diff --git a/.github/scripts/generate-helm-docs.sh b/.github/scripts/generate-helm-docs.sh index ac4b70242..33d884d35 100755 --- a/.github/scripts/generate-helm-docs.sh +++ b/.github/scripts/generate-helm-docs.sh @@ -9,7 +9,7 @@ # Node >=16 # renovate: datasource=github-releases depName=bitnami-labs/readme-generator-for-helm -GENERATOR_VERSION="2.6.1" +GENERATOR_VERSION="2.7.0" echo "Checking if readme generator is installed already..." if [[ $(npm list -g | grep -c "readme-generator-for-helm@${GENERATOR_VERSION}") -eq 0 ]]; then diff --git a/.github/scripts/strip-kustomize-helm.sh b/.github/scripts/strip-kustomize-helm.sh index 62e47a015..abb829cfb 100755 --- a/.github/scripts/strip-kustomize-helm.sh +++ b/.github/scripts/strip-kustomize-helm.sh @@ -8,6 +8,7 @@ echo 'Running strip-kustomize-helm.sh script' CHARTS_DIR='./chart/open-feature-operator/templates' + # Careful! Ordering of these expressions matter! sed_expressions=( "s/___newline___/\\n/g" @@ -17,9 +18,16 @@ sed_expressions=( "/___delete_me___/d" "s/___//g" ) + find $CHARTS_DIR -name "*.yaml" | while read file; do for expr in "${sed_expressions[@]}"; do - sed -i "$expr" "$file" + if [[ "$OSTYPE" == "darwin"* ]]; then + # macOS (BSD) version + sed -i '' "$expr" "$file" + else + # Linux (GNU) version + sed -i "$expr" "$file" + fi done done diff --git a/.github/workflows/dco-merge-group.yml b/.github/workflows/dco-merge-group.yml new file mode 100644 index 000000000..0241f80a8 --- /dev/null +++ b/.github/workflows/dco-merge-group.yml @@ -0,0 +1,12 @@ +name: DCO +on: + merge_group: + +# Workaround because the DCO app doesn't run on a merge_group trigger +# https://github.com/dcoapp/app/pull/200 +jobs: + DCO: + runs-on: ubuntu-latest + if: ${{ github.actor != 'renovate[bot]' }} + steps: + - run: echo "dummy DCO workflow (it won't run any check actually) to trigger by merge_group in order to enable merge queue" diff --git a/.github/workflows/e2e.yml b/.github/workflows/e2e.yml index 88ff24ca5..1131d1451 100644 --- a/.github/workflows/e2e.yml +++ b/.github/workflows/e2e.yml @@ -64,7 +64,7 @@ jobs: - name: Upload cluster logs if: failure() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: e2e-tests path: .github/scripts/logs diff --git a/.github/workflows/pr-checks.yml b/.github/workflows/pr-checks.yml index e01476a0d..613607c1d 100644 --- a/.github/workflows/pr-checks.yml +++ b/.github/workflows/pr-checks.yml @@ -4,11 +4,14 @@ on: push: branches: - main - paths-ignore: - - '**.md' pull_request: - paths-ignore: - - '**.md' + types: + - opened + - synchronize + - reopened + branches: + - main + merge_group: permissions: contents: read @@ -66,7 +69,7 @@ jobs: id: buildx uses: docker/setup-buildx-action@v3 - name: Build - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6 with: builder: ${{ steps.buildx.outputs.name }} context: . @@ -75,7 +78,7 @@ jobs: cache-from: type=gha,scope=${{ github.ref_name }}-ofo cache-to: type=gha,scope=${{ github.ref_name }}-ofo - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.29.0 with: input: ${{ github.workspace }}/open-feature-operator-local.tar format: "sarif" diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 90ca1c858..1480cbdb7 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -32,8 +32,9 @@ jobs: id: release with: command: manifest - token: ${{secrets.GITHUB_TOKEN}} + token: ${{secrets.RELEASE_PLEASE_ACTION_TOKEN}} default-branch: main + signoff: "OpenFeature Bot <109696520+openfeaturebot@users.noreply.github.com>" outputs: release_created: ${{ steps.release.outputs.release_created }} @@ -52,7 +53,7 @@ jobs: ref: ${{ needs.release-please.outputs.release_tag_name }} - name: Log in to the Container registry - uses: docker/login-action@06895751d15a223ec091bea144ad5c7f50d228d0 + uses: docker/login-action@327cd5a69de6c009b9ce71bce8395f28e651bf99 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -74,7 +75,7 @@ jobs: uses: docker/setup-buildx-action@master - name: Build - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v6 with: builder: ${{ steps.buildx.outputs.name }} context: . diff --git a/.github/workflows/validate-helm-docs.yml b/.github/workflows/validate-helm-docs.yml index c168ad399..05628f3ed 100644 --- a/.github/workflows/validate-helm-docs.yml +++ b/.github/workflows/validate-helm-docs.yml @@ -17,7 +17,7 @@ jobs: uses: actions/checkout@v4 - name: Set up Node - uses: actions/setup-node@v4.0.3 + uses: actions/setup-node@v4.2.0 with: node-version: 16 diff --git a/.gitignore b/.gitignore index e0096d84a..fa567928e 100644 --- a/.gitignore +++ b/.gitignore @@ -34,3 +34,5 @@ testbin/* go.work go.work.sum + +dist diff --git a/.release-please-manifest.json b/.release-please-manifest.json index dc562d549..9f21bb8d6 100644 --- a/.release-please-manifest.json +++ b/.release-please-manifest.json @@ -1,4 +1,4 @@ { - ".": "0.8.4", + ".": "0.8.5", "apis": "0.2.45" } diff --git a/CHANGELOG.md b/CHANGELOG.md index bc0947feb..9ad883590 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,26 @@ # Changelog +## [0.8.5](https://github.com/open-feature/open-feature-operator/compare/v0.8.4...v0.8.5) (2025-01-31) + + +### ๐Ÿ› Bug Fixes + +* **deps:** update open-feature/flagd ([#736](https://github.com/open-feature/open-feature-operator/issues/736)) ([9eb1ca8](https://github.com/open-feature/open-feature-operator/commit/9eb1ca8bebe6cfc5d33a905e610ea8a908381740)) + + +### ๐Ÿงน Chore + +* **deps:** update actions/setup-node action to v4.2.0 ([#737](https://github.com/open-feature/open-feature-operator/issues/737)) ([15d55c5](https://github.com/open-feature/open-feature-operator/commit/15d55c587d6edee562bd86564fa60bb559eed132)) +* **deps:** update aquasecurity/trivy-action action to v0.29.0 ([#738](https://github.com/open-feature/open-feature-operator/issues/738)) ([8ac429b](https://github.com/open-feature/open-feature-operator/commit/8ac429beeced6d06883fa66de0e9a50819986f69)) +* **deps:** update busybox docker tag to v1.37.0 ([#739](https://github.com/open-feature/open-feature-operator/issues/739)) ([740205f](https://github.com/open-feature/open-feature-operator/commit/740205fc2a6a89dcf2572d9f604f7ba69afc6573)) +* **deps:** update curlimages/curl docker tag to v8.11.1 ([#703](https://github.com/open-feature/open-feature-operator/issues/703)) ([383c116](https://github.com/open-feature/open-feature-operator/commit/383c1168d4640d2fe57782982829f68d349b1828)) +* **deps:** update dependency bitnami-labs/readme-generator-for-helm to v2.7.0 ([#741](https://github.com/open-feature/open-feature-operator/issues/741)) ([963d155](https://github.com/open-feature/open-feature-operator/commit/963d155d0a847718a9bde15b6e90e56b09812ebb)) +* **deps:** update docker/build-push-action action to v6 ([#694](https://github.com/open-feature/open-feature-operator/issues/694)) ([3d2ddfe](https://github.com/open-feature/open-feature-operator/commit/3d2ddfe8d6b2b9b31ba6100f008d079b5e42d19c)) +* **deps:** update docker/login-action digest to 327cd5a ([#728](https://github.com/open-feature/open-feature-operator/issues/728)) ([0038e45](https://github.com/open-feature/open-feature-operator/commit/0038e45a72f088976378d647d2ccf721182e0318)) +* **deps:** update golang docker tag to v1.23.5 ([#481](https://github.com/open-feature/open-feature-operator/issues/481)) ([06f43a9](https://github.com/open-feature/open-feature-operator/commit/06f43a9241fda9700ef6d6361a65dc50fac7ecb3)) +* remove rbac-proxy values and doc ([#742](https://github.com/open-feature/open-feature-operator/issues/742)) ([def1434](https://github.com/open-feature/open-feature-operator/commit/def14340603c2c9976e3a6142ab494764933f682)) +* replace deprecated gcr.io/kubebuilder/kube-rbac-proxy ([#733](https://github.com/open-feature/open-feature-operator/issues/733)) ([5358d1e](https://github.com/open-feature/open-feature-operator/commit/5358d1eacfd44cf01016c4bc6f68c496e757354f)) + ## [0.8.4](https://github.com/open-feature/open-feature-operator/compare/v0.8.3...v0.8.4) (2025-01-13) diff --git a/Dockerfile b/Dockerfile index 0e7bc890b..05d540745 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM --platform=$BUILDPLATFORM golang:1.23.3-alpine3.20 AS builder +FROM --platform=$BUILDPLATFORM golang:1.23.5-alpine3.20 AS builder WORKDIR /workspace # Copy the Go Modules manifests @@ -7,21 +7,23 @@ COPY go.mod go.mod COPY go.sum go.sum # Copy the go source -COPY main.go main.go -COPY apis/ apis/ -COPY webhooks/ webhooks/ -COPY controllers/ controllers/ -COPY common/ common/ +COPY cmd/ cmd/ +COPY api/ api/ +COPY internal/ internal/ # cache deps before building and copying source so that we don't need to re-download as much # and so that source changes don't invalidate our downloaded layer -RUN go work init . ./apis && go mod download +RUN go work init . ./api && go mod download ARG TARGETOS ARG TARGETARCH # Build -RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -a -o manager main.go +# the GOARCH has not a default value to allow the binary be built according to the host where the command +# was called. For example, if we call make docker-build in a local env which has the Apple Silicon M1 SO +# the docker BUILDPLATFORM arg will be linux/arm64 when for Apple x86 it will be linux/amd64. Therefore, +# by leaving it empty we can ensure that the container and binary shipped on it will have the same platform. +RUN CGO_ENABLED=0 GOOS=${TARGETOS:-linux} GOARCH=${TARGETARCH} go build -a -o manager cmd/main.go # Use distroless as minimal base image to package the manager binary # Refer to https://github.com/GoogleContainerTools/distroless for more details diff --git a/Makefile b/Makefile index 7efde0d17..3b203f393 100644 --- a/Makefile +++ b/Makefile @@ -6,7 +6,7 @@ ARCH?=amd64 IMG?=$(RELEASE_REGISTRY)/$(RELEASE_IMAGE) # customize overlay to be used in the build, DEFAULT or HELM KUSTOMIZE_OVERLAY ?= DEFAULT -CHART_VERSION=v0.8.4# x-release-please-version +CHART_VERSION=v0.8.5# x-release-please-version # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary. ENVTEST_K8S_VERSION = 1.26.1 WAIT_TIMEOUT_SECONDS?=60 @@ -65,8 +65,8 @@ vet: ## Run go vet against code. go vet ./... .PHONY: unit-test -unit-test: manifests fmt vet generate envtest ## Run tests. - cd apis && go test ./... -v -coverprofile ../cover-apis.out cover-main.out cover-pkg.out +unit-test: manifests generate envtest fmt vet ## Run tests. + cd api && go test ./... -v -coverprofile ../cover-apis.out cover-main.out cover-pkg.out go test ./... -v -coverprofile cover-operator.out sed -i '/mode: set/d' "cover-operator.out" sed -i '/mode: set/d' "cover-apis.out" @@ -112,12 +112,12 @@ generate-crdocs: kustomize crdocs ##@ Build .PHONY: build -build: generate fmt vet ## Build manager binary. - go build -o bin/manager main.go +build: manifests generate fmt vet ## Build manager binary. + go build -o bin/manager cmd/main.go .PHONY: run run: manifests generate fmt vet ## Run a controller from your host. - go run ./main.go + go run ./cmd/main.go .PHONY: docker-build docker-build: clean ## Build docker image with the manager. diff --git a/PROJECT b/PROJECT index 1505d68f1..dbd4fd509 100644 --- a/PROJECT +++ b/PROJECT @@ -4,8 +4,10 @@ # More info: https://book.kubebuilder.io/reference/project-config.html domain: openfeature.dev layout: -- go.kubebuilder.io/v3 +- go.kubebuilder.io/v4 multigroup: true +plugins: + helm.kubebuilder.io/v1-alpha: {} projectName: open-feature-operator repo: github.com/open-feature/open-feature-operator resources: diff --git a/apis/CHANGELOG.md b/api/CHANGELOG.md similarity index 100% rename from apis/CHANGELOG.md rename to api/CHANGELOG.md diff --git a/apis/core/v1alpha1/featureflagconfiguration_types.go b/api/core/v1alpha1/featureflagconfiguration_types.go similarity index 100% rename from apis/core/v1alpha1/featureflagconfiguration_types.go rename to api/core/v1alpha1/featureflagconfiguration_types.go diff --git a/apis/core/v1alpha1/flagsourceconfiguration_types.go b/api/core/v1alpha1/flagsourceconfiguration_types.go similarity index 100% rename from apis/core/v1alpha1/flagsourceconfiguration_types.go rename to api/core/v1alpha1/flagsourceconfiguration_types.go diff --git a/apis/core/v1alpha1/groupversion_info.go b/api/core/v1alpha1/groupversion_info.go similarity index 100% rename from apis/core/v1alpha1/groupversion_info.go rename to api/core/v1alpha1/groupversion_info.go diff --git a/apis/core/v1alpha1/zz_generated.deepcopy.go b/api/core/v1alpha1/zz_generated.deepcopy.go similarity index 100% rename from apis/core/v1alpha1/zz_generated.deepcopy.go rename to api/core/v1alpha1/zz_generated.deepcopy.go diff --git a/apis/core/v1alpha2/featureflagconfiguration_types.go b/api/core/v1alpha2/featureflagconfiguration_types.go similarity index 100% rename from apis/core/v1alpha2/featureflagconfiguration_types.go rename to api/core/v1alpha2/featureflagconfiguration_types.go diff --git a/apis/core/v1alpha2/flagsourceconfiguration_types.go b/api/core/v1alpha2/flagsourceconfiguration_types.go similarity index 100% rename from apis/core/v1alpha2/flagsourceconfiguration_types.go rename to api/core/v1alpha2/flagsourceconfiguration_types.go diff --git a/apis/core/v1alpha2/groupversion_info.go b/api/core/v1alpha2/groupversion_info.go similarity index 100% rename from apis/core/v1alpha2/groupversion_info.go rename to api/core/v1alpha2/groupversion_info.go diff --git a/apis/core/v1alpha2/zz_generated.deepcopy.go b/api/core/v1alpha2/zz_generated.deepcopy.go similarity index 100% rename from apis/core/v1alpha2/zz_generated.deepcopy.go rename to api/core/v1alpha2/zz_generated.deepcopy.go diff --git a/apis/core/v1alpha3/flagsourceconfiguration_types.go b/api/core/v1alpha3/flagsourceconfiguration_types.go similarity index 100% rename from apis/core/v1alpha3/flagsourceconfiguration_types.go rename to api/core/v1alpha3/flagsourceconfiguration_types.go diff --git a/apis/core/v1alpha3/groupversion_info.go b/api/core/v1alpha3/groupversion_info.go similarity index 100% rename from apis/core/v1alpha3/groupversion_info.go rename to api/core/v1alpha3/groupversion_info.go diff --git a/apis/core/v1alpha3/zz_generated.deepcopy.go b/api/core/v1alpha3/zz_generated.deepcopy.go similarity index 100% rename from apis/core/v1alpha3/zz_generated.deepcopy.go rename to api/core/v1alpha3/zz_generated.deepcopy.go diff --git a/apis/core/v1beta1/common/common.go b/api/core/v1beta1/common/common.go similarity index 100% rename from apis/core/v1beta1/common/common.go rename to api/core/v1beta1/common/common.go diff --git a/apis/core/v1beta1/common/common_test.go b/api/core/v1beta1/common/common_test.go similarity index 100% rename from apis/core/v1beta1/common/common_test.go rename to api/core/v1beta1/common/common_test.go diff --git a/apis/core/v1beta1/featureflag_types.go b/api/core/v1beta1/featureflag_types.go similarity index 100% rename from apis/core/v1beta1/featureflag_types.go rename to api/core/v1beta1/featureflag_types.go diff --git a/apis/core/v1beta1/featureflag_types_test.go b/api/core/v1beta1/featureflag_types_test.go similarity index 100% rename from apis/core/v1beta1/featureflag_types_test.go rename to api/core/v1beta1/featureflag_types_test.go diff --git a/apis/core/v1beta1/featureflagsource_types.go b/api/core/v1beta1/featureflagsource_types.go similarity index 100% rename from apis/core/v1beta1/featureflagsource_types.go rename to api/core/v1beta1/featureflagsource_types.go diff --git a/apis/core/v1beta1/featureflagsource_types_test.go b/api/core/v1beta1/featureflagsource_types_test.go similarity index 100% rename from apis/core/v1beta1/featureflagsource_types_test.go rename to api/core/v1beta1/featureflagsource_types_test.go diff --git a/apis/core/v1beta1/flagd_types.go b/api/core/v1beta1/flagd_types.go similarity index 100% rename from apis/core/v1beta1/flagd_types.go rename to api/core/v1beta1/flagd_types.go diff --git a/apis/core/v1beta1/groupversion_info.go b/api/core/v1beta1/groupversion_info.go similarity index 100% rename from apis/core/v1beta1/groupversion_info.go rename to api/core/v1beta1/groupversion_info.go diff --git a/apis/core/v1beta1/inprocessconfiguration_types.go b/api/core/v1beta1/inprocessconfiguration_types.go similarity index 100% rename from apis/core/v1beta1/inprocessconfiguration_types.go rename to api/core/v1beta1/inprocessconfiguration_types.go diff --git a/apis/core/v1beta1/inprocessconfiguration_types_test.go b/api/core/v1beta1/inprocessconfiguration_types_test.go similarity index 100% rename from apis/core/v1beta1/inprocessconfiguration_types_test.go