Update dependencies and fix multi-arch image support

Author: alex-berger

.github/workflows/build.yaml

@@ -13,39 +13,40 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
       - name: Restore Go cache
-        uses: actions/cache@v1
+        uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
           restore-keys: |
             ${{ runner.os }}-go-
       - name: Setup Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
-          go-version: 1.18.x
+          go-version: 1.19.x
       - name: Setup Kubernetes
-        uses: engineerd/setup-kind@v0.5.0
+        uses: helm/kind-action@v1.5.0
         with:
-          version: "v0.12.0"
-          image: "kindest/node:v1.23.4@sha256:0e34f0d0fd448aa2f2819cfd74e99fe5793a6e4938b328f657c8e3f81ee0dfb9"
+          version: v0.17.0 # https://github.com/kubernetes-sigs/kind/releases
+          node_image: "kindest/node:v1.25.3@sha256:f52781bc0d7a19fb6c405c2af83abfeb311f130707a0e219175677e366cc45d1"
+          cluster_name: kind
       - name: Setup Helm
         uses: fluxcd/pkg/actions/helm@main
         with:
-          version: "3.8.1"
+          version: "3.10.0"
       - name: Setup Kustomize
         uses: fluxcd/pkg/actions/kustomize@main
         with:
-          version: "4.5.4"
+          version: "4.5.7"
       - name: Setup Kubebuilder
         uses: RyanSiu1995/[email protected]
         with:
-          version: "3.3.0"
+          version: "3.9.0"
       - name: Setup Kubectl
         uses: fluxcd/pkg/actions/kubectl@main
         with:
-          version: "1.23.4"
+          version: "1.26.0"
       - name: Run tests
         run: make test
         env:

.github/workflows/publish.yml

@@ -16,65 +16,64 @@ jobs:
       DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
-      - name: DockerTag
-        id: docker-tag
-        uses: yuya-takeyama/docker-tag-from-github-ref-action@v1
+        uses: actions/checkout@v3
+      - name: Extract VERSION from GITHUB_REF
+        run: TAG_NAME="${GITHUB_REF#refs/*/}"; echo "VERSION=${TAG_NAME#v}" >> $GITHUB_ENV
       - name: Set up QEMU
         id: qemu
-        uses: docker/setup-qemu-action@v1
+        uses: docker/setup-qemu-action@v2
         with:
           image: tonistiigi/binfmt:latest
           platforms: all
       - name: Available platforms
         run: echo ${{ steps.qemu.outputs.platforms }}
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
+        uses: docker/setup-buildx-action@v2
       - name: Login to DockerHub
-        uses: docker/login-action@v1
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
       - name: Build and push
         id: docker_build
-        uses: docker/build-push-action@v2
+        uses: docker/build-push-action@v3
         with:
           context: .
           file: Dockerfile
           platforms: linux/amd64,linux/arm64
           push: true
           tags: |
-            rustrial/k8s-gitops-secrets-controller:${{ steps.docker-tag.outputs.tag }}
+            rustrial/k8s-gitops-secrets-controller:${{env.VERSION}}
   test-chart:
     name: install-chart
     runs-on: ubuntu-latest
     needs:
       - publish-oci-images
     strategy:
       matrix:
-        k8s:
-          - v1.20.15
-          - v1.21.2
-          - v1.22.7
-          - v1.23.4
+        k8s: # Must be available from https://github.com/kubernetes-sigs/kind/releases
+          - v1.22.15
+          - v1.23.13
+          - v1.24.7
+          - v1.25.3
     steps:
       - name: Checkout
-        uses: actions/checkout@v1
-      - name: DockerTag
-        id: docker-tag
-        uses: yuya-takeyama/docker-tag-from-github-ref-action@v1
+        uses: actions/checkout@v3
+      - name: Extract VERSION from GITHUB_REF
+        run: TAG_NAME="${GITHUB_REF#refs/*/}"; echo "VERSION=${TAG_NAME#v}" >> $GITHUB_ENV
       - name: Set up Helm
         uses: azure/setup-helm@v1
         with:
-          version: v3.8.1
+          version: v3.10.0
       - name: Run chart-testing (lint)
         run: (cd charts/k8s-gitops-secrets-controller && helm lint .)
       - name: Create kind ${{ matrix.k8s }} cluster
-        uses: helm/kind-action@v1.2.0
+        uses: helm/kind-action@v1.5.0
         with:
+          version: v0.17.0 # https://github.com/kubernetes-sigs/kind/releases
           node_image: kindest/node:${{ matrix.k8s }}
       - name: Install chart
-        run: (cd charts/k8s-gitops-secrets-controller && helm install k8s-gitops-secrets-controller . -n k8s-gitops-secrets-system --create-namespace --wait --set fullnameOverride=k8s-gitops-secrets-controller-manager --set-string image.tag=${{ steps.docker-tag.outputs.tag }})
+        run: (cd charts/k8s-gitops-secrets-controller && helm install k8s-gitops-secrets-controller . -n k8s-gitops-secrets-system --create-namespace --wait --set fullnameOverride=k8s-gitops-secrets-controller-manager --set-string image.tag=${{env.VERSION}})
       - name: Tests
         run: ./.github/e2e-tests.sh
   create-release:
@@ -85,7 +84,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: "✏️ Generate release changelog"
@@ -97,19 +96,19 @@ jobs:
           #stripHeaders: "true"
           #stripGeneratorNotice: "true"
       - name: Restore Go cache
-        uses: actions/cache@v1
+        uses: actions/cache@v3
         with:
           path: ~/go/pkg/mod
           key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
           restore-keys: |
             ${{ runner.os }}-go-
       - name: Setup Go
-        uses: actions/setup-go@v2
+        uses: actions/setup-go@v3
         with:
-          go-version: 1.18.x
+          go-version: 1.19.x
       - name: Build seals CLI
         run: make cli
-      - name: Set TAG_NAME
+      - name: Extract TAG_NAME from GITHUB_REF
         run: echo "TAG_NAME=${GITHUB_REF#refs/*/}" >> $GITHUB_ENV
       - name: "🚀 Create GitHub release"
         id: create_release
@@ -185,7 +184,7 @@ jobs:
       CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
     steps:
       - name: Checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Configure Git
@@ -195,7 +194,7 @@ jobs:
       - name: Install Helm
         uses: azure/setup-helm@v1
         with:
-          version: v3.8.1
+          version: v3.10.0
       - name: Install CR
         run: .github/install-cr.sh
       - name: Update Helm Chart versions

