Skip to content

Commit

Permalink
chore: bump k8s deps to v1.29.4 and controller-runtime to v0.17.3 (#1292
Browse files Browse the repository at this point in the history
)

Signed-off-by: Anish Ramasekar <[email protected]>
  • Loading branch information
aramase authored May 2, 2024
1 parent 9fdb109 commit 2a3942e
Show file tree
Hide file tree
Showing 14 changed files with 636 additions and 1,327 deletions.
39 changes: 31 additions & 8 deletions cmd/webhook/main.go
Original file line number Diff line number Diff line change
@@ -1,22 +1,22 @@
package main

import (
"crypto/tls"
"flag"
"fmt"
"net/http"

"github.com/open-policy-agent/cert-controller/pkg/rotator"
"k8s.io/apimachinery/pkg/api/meta"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/types"
clientgoscheme "k8s.io/client-go/kubernetes/scheme"
"k8s.io/client-go/rest"
"monis.app/mlog"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client/apiutil"
"sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/manager"
"sigs.k8s.io/controller-runtime/pkg/manager/signals"
metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
"sigs.k8s.io/controller-runtime/pkg/webhook"

"github.com/Azure/azure-workload-identity/pkg/metrics"
Expand Down Expand Up @@ -104,15 +104,24 @@ func mainErr() error {
// log the user agent as it makes it easier to debug issues
entryLog.Info("setting up manager", "userAgent", config.UserAgent)

tlsVersion, err := parseTLSVersion(tlsMinVersion)
if err != nil {
return fmt.Errorf("entrypoint: unable to parse TLS version: %w", err)
}

serverOpts := webhook.Options{
CertDir: webhookCertDir,
TLSOpts: []func(c *tls.Config){func(c *tls.Config) { c.MinVersion = tlsVersion }},
}
mgr, err := ctrl.NewManager(config, ctrl.Options{
Scheme: scheme,
LeaderElection: false,
HealthProbeBindAddress: healthAddr,
MetricsBindAddress: metricsAddr,
CertDir: webhookCertDir,
MapperProvider: func(c *rest.Config) (meta.RESTMapper, error) {
return apiutil.NewDynamicRESTMapper(c)
Metrics: metricsserver.Options{
BindAddress: metricsAddr,
},
WebhookServer: webhook.NewServer(serverOpts),
MapperProvider: apiutil.NewDynamicRESTMapper,
})
if err != nil {
return fmt.Errorf("entrypoint: unable to set up controller manager: %w", err)
Expand Down Expand Up @@ -156,11 +165,10 @@ func setupWebhook(mgr manager.Manager, setupFinished chan struct{}) {
<-setupFinished

hookServer := mgr.GetWebhookServer()
hookServer.TLSMinVersion = tlsMinVersion

// setup webhooks
entryLog.Info("registering webhook to the webhook server")
podMutator, err := wh.NewPodMutator(mgr.GetClient(), mgr.GetAPIReader(), audience)
podMutator, err := wh.NewPodMutator(mgr.GetClient(), mgr.GetAPIReader(), audience, mgr.GetScheme())
if err != nil {
panic(fmt.Errorf("unable to set up pod mutator: %w", err))
}
Expand Down Expand Up @@ -190,3 +198,18 @@ func setupProbeEndpoints(mgr ctrl.Manager, setupFinished chan struct{}) {
}
entryLog.Info("added healthz and readyz check")
}

func parseTLSVersion(tlsVersion string) (uint16, error) {
switch tlsVersion {
case "1.0":
return tls.VersionTLS10, nil
case "1.1":
return tls.VersionTLS11, nil
case "1.2":
return tls.VersionTLS12, nil
case "1.3":
return tls.VersionTLS13, nil
default:
return 0, fmt.Errorf("invalid TLS version. Must be one of: 1.0, 1.1, 1.2, 1.3")
}
}
87 changes: 44 additions & 43 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -17,28 +17,31 @@ require (
github.com/microsoft/kiota-authentication-azure-go v1.0.0
github.com/microsoft/kiota-http-go v1.0.0
github.com/microsoftgraph/msgraph-sdk-go v1.8.0
github.com/open-policy-agent/cert-controller v0.5.0
github.com/open-policy-agent/cert-controller v0.10.1
github.com/pkg/errors v0.9.1
github.com/prometheus/client_golang v1.14.0
github.com/spf13/cobra v1.6.1
github.com/prometheus/client_golang v1.18.0
github.com/spf13/cobra v1.7.0
github.com/spf13/pflag v1.0.5
go.opentelemetry.io/otel v1.15.1
go.opentelemetry.io/otel/exporters/prometheus v0.37.0
go.opentelemetry.io/otel/metric v0.37.0
go.opentelemetry.io/otel v1.24.0
go.opentelemetry.io/otel/exporters/prometheus v0.46.0
go.opentelemetry.io/otel/metric v1.24.0
gopkg.in/ini.v1 v1.62.1
gopkg.in/square/go-jose.v2 v2.6.0
k8s.io/api v0.26.14
k8s.io/apimachinery v0.26.14
k8s.io/client-go v0.26.14
k8s.io/utils v0.0.0-20221128185143-99ec85e7a448
k8s.io/api v0.29.4
k8s.io/apimachinery v0.29.4
k8s.io/client-go v0.29.4
k8s.io/utils v0.0.0-20230726121419-3b25d923346b
monis.app/mlog v0.0.4
sigs.k8s.io/controller-runtime v0.14.7
sigs.k8s.io/controller-runtime v0.17.3
)