rename to api/core/v1beta1/inprocessconfiguration_types_test.go diff --git a/apis/core/v1beta1/zz_generated.deepcopy.go b/api/core/v1beta1/zz_generated.deepcopy.go similarity index 99% rename from apis/core/v1beta1/zz_generated.deepcopy.go rename to api/core/v1beta1/zz_generated.deepcopy.go index 682ba99fb..f1e132bbe 100644 --- a/apis/core/v1beta1/zz_generated.deepcopy.go +++ b/api/core/v1beta1/zz_generated.deepcopy.go @@ -24,7 +24,7 @@ import ( "encoding/json" "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" - "k8s.io/apimachinery/pkg/runtime" + runtime "k8s.io/apimachinery/pkg/runtime" apisv1 "sigs.k8s.io/gateway-api/apis/v1" ) diff --git a/apis/go.mod b/api/go.mod similarity index 58% rename from apis/go.mod rename to api/go.mod index 6b5e4cac8..9838aa4ca 100644 --- a/apis/go.mod +++ b/api/go.mod @@ -5,12 +5,12 @@ go 1.23.0 toolchain go1.23.3 require ( - github.com/open-feature/flagd-schemas v0.2.9-0.20240708163558-2aa89b314322 - github.com/stretchr/testify v1.9.0 + github.com/open-feature/flagd-schemas v0.2.9-0.20250127221449-bb763438abc5 + github.com/stretchr/testify v1.10.0 github.com/xeipuuv/gojsonschema v1.2.0 - k8s.io/api v0.31.4 - k8s.io/apimachinery v0.31.4 - sigs.k8s.io/controller-runtime v0.19.3 + k8s.io/api v0.32.1 + k8s.io/apimachinery v0.32.1 + sigs.k8s.io/controller-runtime v0.20.1 sigs.k8s.io/gateway-api v1.2.1 ) @@ -18,54 +18,58 @@ require ( github.com/beorn7/perks v1.0.1 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/emicklei/go-restful/v3 v3.12.0 // indirect + github.com/emicklei/go-restful/v3 v3.12.1 // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/fsnotify/fsnotify v1.8.0 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect github.com/go-logr/logr v1.4.2 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/swag v0.23.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect - github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/btree v1.1.3 // indirect + github.com/google/gnostic-models v0.6.9 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect + github.com/google/pprof v0.0.0-20250125003558-7fdb3d7e6fa0 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/imdario/mergo v0.3.16 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.7 // indirect + github.com/klauspost/compress v1.17.11 // indirect + github.com/mailru/easyjson v0.9.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_golang v1.20.5 // indirect github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/common v0.62.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect github.com/spf13/pflag v1.0.5 // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect - golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f // indirect - golang.org/x/net v0.30.0 // indirect - golang.org/x/oauth2 v0.21.0 // indirect - golang.org/x/sys v0.26.0 // indirect - golang.org/x/term v0.25.0 // indirect - golang.org/x/text v0.19.0 // indirect - golang.org/x/time v0.7.0 // indirect + golang.org/x/net v0.34.0 // indirect + golang.org/x/oauth2 v0.25.0 // indirect + golang.org/x/sync v0.10.0 // indirect + golang.org/x/sys v0.29.0 // indirect + golang.org/x/term v0.28.0 // indirect + golang.org/x/text v0.21.0 // indirect + golang.org/x/time v0.9.0 // indirect + golang.org/x/tools v0.29.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/protobuf v1.35.1 // indirect + google.golang.org/protobuf v1.36.4 // indirect + gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.31.1 // indirect - k8s.io/client-go v0.31.1 // indirect + k8s.io/apiextensions-apiserver v0.32.1 // indirect + k8s.io/client-go v0.32.1 // indirect k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect - k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 // indirect - sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect + k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect + k8s.io/utils v0.0.0-20241210054802-24370beab758 // indirect + sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/apis/go.sum b/api/go.sum similarity index 69% rename from apis/go.sum rename to api/go.sum index 606ad989a..171960566 100644 --- a/apis/go.sum +++ b/api/go.sum @@ -6,12 +6,14 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= -github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= +github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M= +github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= @@ -28,36 +30,38 @@ github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1v github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= -github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= +github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= +github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= +github.com/google/gnostic-models v0.6.9 h1:MU/8wDLif2qCXZmzncUQ/BOfxWfthHi63KqpoNbWqVw= +github.com/google/gnostic-models v0.6.9/go.mod h1:CiWsm0s6BSQd1hRn8/QmxqB6BesYcbSZxsz9b0KuDBw= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/pprof v0.0.0-20250125003558-7fdb3d7e6fa0 h1:my2ucqBZmv+cWHIhZNSIYKzgN8EBGyHdC7zD5sASRAg= +github.com/google/pprof v0.0.0-20250125003558-7fdb3d7e6fa0/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= -github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= +github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= +github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -65,23 +69,24 