcerz Date: Thu, 20 Feb 2025 13:30:21 +0100 Subject: [PATCH 14/14] feat: Unexepected field managers reporting (#2251) Collect data for field managers during Manifest reconciliation --- internal/manifest/skrresources/collector.go | 192 ++++++++++++++++++ .../manifest/skrresources/collector_test.go | 83 ++++++++ .../skrresources/manifestcollector.go | 61 ++++++ internal/manifest/skrresources/ssa.go | 18 +- internal/manifest/skrresources/ssa_test.go | 4 +- internal/manifest/skrresources/sync.go | 4 +- 6 files changed, 358 insertions(+), 4 deletions(-) create mode 100644 internal/manifest/skrresources/collector.go create mode 100644 internal/manifest/skrresources/collector_test.go create mode 100644 internal/manifest/skrresources/manifestcollector.go diff --git a/internal/manifest/skrresources/collector.go b/internal/manifest/skrresources/collector.go new file mode 100644 index 0000000000..f939f7f695 --- /dev/null +++ b/internal/manifest/skrresources/collector.go @@ -0,0 +1,192 @@ +package skrresources + +import ( + "bytes" + "compress/gzip" + "context" + "encoding/base64" + "encoding/json" + "fmt" + "os" + "regexp" + "slices" + "strconv" + "strings" + "sync" + "time" + + "github.com/jellydator/ttlcache/v3" + apimetav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "sigs.k8s.io/controller-runtime/pkg/client" + logf "sigs.k8s.io/controller-runtime/pkg/log" + + "github.com/kyma-project/lifecycle-manager/api/shared" + "github.com/kyma-project/lifecycle-manager/internal" + "github.com/kyma-project/lifecycle-manager/internal/manifest/manifestclient" +) + +const ( + knownManagersDefault = string(manifestclient.DefaultFieldOwner) + ";" + + shared.OperatorName + ";" + + "k3s" // Applied in k3s environments. + knownManagersEnvVar = "KLM_EXPERIMENTAL_KNOWN_MANAGERS" + knownManagersRegexp = `^[a-zA-Z][a-zA-Z0-9.:_/-]{1,127}$` + + frequencyLimiterTTLDefault = 60 * 5 // 5 minutes + frequencyLimiterTTLEnvVar = "KLM_EXPERIMENTAL_FREQUENCY_LIMITER_TTL" + frequencyLimiterTTLRegexp = `^[1-9][0-9]{1,3}$` + + managedFieldsAnalysisLabelEnvVar = "KLM_EXPERIMENTAL_MANAGED_FIELDS_ANALYSIS_LABEL" +) + +var ( + allowedManagers = getAllowedManagers() //nolint:gochecknoglobals // list of managers is a global configuration + singletonFrequencyLimiter = newFrequencyLimiter() //nolint:gochecknoglobals // singleton cache is used to prevent emitting the same log multiple times in a short period +) + +type LogCollectorEntry struct { + ObjectName string `json:"objectName"` + ObjectNamespace string `json:"objectNamespace"` + ObjectGVK string `json:"objectGvk"` + ManagedFields []apimetav1.ManagedFieldsEntry `json:"managedFields"` +} + +// Implements skrresources.ManagedFieldsCollector interface, emits the collected data to the log stream. +// The collector is thread-safe. +// The collector is frequency-limited to prevent emitting entries for the same objectKey multiple times in a short time. +type LogCollector struct { + objectKey string + frequencyLimiter *ttlcache.Cache[string, bool] + owner client.FieldOwner + entries []LogCollectorEntry + mu sync.Mutex +} + +func NewLogCollector(key string, owner client.FieldOwner) *LogCollector { + return &LogCollector{ + objectKey: key, + owner: owner, + entries: []LogCollectorEntry{}, + frequencyLimiter: singletonFrequencyLimiter, + } +} + +// safeAddEntry adds a new entry to the collector's entries slice in a thread-safe way. +func (c *LogCollector) safeAddEntry(entry LogCollectorEntry) { + c.mu.Lock() + defer c.mu.Unlock() + c.entries = append(c.entries, entry) +} + +func (c *LogCollector) Collect(ctx context.Context, remoteObj client.Object) { + managedFields := remoteObj.GetManagedFields() + for _, mf := range managedFields { + if isUnknownManager(mf.Manager) { + newEntry := LogCollectorEntry{ + ObjectName: remoteObj.GetName(), + ObjectNamespace: remoteObj.GetNamespace(), + ObjectGVK: remoteObj.GetObjectKind().GroupVersionKind().String(), + ManagedFields: slices.Clone(remoteObj.GetManagedFields()), + } + c.safeAddEntry(newEntry) + return + } + } +} + +func (c *LogCollector) Emit(ctx context.Context) error { + if c.frequencyLimiter.Has(c.objectKey) { + logger := logf.FromContext(ctx, "owner", c.owner) + logger.V(internal.TraceLogLevel).Info("Unknown managers detection skipped (frequency)") + return nil + } + + c.mu.Lock() + defer c.mu.Unlock() + + if len(c.entries) > 0 { + c.frequencyLimiter.Set(c.objectKey, true, ttlcache.DefaultTTL) + + jsonSer, err := json.MarshalIndent(c.entries, "", " ") + if err != nil { + return fmt.Errorf("failed to serialize managed field data: %w", err) + } + logData, err := compressAndBase64(jsonSer) + if err != nil { + return err + } + + logger := logf.FromContext(ctx, "owner", c.owner) + logger.V(internal.TraceLogLevel).Info("Unknown managers detected", "base64gzip", logData) + } + return nil +} + +// compressAndBase64 compresses the input byte slice using gzip and encodes it to base64 so that it can be logged as a string. +func compressAndBase64(in []byte) (string, error) { + var buf bytes.Buffer + archive := gzip.NewWriter(&buf) + + _, err := archive.Write(in) + if err != nil { + return "", fmt.Errorf("failed to write to gzip archive: %w", err) + } + + if err := archive.Close(); err != nil { + return "", fmt.Errorf("failed to close gzip archive: %w", err) + } + + return base64.StdEncoding.EncodeToString(buf.Bytes()), nil +} + +func isUnknownManager(manager string) bool { + return !slices.Contains(allowedManagers, manager) +} + +// allowedManagers returns either a list configured in the KLM_RECONCILECONFIG_KNOWN_MANAGERS environment variable or the default list. +// The values must be separated by semicolons and are case-sensitive! +func getAllowedManagers() []string { + configured := os.Getenv(knownManagersEnvVar) + if configured == "" { + return splitBySemicolons(knownManagersDefault) + } else { + rxp := regexp.MustCompile(knownManagersRegexp) + configuredValues := splitBySemicolons(configured) + res := []string{} + for _, name := range configuredValues { + if rxp.MatchString(name) { + res = append(res, name) + } + } + return res + } +} + +func getFrequencyLimiterTTL() int { + var res int = frequencyLimiterTTLDefault + + if configured := os.Getenv(frequencyLimiterTTLEnvVar); configured != "" { + rxp := regexp.MustCompile(frequencyLimiterTTLRegexp) + if rxp.MatchString(configured) { + if parsed, err := strconv.Atoi(configured); err == nil { + res = parsed + } + } + } + + return res +} + +func newFrequencyLimiter() *ttlcache.Cache[string, bool] { + cache := ttlcache.New(ttlcache.WithTTL[string, bool](time.Duration(getFrequencyLimiterTTL()) * time.Second)) + go cache.Start() + return cache +} + +func splitBySemicolons(value string) []string { + return strings.Split(value, ";") +} + +func getManagedFieldsAnalysisLabel() string { + return os.Getenv(managedFieldsAnalysisLabelEnvVar) +} diff --git a/internal/manifest/skrresources/collector_test.go b/internal/manifest/skrresources/collector_test.go new file mode 100644 index 0000000000..77c8939436 --- /dev/null +++ b/internal/manifest/skrresources/collector_test.go @@ -0,0 +1,83 @@ +package skrresources //nolint:testpackage // testing package internals + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestGetAllowedManagers(t *testing.T) { + tests := []struct { + name string + envValue string + want []string + }{ + { + name: "default managers", + envValue: "", + want: []string{"declarative.kyma-project.io/applier", "lifecycle-manager", "k3s"}, + }, + { + name: "single manager in env", + envValue: "manager1", + want: []string{"manager1"}, + }, + { + name: "multiple managers in env", + envValue: "manager1;manager2;some-manager:3", + want: []string{"manager1", "manager2", "some-manager:3"}, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if tt.envValue != "" { + t.Setenv(knownManagersEnvVar, tt.envValue) + } + assert.Equal(t, tt.want, getAllowedManagers()) + }) + } +} + +func TestGetCacheTTL(t *testing.T) { + tests := []struct { + name string + envValue string + want int + }{ + { + name: "default TTL", + envValue: "", + want: 300, + }, + { + name: "custom TTL", + envValue: "123", + want: 123, + }, + { + name: "invalid value is ignored, default TTL is returned", + envValue: "abc", + want: 300, + }, + { + name: "zero is invalid, default TTL is returned", + envValue: "0", + want: 300, + }, + { + name: "Negative value is ignored, default TTL is returned", + envValue: "-123", + want: 300, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + if tt.envValue != "" { + t.Setenv(frequencyLimiterTTLEnvVar, tt.envValue) + } + assert.Equal(t, tt.want, getFrequencyLimiterTTL()) + }) + } +} diff --git a/internal/manifest/skrresources/manifestcollector.go b/internal/manifest/skrresources/manifestcollector.go new file mode 100644 index 0000000000..cbfff9323b --- /dev/null +++ b/internal/manifest/skrresources/manifestcollector.go @@ -0,0 +1,61 @@ +package skrresources + +import ( + "context" + + "sigs.k8s.io/controller-runtime/pkg/client" + + "github.com/kyma-project/lifecycle-manager/api/v1beta2" + "github.com/kyma-project/lifecycle-manager/internal/manifest/manifestclient" +) + +// ManifestLogCollector is a collector for remote Manifest objects. It delegates the calls to the embedded generic collector if collection is enabled for the given Manifest. +type ManifestLogCollector struct { + collector *LogCollector + enabled bool +} + +func NewManifestLogCollector(manifest *v1beta2.Manifest, owner client.FieldOwner) *ManifestLogCollector { + key := "" + enabled := false + if manifest != nil { + key = string(manifest.GetUID()) + enabled = isManifestCollectionEnabled(manifest) + } + return &ManifestLogCollector{ + collector: NewLogCollector(key, manifestclient.DefaultFieldOwner), + enabled: enabled, + } +} + +// Implements the skrresources.ManagedFieldsCollector interface. +func (c *ManifestLogCollector) Collect(ctx context.Context, obj client.Object) { + if c.enabled { + c.collector.Collect(ctx, obj) + } +} + +// Implements the skrresources.ManagedFieldsCollector interface. +func (c *ManifestLogCollector) Emit(ctx context.Context) error { + if c.enabled { + return c.collector.Emit(ctx) + } + return nil +} + +// isManifestCollectionEnabled checks if managed fields detection is enabled for the given manifest. +// The detection is disabled by default, but can be enabled by setting a specific label on the manifest CR. +func isManifestCollectionEnabled(obj *v1beta2.Manifest) bool { + if obj == nil { + return false + } + + configuredLabelName := getManagedFieldsAnalysisLabel() + + if configuredLabelName == "" { + return false + } + + _, found := obj.GetLabels()[configuredLabelName] + return found +} diff --git a/internal/manifest/skrresources/ssa.go b/internal/manifest/skrresources/ssa.go index 8a4aa70e0f..a55e5b821f 100644 --- a/internal/manifest/skrresources/ssa.go +++ b/internal/manifest/skrresources/ssa.go @@ -26,18 +26,28 @@ type SSA interface { Run(ctx context.Context, resourceInfo []*resource.Info) error } +type ManagedFieldsCollector interface { + // Collect collects managed fields data from the single object + Collect(ctx context.Context, obj client.Object) + // Emit emits collected data to some backing store + Emit(ctx context.Context) error +} + type ConcurrentDefaultSSA struct { clnt client.Client owner client.FieldOwner versioner machineryruntime.GroupVersioner converter machineryruntime.ObjectConvertor + collector ManagedFieldsCollector } -func ConcurrentSSA(clnt client.Client, owner client.FieldOwner) *ConcurrentDefaultSSA { +func ConcurrentSSA(clnt client.Client, owner client.FieldOwner, managedFieldsCollector ManagedFieldsCollector) *ConcurrentDefaultSSA { return &ConcurrentDefaultSSA{ - clnt: clnt, owner: owner, + clnt: clnt, + owner: owner, versioner: schema.GroupVersions(clnt.Scheme().PrioritizedVersionsAllGroups()), converter: clnt.Scheme(), + collector: managedFieldsCollector, } } @@ -70,6 +80,9 @@ func (c *ConcurrentDefaultSSA) Run(ctx context.Context, resources []*resource.In return errors.Join(errs...) } logger.V(internal.DebugLogLevel).Info("ServerSideApply finished", "time", ssaFinish) + if err := c.collector.Emit(ctx); err != nil { + logger.V(internal.DebugLogLevel).Error(err, "error emitting data of unknown field managers") + } return nil } @@ -123,6 +136,7 @@ func (c *ConcurrentDefaultSSA) serverSideApplyResourceInfo( ) } + c.collector.Collect(ctx, obj) return nil } diff --git a/internal/manifest/skrresources/ssa_test.go b/internal/manifest/skrresources/ssa_test.go index 308c2a59b7..532a04e2fa 100644 --- a/internal/manifest/skrresources/ssa_test.go +++ b/internal/manifest/skrresources/ssa_test.go @@ -29,6 +29,8 @@ func TestConcurrentSSA(t *testing.T) { fakeClientBuilder := fake.NewClientBuilder().WithRuntimeObjects(pod).Build() _ = fakeClientBuilder.Create(context.Background(), pod) + inactiveCollector := skrresources.NewManifestLogCollector(nil, client.FieldOwner("test")) + type args struct { clnt client.Client owner client.FieldOwner @@ -54,7 +56,7 @@ func TestConcurrentSSA(t *testing.T) { t.Run( testCase.name, func(t *testing.T) { t.Parallel() - ssa := skrresources.ConcurrentSSA(testCase.ssa.clnt, testCase.ssa.owner) + ssa := skrresources.ConcurrentSSA(testCase.ssa.clnt, testCase.ssa.owner, inactiveCollector) if err := ssa.Run(context.Background(), testCase.apply); err != nil { require.ErrorIs(t, err, testCase.err) } diff --git a/internal/manifest/skrresources/sync.go b/internal/manifest/skrresources/sync.go index feae73400a..cd28dcee19 100644 --- a/internal/manifest/skrresources/sync.go +++ b/internal/manifest/skrresources/sync.go @@ -19,7 +19,9 @@ func SyncResources(ctx context.Context, skrClient client.Client, manifest *v1bet ) error { manifestStatus := manifest.GetStatus() - if err := ConcurrentSSA(skrClient, manifestclient.DefaultFieldOwner).Run(ctx, target); err != nil { + managedFieldsCollector := NewManifestLogCollector(manifest, manifestclient.DefaultFieldOwner) + + if err := ConcurrentSSA(skrClient, manifestclient.DefaultFieldOwner, managedFieldsCollector).Run(ctx, target); err != nil { manifest.SetStatus(manifestStatus.WithState(shared.StateError).WithErr(err)) return err }