require (
github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect
github.com/google/gnostic-models v0.6.8 // indirect
github.com/matttproud/golang_protobuf_extensions/v2 v2.0.0 // indirect
github.com/microsoft/kiota-abstractions-go v1.0.0 // indirect
github.com/microsoft/kiota-serialization-json-go v1.0.2 // indirect
golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
)

require (
Expand All @@ -49,33 +52,31 @@ require (
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/blang/semver/v4 v4.0.0 // indirect
github.com/cespare/xxhash/v2 v2.1.2 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/cjlapao/common-go v0.0.39 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect
github.com/emicklei/go-restful/v3 v3.9.0 // indirect
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
github.com/evanphx/json-patch v4.12.0+incompatible // indirect
github.com/evanphx/json-patch/v5 v5.6.0 // indirect
github.com/fsnotify/fsnotify v1.6.0 // indirect
github.com/go-logr/logr v1.2.4 // indirect
github.com/evanphx/json-patch/v5 v5.8.0 // indirect
github.com/fsnotify/fsnotify v1.7.0 // indirect
github.com/go-logr/logr v1.4.1 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-logr/zapr v1.2.3 // indirect
github.com/go-openapi/jsonpointer v0.19.5 // indirect
github.com/go-openapi/jsonreference v0.20.0 // indirect
github.com/go-openapi/swag v0.19.15 // indirect
github.com/go-logr/zapr v1.3.0 // indirect
github.com/go-openapi/jsonpointer v0.19.6 // indirect
github.com/go-openapi/jsonreference v0.20.2 // indirect
github.com/go-openapi/swag v0.22.3 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/golang/protobuf v1.5.3 // indirect
github.com/google/gnostic v0.5.7-v3refs // indirect
github.com/google/go-cmp v0.5.9 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/google/go-cmp v0.6.0 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/imdario/mergo v0.3.12 // indirect
github.com/inconshreveable/mousetrap v1.0.1 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
github.com/json-iterator/go v1.1.12 // indirect
github.com/kylelemons/godebug v1.1.0 // indirect
github.com/mailru/easyjson v0.7.7 // indirect
github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
github.com/microsoft/kiota-serialization-form-go v1.0.0 // indirect
github.com/microsoft/kiota-serialization-text-go v1.0.0 // indirect
github.com/microsoftgraph/msgraph-sdk-go-core v1.0.0
Expand All @@ -84,36 +85,36 @@ require (
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/client_model v0.3.0 // indirect
github.com/prometheus/common v0.37.0 // indirect
github.com/prometheus/procfs v0.8.0 // indirect
github.com/prometheus/client_model v0.6.0 // indirect
github.com/prometheus/common v0.45.0 // indirect
github.com/prometheus/procfs v0.12.0 // indirect
github.com/smartystreets/goconvey v1.7.2 // indirect
github.com/stretchr/testify v1.8.4 // indirect
github.com/yosida95/uritemplate/v3 v3.0.2 // indirect
go.opentelemetry.io/otel/sdk v1.14.0 // indirect
go.opentelemetry.io/otel/sdk/metric v0.37.0
go.opentelemetry.io/otel/trace v1.15.1 // indirect
go.uber.org/atomic v1.10.0 // indirect
go.uber.org/multierr v1.8.0 // indirect
go.uber.org/zap v1.24.0 // indirect
go.opentelemetry.io/otel/sdk v1.24.0 // indirect
go.opentelemetry.io/otel/sdk/metric v1.24.0
go.opentelemetry.io/otel/trace v1.24.0 // indirect
go.uber.org/atomic v1.11.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.26.0 // indirect
golang.org/x/crypto v0.22.0 // indirect
golang.org/x/net v0.24.0 // indirect; GO-2024-2687
golang.org/x/oauth2 v0.7.0 // indirect
golang.org/x/oauth2 v0.12.0 // indirect
golang.org/x/sys v0.19.0 // indirect
golang.org/x/term v0.19.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.3.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.2.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.33.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
k8s.io/apiextensions-apiserver v0.26.10 // indirect
k8s.io/component-base v0.26.10 // indirect
k8s.io/klog/v2 v2.80.1 // indirect
k8s.io/kube-openapi v0.0.0-20221012153701-172d655c2280 // indirect
sigs.k8s.io/json v0.0.0-20220713155537-f223a00ba0e2 // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.2.3 // indirect
sigs.k8s.io/yaml v1.3.0 // indirect
k8s.io/apiextensions-apiserver v0.29.2 // indirect
k8s.io/component-base v0.29.2 // indirect
k8s.io/klog/v2 v2.110.1 // indirect
k8s.io/kube-openapi v0.0.0-20231010175941-2dd684a91f00 // indirect
sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
sigs.k8s.io/yaml v1.4.0 // indirect
)
Loading

0 comments on commit 2a3942e

Please sign in to comment.