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= -github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= -github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= -github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/open-feature/flagd-schemas v0.2.9-0.20240708163558-2aa89b314322 h1:5zbNHqcZAc9jlhSrC0onuVL2RPpvYcDaNvW2wOZBfUY= github.com/open-feature/flagd-schemas v0.2.9-0.20240708163558-2aa89b314322/go.mod h1:WKtwo1eW9/K6D+4HfgTXWBqCDzpvMhDa5eRxW7R5B2U= +github.com/open-feature/flagd-schemas v0.2.9-0.20250127221449-bb763438abc5/go.mod h1:WKtwo1eW9/K6D+4HfgTXWBqCDzpvMhDa5eRxW7R5B2U= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= -github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= +github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= +github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= -github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= +github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= @@ -90,8 +95,8 @@ github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c= @@ -106,53 +111,53 @@ go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= -go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo= -go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so= +go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= +go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f h1:99ci1mjWVBWwJiEKYY6jWa4d2nTQVIEhZIptnrVb1XY= -golang.org/x/exp v0.0.0-20240416160154-fe59bbe5cc7f/go.mod h1:/lliqkxwWAhPjf5oSOIJup2XcqJaw8RGS6k3TGEc7GI= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4= -golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU= -golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs= -golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0= +golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k= +golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70= +golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= -golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= -golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= +golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= +golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= -golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= -golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ= -golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY= +golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= -golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= +golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE= +golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= -google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM= +google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= @@ -162,26 +167,26 @@ gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.31.4 h1:I2QNzitPVsPeLQvexMEsj945QumYraqv9m74isPDKhM= -k8s.io/api v0.31.4/go.mod h1:d+7vgXLvmcdT1BCo79VEgJxHHryww3V5np2OYTr6jdw= -k8s.io/apiextensions-apiserver v0.31.1 h1:L+hwULvXx+nvTYX/MKM3kKMZyei+UiSXQWciX/N6E40= -k8s.io/apiextensions-apiserver v0.31.1/go.mod h1:tWMPR3sgW+jsl2xm9v7lAyRF1rYEK71i9G5dRtkknoQ= -k8s.io/apimachinery v0.31.4 h1:8xjE2C4CzhYVm9DGf60yohpNUh5AEBnPxCryPBECmlM= -k8s.io/apimachinery v0.31.4/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= -k8s.io/client-go v0.31.1 h1:f0ugtWSbWpxHR7sjVpQwuvw9a3ZKLXX0u0itkFXufb0= -k8s.io/client-go v0.31.1/go.mod h1:sKI8871MJN2OyeqRlmA4W4KM9KBdBUpDLu/43eGemCg= +k8s.io/api v0.32.1 h1:f562zw9cy+GvXzXf0CKlVQ7yHJVYzLfL6JAS4kOAaOc= +k8s.io/api v0.32.1/go.mod h1:/Yi/BqkuueW1BgpoePYBRdDYfjPF5sgTr5+YqDZra5k= +k8s.io/apiextensions-apiserver v0.32.1 h1:hjkALhRUeCariC8DiVmb5jj0VjIc1N0DREP32+6UXZw= +k8s.io/apiextensions-apiserver v0.32.1/go.mod h1:sxWIGuGiYov7Io1fAS2X06NjMIk5CbRHc2StSmbaQto= +k8s.io/apimachinery v0.32.1 h1:683ENpaCBjma4CYqsmZyhEzrGz6cjn1MY/X2jB2hkZs= +k8s.io/apimachinery v0.32.1/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/client-go v0.32.1 h1:otM0AxdhdBIaQh7l1Q0jQpmo7WOFIk5FFa4bg6YMdUU= +k8s.io/client-go v0.32.1/go.mod h1:aTTKZY7MdxUaJ/KiUs8D+GssR9zJZi77ZqtzcGXIiDg= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= -k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4= -k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738 h1:M3sRQVHv7vB20Xc2ybTt7ODCeFj6JSWYFzOFnYeS6Ro= -k8s.io/utils v0.0.0-20241104100929-3ea5e8cea738/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.19.3 h1:XO2GvC9OPftRst6xWCpTgBZO04S2cbp0Qqkj8bX1sPw= -sigs.k8s.io/controller-runtime v0.19.3/go.mod h1:j4j87DqtsThvwTv5/Tc5NFRyyF/RF0ip4+62tbTSIUM= +k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 h1:hcha5B1kVACrLujCKLbr8XWMxCxzQx42DY8QKYJrDLg= +k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7/go.mod h1:GewRfANuJ70iYzvn+i4lezLDAFzvjxZYK1gn1lWcfas= +k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= +k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= +sigs.k8s.io/controller-runtime v0.20.1 h1:JbGMAG/X94NeM3xvjenVUaBjy6Ui4Ogd/J5ZtjZnHaE= +sigs.k8s.io/controller-runtime v0.20.1/go.mod h1:BrP3w158MwvB3ZbNpaAcIKkHQ7YGpYnzpoSTZ8E14WU= sigs.k8s.io/gateway-api v1.2.1 h1:fZZ/+RyRb+Y5tGkwxFKuYuSRQHu9dZtbjenblleOLHM= sigs.k8s.io/gateway-api v1.2.1/go.mod h1:EpNfEXNjiYfUJypf0eZ0P5iXA9ekSGWaS1WgPaM42X0= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/structured-merge-diff/v4 v4.5.0 h1:nbCitCK2hfnhyiKo6uf2HxUPTCodY6Qaf85SbDIaMBk= sigs.k8s.io/structured-merge-diff/v4 v4.5.0/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= diff --git a/chart/open-feature-operator/Chart.yaml b/chart/open-feature-operator/Chart.yaml index c5f1657e6..d03903a38 100755 --- a/chart/open-feature-operator/Chart.yaml +++ b/chart/open-feature-operator/Chart.yaml @@ -13,12 +13,12 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: "v0.8.4" # x-release-please-version +version: "v0.8.5" # x-release-please-version # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "v0.8.4" # x-release-please-version +appVersion: "v0.8.5" # x-release-please-version home: https://openfeature.dev icon: https://open-feature.github.io/open-feature-operator/chart/open-feature-operator/openfeature-logo.png diff --git a/chart/open-feature-operator/README.md b/chart/open-feature-operator/README.md index 9050bcdb1..bfea5a2f4 100644 --- a/chart/open-feature-operator/README.md +++ b/chart/open-feature-operator/README.md @@ -99,14 +99,14 @@ The command removes all the Kubernetes components associated with the chart and ### namespace -| Name | Description | Value | -| ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `namespace.create` | Whether to create the namespace as part of this chart. | `true` | -| `namespace.labels` | Labels for the namespace if created as part of the chart. | `{}` | -| `namespace.annotations` | Annotations for the namespace if created as part of the chart. | `{}` | -| `imagePullSecrets` | Array of ImagePullSecret objects containing credentials for images pulled by the operator (flagdProxyConfiguration.image, flagdConfiguration.image, controllerManager.manager.image, controllerManager.kubeRbacProxy.image). Example: imagePullSecrets: [{"name": "my-secret"}] | `[]` | -| `labels` | Labels to apply to all of the pods in the operator. | `{}` | -| `annotations` | Annotations to apply to all of the pods in the operator. | `{}` | +| Name | Description | Value | +| ----------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | +| `namespace.create` | Whether to create the namespace as part of this chart. | `true` | +| `namespace.labels` | Labels for the namespace if created as part of the chart. | `{}` | +| `namespace.annotations` | Annotations for the namespace if created as part of the chart. | `{}` | +| `imagePullSecrets` | Array of ImagePullSecret objects containing credentials for images pulled by the operator (flagdProxyConfiguration.image, flagdConfiguration.image, controllerManager.manager.image). Example: imagePullSecrets: [{"name": "my-secret"}] | `[]` | +| `labels` | Labels to apply to all of the pods in the operator. | `{}` | +| `annotations` | Annotations to apply to all of the pods in the operator. | `{}` | ### Mutating Webhook configuration @@ -123,7 +123,7 @@ The command removes all the Kubernetes components associated with the chart and | `sidecarConfiguration.managementPort` | Sets the value of the `XXX_MANAGEMENT_PORT` environment variable for the injected sidecar. | `8014` | | `sidecarConfiguration.socketPath` | Sets the value of the `XXX_SOCKET_PATH` environment variable for the injected sidecar. | `""` | | `sidecarConfiguration.image.repository` | Sets the image for the injected sidecar. | `ghcr.io/open-feature/flagd` | -| `sidecarConfiguration.image.tag` | Sets the version tag for the injected sidecar. | `v0.11.1` | +| `sidecarConfiguration.image.tag` | Sets the version tag for the injected sidecar. | `v0.12.0` | | `sidecarConfiguration.providerArgs` | Used to append arguments to the sidecar startup command. This value is a comma separated string of key values separated by '=', e.g. `key=value,key2=value2` results in the appending of `--sync-provider-args key=value --sync-provider-args key2=value2`. | `""` | | `sidecarConfiguration.envVarPrefix` | Sets the prefix for all environment variables set in the injected sidecar. | `FLAGD` | | `sidecarConfiguration.defaultSyncProvider` | Sets the value of the `XXX_SYNC_PROVIDER` environment variable for the injected sidecar container. There are 4 valid sync providers: `kubernetes`, `grpc`, `file` and `http`. | `kubernetes` | @@ -159,7 +159,7 @@ The command removes all the Kubernetes components associated with the chart and | `flagdProxyConfiguration.port` | Sets the port to expose the sync API on. | `8015` | | `flagdProxyConfiguration.managementPort` | Sets the port to expose the management API on. | `8016` | | `flagdProxyConfiguration.image.repository` | Sets the image for the flagd-proxy deployment. | `ghcr.io/open-feature/flagd-proxy` | -| `flagdProxyConfiguration.image.tag` | Sets the tag for the flagd-proxy deployment. | `v0.6.4` | +| `flagdProxyConfiguration.image.tag` | Sets the tag for the flagd-proxy deployment. | `v0.7.0` | | `flagdProxyConfiguration.debugLogging` | Controls the addition of the `--debug` flag to the container startup arguments. | `false` | ### Flagd configuration @@ -171,21 +171,15 @@ The command removes all the Kubernetes components associated with the chart and | `flagdConfiguration.syncPort` | Sets the port to expose the sync API on. | `8015` | | `flagdConfiguration.managementPort` | Sets the port to expose the management API on. | `8014` | | `flagdConfiguration.image.repository` | Sets the image for the flagd deployment. | `ghcr.io/open-feature/flagd` | -| `flagdConfiguration.image.tag` | Sets the tag for the flagd deployment. | `v0.11.1` | +| `flagdConfiguration.image.tag` | Sets the tag for the flagd deployment. | `v0.12.0` | | `flagdConfiguration.debugLogging` | Controls the addition of the `--debug` flag to the container startup arguments. | `false` | ### Operator resource configuration | Name | Description | Value | | ------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------- | -------------------------------------------- | -| `controllerManager.kubeRbacProxy.image.repository` | Sets the image for the kube-rbac-proxy. | `gcr.io/kubebuilder/kube-rbac-proxy` | -| `controllerManager.kubeRbacProxy.image.tag` | Sets the version tag for the kube-rbac-proxy. | `v0.14.1` | -| `controllerManager.kubeRbacProxy.resources.limits.cpu` | Sets cpu resource limits for kube-rbac-proxy. | `500m` | -| `controllerManager.kubeRbacProxy.resources.limits.memory` | Sets memory resource limits for kube-rbac-proxy. | `128Mi` | -| `controllerManager.kubeRbacProxy.resources.requests.cpu` | Sets cpu resource requests for kube-rbac-proxy. | `5m` | -| `controllerManager.kubeRbacProxy.resources.requests.memory` | Sets memory resource requests for kube-rbac-proxy. | `64Mi` | | `controllerManager.manager.image.repository` | Sets the image for the operator. | `ghcr.io/open-feature/open-feature-operator` | -| `controllerManager.manager.image.tag` | Sets the version tag for the operator. | `v0.8.1` | +| `controllerManager.manager.image.tag` | Sets the version tag for the operator. | `v0.8.5` | | `controllerManager.manager.resources.limits.cpu` | Sets cpu resource limits for operator. | `500m` | | `controllerManager.manager.resources.limits.memory` | Sets memory resource limits for operator. | `128Mi` | | `controllerManager.manager.resources.requests.cpu` | Sets cpu resource requests for operator. | `10m` | diff --git a/chart/open-feature-operator/values.yaml b/chart/open-feature-operator/values.yaml index 3e021ca3d..2588fab0a 100644 --- a/chart/open-feature-operator/values.yaml +++ b/chart/open-feature-operator/values.yaml @@ -11,7 +11,7 @@ namespace: ## @param namespace.annotations Annotations for the namespace if created as part of the chart. annotations: {} -## @param imagePullSecrets Array of ImagePullSecret objects containing credentials for images pulled by the operator (flagdProxyConfiguration.image, flagdConfiguration.image, controllerManager.manager.image, controllerManager.kubeRbacProxy.image). Example: imagePullSecrets: [{"name": "my-secret"}] +## @param imagePullSecrets Array of ImagePullSecret objects containing credentials for images pulled by the operator (flagdProxyConfiguration.image, flagdConfiguration.image, controllerManager.manager.image). Example: imagePullSecrets: [{"name": "my-secret"}] imagePullSecrets: [] ## @param labels Labels to apply to all of the pods in the operator. labels: {} @@ -37,7 +37,7 @@ sidecarConfiguration: ## @param sidecarConfiguration.image.repository Sets the image for the injected sidecar. repository: "ghcr.io/open-feature/flagd" ## @param sidecarConfiguration.image.tag Sets the version tag for the injected sidecar. - tag: v0.11.1 + tag: v0.12.0 ## @param sidecarConfiguration.providerArgs Used to append arguments to the sidecar startup command. This value is a comma separated string of key values separated by '=', e.g. `key=value,key2=value2` results in the appending of `--sync-provider-args key=value --sync-provider-args key2=value2`. providerArgs: "" ## @param sidecarConfiguration.envVarPrefix Sets the prefix for all environment variables set in the injected sidecar. @@ -100,7 +100,7 @@ flagdProxyConfiguration: ## @param flagdProxyConfiguration.image.repository Sets the image for the flagd-proxy deployment. repository: "ghcr.io/open-feature/flagd-proxy" ## @param flagdProxyConfiguration.image.tag Sets the tag for the flagd-proxy deployment. - tag: v0.6.4 + tag: v0.7.0 ## @param flagdProxyConfiguration.debugLogging Controls the addition of the `--debug` flag to the container startup arguments. debugLogging: false @@ -118,35 +118,18 @@ flagdConfiguration: ## @param flagdConfiguration.image.repository Sets the image for the flagd deployment. repository: "ghcr.io/open-feature/flagd" ## @param flagdConfiguration.image.tag Sets the tag for the flagd deployment. - tag: v0.11.1 + tag: v0.12.0 ## @param flagdConfiguration.debugLogging Controls the addition of the `--debug` flag to the container startup arguments. debugLogging: false ## @section Operator resource configuration controllerManager: - kubeRbacProxy: - image: - ## @param controllerManager.kubeRbacProxy.image.repository Sets the image for the kube-rbac-proxy. - repository: gcr.io/kubebuilder/kube-rbac-proxy - ## @param controllerManager.kubeRbacProxy.image.tag Sets the version tag for the kube-rbac-proxy. - tag: "v0.14.1" - resources: - limits: - ## @param controllerManager.kubeRbacProxy.resources.limits.cpu Sets cpu resource limits for kube-rbac-proxy. - cpu: 500m - ## @param controllerManager.kubeRbacProxy.resources.limits.memory Sets memory resource limits for kube-rbac-proxy. - memory: 128Mi - requests: - ## @param controllerManager.kubeRbacProxy.resources.requests.cpu Sets cpu resource requests for kube-rbac-proxy. - cpu: 5m - ## @param controllerManager.kubeRbacProxy.resources.requests.memory Sets memory resource requests for kube-rbac-proxy. - memory: 64Mi manager: image: ## @param controllerManager.manager.image.repository Sets the image for the operator. repository: ghcr.io/open-feature/open-feature-operator ## @param controllerManager.manager.image.tag Sets the version tag for the operator. - tag: v0.8.4 # x-release-please-version + tag: v0.8.5 # x-release-please-version resources: limits: ## @param controllerManager.manager.resources.limits.cpu Sets cpu resource limits for operator. diff --git a/main.go b/cmd/main.go similarity index 65% rename from main.go rename to