.gitignore

@@ -26,4 +26,8 @@ testbin/*
 *~
 
 .kube-config
-.dccache
+.dccache
+.vscode/configurationCache.log
+.vscode/dryrun.log
+.vscode/settings.json
+.vscode/targets.log

Dockerfile

@@ -1,5 +1,13 @@
 # Build the manager binary
-FROM golang:1.18 as builder
+FROM golang:1.19 as builder
+
+ARG TARGETARCH
+
+ARG TARGETOS
+
+ENV GOARCH=${TARGETARCH}
+
+ENV GOOS=${TARGETOS}
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
@@ -16,7 +24,7 @@ COPY controllers/ controllers/
 COPY internal/ internal/
 
 # Build
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 GO111MODULE=on go build -a -o manager main.go
+RUN CGO_ENABLED=0 GO111MODULE=on go build -a -o manager main.go
 
 # Use distroless as minimal base image to package the manager binary
 # Refer to https://github.com/GoogleContainerTools/distroless for more details

Makefile

@@ -17,7 +17,7 @@ all: manager api-docs seals charts
 ENVTEST_ASSETS_DIR=$(shell pwd)/testbin
 test: generate fmt vet manifests
 	mkdir -p ${ENVTEST_ASSETS_DIR}
-	test -f ${ENVTEST_ASSETS_DIR}/setup-envtest.sh || curl -sSLo ${ENVTEST_ASSETS_DIR}/setup-envtest.sh https://raw.githubusercontent.com/kubernetes-sigs/controller-runtime/v0.9.5/hack/setup-envtest.sh
+	test -f ${ENVTEST_ASSETS_DIR}/setup-envtest.sh || curl -sSLo ${ENVTEST_ASSETS_DIR}/setup-envtest.sh https://raw.githubusercontent.com/kubernetes-sigs/controller-runtime/v0.14.1/hack/setup-envtest.sh
 	source ${ENVTEST_ASSETS_DIR}/setup-envtest.sh; fetch_envtest_tools $(ENVTEST_ASSETS_DIR); setup_envtest_env $(ENVTEST_ASSETS_DIR); go test ./... -coverprofile cover.out
 
