Upgrade various k8s.io + kubebuilder dependencies

.github/workflows/go.yml

@@ -7,10 +7,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
-    - name: Set up Go 1.18
+    - name: Set up Go 1.20
       uses: actions/setup-go@v1
       with:
-        go-version: 1.18
+        go-version: 1.20
       id: go
 
     - name: Check out code into the Go module directory
@@ -19,8 +19,9 @@ jobs:
     - name: Get dependencies
       run: |
         go mod download
-        curl -sL https://github.com/kubernetes-sigs/kubebuilder/releases/download/v2.2.0/kubebuilder_2.2.0_linux_amd64.tar.gz | tar -xz -C /tmp/
-        sudo mv /tmp/kubebuilder_2.2.0_linux_amd64 /usr/local/kubebuilder
+        curl -L -o /tmp/kubebuilder https://github.com/kubernetes-sigs/kubebuilder/releases/download/v3.11.1/kubebuilder_linux_amd64
+        sudo mv /tmp/kubebuilder /usr/local/kubebuilder
+
 
         cd coredns-plugin && go get -v -t -d ./...
 
@@ -31,4 +32,13 @@ jobs:
       run: cd coredns-plugin && go build -o coredns ./cmd
 
     - name: Test
-      run: go test ./... -ginkgo.v -v
+      run: |
+        # make sure Go binaries are in PATH
+        export PATH=${PATH}:$(go env GOPATH)/bin
+
+        # install K8s testing components (apiserver etc)
+        go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
+
+
+        # populate KUBEBUILDER_ASSETS env var
+        KUBEBUILDER_ASSETS=$(setup-envtest use -p path) go test ./... -ginkgo.v -v

Dockerfile

@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM golang:1.13 as builder
+FROM golang:1.20 as builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests

config/crd/bases/egress.monzo.com_externalservices.yaml

@@ -1,10 +1,10 @@
 
 ---
-apiVersion: apiextensions.k8s.io/v1beta1
+apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.2.4
+    controller-gen.kubebuilder.io/version: v0.4.0
   creationTimestamp: null
   name: externalservices.egress.monzo.com
 spec:
@@ -15,90 +15,125 @@ spec:
     plural: externalservices
     singular: externalservice
   scope: Cluster
-  validation:
-    openAPIV3Schema:
-      description: ExternalService is the Schema for the externalservices API
-      properties:
-        apiVersion:
-          description: 'APIVersion defines the versioned schema of this representation
-            of an object. Servers should convert recognized schemas to the latest
-            internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-          type: string
-        kind:
-          description: 'Kind is a string value representing the REST resource this
-            object represents. Servers may infer this from the endpoint the client
-            submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-          type: string
-        metadata:
-          type: object
-        spec:
-          description: ExternalServiceSpec defines the desired state of ExternalService
-          properties:
-            dnsName:
-              description: DnsName is a DNS name target for the external service
-              type: string
-            hijackDns:
-              description: 'If true, add a `egress.monzo.com/hijack-dns: true` label
-                to produced Service objects CoreDNS can watch this label and decide
-                to rewrite DnsName -> clusterIP'
-              type: boolean
-            maxReplicas:
-              description: MaxReplicas is the maximum number of gateways to run, enforced
-                by HorizontalPodAutoscaler. Defaults to 12
-              format: int32
-              type: integer
-            minReplicas:
-              description: MinReplicas is the minimum number of gateways to run. Defaults
-                to 3
-              format: int32
-              type: integer
-            ports:
-              description: Ports is a list of ports on which the external service
-                may be called
-              items:
-                properties:
-                  port:
-                    description: The port on the given protocol.
-                    format: int32
-                    type: integer
-                  protocol:
-                    description: The protocol (TCP or UDP) which traffic must match.
-                      If not specified, this field defaults to TCP.
-                    type: string
-                type: object
-              type: array
-            resources:
-              description: ResourceRequirements describes the compute resource requirements
-                for gateway pods. Defaults to 100m, 50Mi, 2, 1Gi
-              properties:
-                limits:
-                  additionalProperties:
-                    type: string
-                  description: 'Limits describes the maximum amount of compute resources
-                    allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
-                  type: object
-                requests:
-                  additionalProperties:
-                    type: string
-                  description: 'Requests describes the minimum amount of compute resources
-                    required. If Requests is omitted for a container, it defaults
-                    to Limits if that is explicitly specified, otherwise to an implementation-defined
-                    value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/'
-                  type: object
-              type: object
-            targetCPUUtilizationPercentage:
-              description: Target average CPU utilization (represented as a percentage
-                of requested CPU) over all the pods. Defaults to 50
-              format: int32
-              type: integer
-          type: object
-        status:
-          description: ExternalServiceStatus defines the observed state of ExternalService
-          type: object
-      type: object
-  version: v1
   versions:
   - name: v1
+    schema:
+      openAPIV3Schema:
+        description: ExternalService is the Schema for the externalservices API
+        properties:
+          apiVersion:
+            description: 'APIVersion defines the versioned schema of this representation
+              of an object. Servers should convert recognized schemas to the latest
+              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
+            type: string
+          kind:
+            description: 'Kind is a string value representing the REST resource this
+              object represents. Servers may infer this from the endpoint the client
+              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
+            type: string
+          metadata:
+            type: object
+          spec:
+            description: ExternalServiceSpec defines the desired state of ExternalService
+            properties:
+              dnsName:
+                description: DnsName is a DNS name target for the external service
+                type: string
+              hijackDns:
+                description: 'If true, add a `egress.monzo.com/hijack-dns: true` label
+                  to produced Service objects CoreDNS can watch this label and decide
+                  to rewrite DnsName -> clusterIP'
+                type: boolean
+              ipOverride:
+                description: When set allows overwriting the A records of the DNS
+                  being overridden.
+                items:
+                  type: string
+                type: array
+              maxReplicas:
+                description: MaxReplicas is the maximum number of gateways to run,
+                  enforced by HorizontalPodAutoscaler. Defaults to 12
+                format: int32
+                type: integer
+              minReplicas:
+                description: MinReplicas is the minimum number of gateways to run.
+                  Defaults to 3
+                format: int32
+                type: integer
+              ports:
+                description: Ports is a list of ports on which the external service
+                  may be called
+                items:
+                  properties:
+                    port:
+                      description: The port on the given protocol.
+                      format: int32
+                      type: integer
+                    protocol:
+                      description: The protocol (TCP or UDP) which traffic must match.
+                        If not specified, this field defaults to TCP.
+                      type: string
+                  type: object
+                type: array
+              resources:
+                description: ResourceRequirements describes the compute resource requirements
+                  for gateway pods. Defaults to 100m, 50Mi, 2, 1Gi
+                properties:
+                  claims:
+                    description: "Claims lists the names of resources, defined in
+                      spec.resourceClaims, that are used by this container. \n This
+                      is an alpha field and requires enabling the DynamicResourceAllocation
+                      feature gate. \n This field is immutable. It can only be set
+                      for containers."
+                    items:
+                      description: ResourceClaim references one entry in PodSpec.ResourceClaims.
+                      properties:
+                        name:
+                          description: Name must match the name of one entry in pod.spec.resourceClaims
+                            of the Pod where this field is used. It makes that resource
+                            available inside a container.
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Limits describes the maximum amount of compute resources
+                      allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    description: 'Requests describes the minimum amount of compute
+                      resources required. If Requests is omitted for a container,
+                      it defaults to Limits if that is explicitly specified, otherwise
+                      to an implementation-defined value. Requests cannot exceed Limits.
+                      More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
+                    type: object
+                type: object
+              targetCPUUtilizationPercentage:
+                description: Target average CPU utilization (represented as a percentage
+                  of requested CPU) over all the pods. Defaults to 50
+                format: int32
+                type: integer
+            type: object
+          status:
+            description: ExternalServiceStatus defines the observed state of ExternalService
+            type: object
+        type: object
     served: true
     storage: true
 status:

controllers/deployment.go

@@ -148,7 +148,7 @@ func deployment(es *egressv1.ExternalService, configHash string) *appsv1.Deploym
 							// Copying istio; don't try drain outbound listeners, but after going into terminating state,
 							// wait 25 seconds for connections to naturally close before going ahead with stop.
 							Lifecycle: &corev1.Lifecycle{
-								PreStop: &corev1.Handler{
+								PreStop: &corev1.LifecycleHandler{
 									Exec: &corev1.ExecAction{
 										Command: []string{"/bin/sleep", "25"},
 									},
@@ -157,7 +157,7 @@ func deployment(es *egressv1.ExternalService, configHash string) *appsv1.Deploym
 							TerminationMessagePath:   corev1.TerminationMessagePathDefault,
 							TerminationMessagePolicy: corev1.TerminationMessageReadFile,
 							ReadinessProbe: &corev1.Probe{
-								Handler: corev1.Handler{
+								ProbeHandler: corev1.ProbeHandler{
 									HTTPGet: &corev1.HTTPGetAction{
 										Path:   "/ready",
 										Port:   intstr.FromInt(int(adPort)),

controllers/externalservice_controller.go

@@ -43,8 +43,7 @@ type ExternalServiceReconciler struct {
 // +kubebuilder:rbac:groups=egress.monzo.com,resources=externalservices,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=egress.monzo.com,resources=externalservices/status,verbs=get;update;patch
 
-func (r *ExternalServiceReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
-	ctx := context.Background()
+func (r *ExternalServiceReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	log := r.Log.WithValues("externalservice", req.NamespacedName)
 
 	es := &egressv1.ExternalService{}
@@ -129,7 +128,7 @@ func ignoreNotFound(err error) error {
 
 var emptyPatch = []byte("{}")
 
-func (r *ExternalServiceReconciler) patchIfNecessary(ctx context.Context, obj runtime.Object, patch client.Patch, opts ...client.PatchOption) error {
+func (r *ExternalServiceReconciler) patchIfNecessary(ctx context.Context, obj client.Object, patch client.Patch, opts ...client.PatchOption) error {
 	data, err := patch.Data(obj)
 	if err != nil {
 		return err