 # Build manager binary
@@ -96,7 +96,7 @@ ifeq (, $(shell which controller-gen))
 	CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
 	cd $$CONTROLLER_GEN_TMP_DIR ;\
 	go mod init tmp ;\
-	go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.8.0 ;\
+	go install sigs.k8s.io/controller-tools/cmd/controller-gen@v0.11.1 ;\
 	rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
 	}
 CONTROLLER_GEN=$(GOBIN)/controller-gen
@@ -110,7 +110,7 @@ endif
 # Download kustomize locally if necessary
 KUSTOMIZE = $(shell pwd)/bin/kustomize
 kustomize:
-	$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.8.7)
+	$(call go-get-tool,$(KUSTOMIZE),sigs.k8s.io/kustomize/kustomize/v3@v3.10.0)
 
 charts: manifests
 	cp config/crd/bases/* charts/k8s-gitops-secrets-controller/crds

apis/secrets/v1beta1/groupversion_info.go

@@ -15,8 +15,8 @@ limitations under the License.
 */
 
 // Package v1beta1 contains API Schema definitions for the secrets v1beta1 API group
-//+kubebuilder:object:generate=true
-//+groupName=secrets.rustrial.org
+// +kubebuilder:object:generate=true
+// +groupName=secrets.rustrial.org
 package v1beta1
 
 import (

charts/k8s-gitops-secrets-controller/crds/secrets.rustrial.org_keyencryptionkeypolicies.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
+    controller-gen.kubebuilder.io/version: v0.11.1
   creationTimestamp: null
   name: keyencryptionkeypolicies.secrets.rustrial.org
 spec:
@@ -59,9 +59,3 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []

charts/k8s-gitops-secrets-controller/crds/secrets.rustrial.org_sealedsecrets.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
+    controller-gen.kubebuilder.io/version: v0.11.1
   creationTimestamp: null
   name: sealedsecrets.secrets.rustrial.org
 spec:
@@ -166,8 +166,8 @@ spec:
                   description: "Condition contains details for one aspect of the current
                     state of this API Resource. --- This struct is intended for direct
                     use as an array at the field path .status.conditions.  For example,
-                    type FooStatus struct{ // Represents the observations of a foo's
-                    current state. // Known .status.conditions.type are: \"Available\",
+                    \n type FooStatus struct{ // Represents the observations of a
+                    foo's current state. // Known .status.conditions.type are: \"Available\",
                     \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
                     // +listType=map // +listMapKey=type Conditions []metav1.Condition
                     `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
@@ -235,9 +235,3 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []

config/crd/bases/secrets.rustrial.org_keyencryptionkeypolicies.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
+    controller-gen.kubebuilder.io/version: v0.11.1
   creationTimestamp: null
   name: keyencryptionkeypolicies.secrets.rustrial.org
 spec:
@@ -59,9 +59,3 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []

config/crd/bases/secrets.rustrial.org_sealedsecrets.yaml

@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.8.0
+    controller-gen.kubebuilder.io/version: v0.11.1
   creationTimestamp: null
   name: sealedsecrets.secrets.rustrial.org
 spec:
@@ -166,8 +166,8 @@ spec:
                   description: "Condition contains details for one aspect of the current
                     state of this API Resource. --- This struct is intended for direct
                     use as an array at the field path .status.conditions.  For example,
-                    type FooStatus struct{ // Represents the observations of a foo's
-                    current state. // Known .status.conditions.type are: \"Available\",
+                    \n type FooStatus struct{ // Represents the observations of a
+                    foo's current state. // Known .status.conditions.type are: \"Available\",
                     \"Progressing\", and \"Degraded\" // +patchMergeKey=type // +patchStrategy=merge
                     // +listType=map // +listMapKey=type Conditions []metav1.Condition
                     `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
@@ -235,9 +235,3 @@ spec:
     storage: true
     subresources:
       status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []

controllers/secrets/suite_test.go

@@ -26,7 +26,7 @@ import (
 	"k8s.io/client-go/rest"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/envtest"
-	"sigs.k8s.io/controller-runtime/pkg/envtest/printer"
+
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 
@@ -46,7 +46,7 @@ func TestAPIs(t *testing.T) {
 
 	RunSpecsWithDefaultAndCustomReporters(t,
 		"Controller Suite",
-		[]Reporter{printer.NewlineReporter{}})
+		[]Reporter{})
 }
 
 var _ = BeforeSuite(func() {