cmd/main.go index 2eb2ec7c1..bf0b52805 100644 --- a/main.go +++ b/cmd/main.go @@ -18,24 +18,26 @@ package main import ( "context" + "crypto/tls" "flag" "fmt" "log" "os" + "path/filepath" "strings" "time" "github.com/kelseyhightower/envconfig" corev1beta1 "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/flagdinjector" - "github.com/open-feature/open-feature-operator/common/flagdproxy" - "github.com/open-feature/open-feature-operator/common/types" - "github.com/open-feature/open-feature-operator/common/utils" - "github.com/open-feature/open-feature-operator/controllers/core/featureflagsource" - "github.com/open-feature/open-feature-operator/controllers/core/flagd" - flagdresources "github.com/open-feature/open-feature-operator/controllers/core/flagd/resources" - webhooks "github.com/open-feature/open-feature-operator/webhooks" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/flagdinjector" + "github.com/open-feature/open-feature-operator/internal/common/flagdproxy" + "github.com/open-feature/open-feature-operator/internal/common/types" + "github.com/open-feature/open-feature-operator/internal/common/utils" + "github.com/open-feature/open-feature-operator/internal/controller/core/featureflagsource" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd" + flagdResources "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/resources" + webhooks "github.com/open-feature/open-feature-operator/internal/webhook" "go.uber.org/zap/zapcore" appsV1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" @@ -46,11 +48,14 @@ import ( clientgoscheme "k8s.io/client-go/kubernetes/scheme" _ "k8s.io/client-go/plugin/pkg/client/auth" ctrl "sigs.k8s.io/controller-runtime" + "sigs.k8s.io/controller-runtime/pkg/certwatcher" "sigs.k8s.io/controller-runtime/pkg/client" ctrlclient "sigs.k8s.io/controller-runtime/pkg/client" "sigs.k8s.io/controller-runtime/pkg/healthz" "sigs.k8s.io/controller-runtime/pkg/log/zap" + "sigs.k8s.io/controller-runtime/pkg/metrics/filters" "sigs.k8s.io/controller-runtime/pkg/metrics/server" + metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server" "sigs.k8s.io/controller-runtime/pkg/webhook" "sigs.k8s.io/controller-runtime/pkg/webhook/admission" gatewayApiv1 "sigs.k8s.io/gateway-api/apis/v1" @@ -88,6 +93,11 @@ var ( scheme = runtime.NewScheme() setupLog = ctrl.Log.WithName("setup") metricsAddr string + metricsCertPath, metricsCertName, metricsCertKey string + webhookCertPath, webhookCertName, webhookCertKey string + secureMetrics bool + enableHTTP2 bool + tlsOpts []func(*tls.Config) enableLeaderElection bool probeAddr string verbose bool @@ -130,6 +140,18 @@ func main() { "Enable leader election for controller manager. "+ "Enabling this will ensure there is only one active controller manager.") + flag.BoolVar(&secureMetrics, "metrics-secure", true, + "If set, the metrics endpoint is served securely via HTTPS. Use --metrics-secure=false to use HTTP instead.") + flag.StringVar(&webhookCertPath, "webhook-cert-path", "", "The directory that contains the webhook certificate.") + flag.StringVar(&webhookCertName, "webhook-cert-name", "tls.crt", "The name of the webhook certificate file.") + flag.StringVar(&webhookCertKey, "webhook-cert-key", "tls.key", "The name of the webhook key file.") + flag.StringVar(&metricsCertPath, "metrics-cert-path", "", + "The directory that contains the metrics server certificate.") + flag.StringVar(&metricsCertName, "metrics-cert-name", "tls.crt", "The name of the metrics server certificate file.") + flag.StringVar(&metricsCertKey, "metrics-cert-key", "tls.key", "The name of the metrics server key file.") + flag.BoolVar(&enableHTTP2, "enable-http2", false, + "If set, HTTP/2 will be enabled for the metrics and webhook servers") + // the following default values are chosen as a result of load testing: https://github.com/open-feature/flagd/blob/main/tests/loadtest/README.MD#performance-observations flag.StringVar(&sidecarCpuLimit, sidecarCpuLimitFlagName, sidecarCpuLimitDefault, "sidecar CPU limit, in cores. (500m = .5 cores)") flag.StringVar(&sidecarRamLimit, sidecarRamLimitFlagName, sidecarRamLimitDefault, "sidecar memory limit, in bytes. (500Gi = 500GiB = 500 * 1024 * 1024 * 1024)") @@ -153,6 +175,95 @@ func main() { ctrl.SetLogger(zap.New(zap.UseFlagOptions(&opts))) + // if the enable-http2 flag is false (the default), http/2 should be disabled + // due to its vulnerabilities. More specifically, disabling http/2 will + // prevent from being vulnerable to the HTTP/2 Stream Cancellation and + // Rapid Reset CVEs. For more information see: + // - https://github.com/advisories/GHSA-qppj-fm5r-hxr3 + // - https://github.com/advisories/GHSA-4374-p667-p6c8 + disableHTTP2 := func(c *tls.Config) { + setupLog.Info("disabling http/2") + c.NextProtos = []string{"http/1.1"} + } + + if !enableHTTP2 { + tlsOpts = append(tlsOpts, disableHTTP2) + } + + // Create watchers for metrics and webhooks certificates + var metricsCertWatcher, webhookCertWatcher *certwatcher.CertWatcher + + // Initial webhook TLS options + webhookTLSOpts := tlsOpts + + if len(webhookCertPath) > 0 { + setupLog.Info("Initializing webhook certificate watcher using provided certificates", + "webhook-cert-path", webhookCertPath, "webhook-cert-name", webhookCertName, "webhook-cert-key", webhookCertKey) + + var err error + webhookCertWatcher, err = certwatcher.New( + filepath.Join(webhookCertPath, webhookCertName), + filepath.Join(webhookCertPath, webhookCertKey), + ) + if err != nil { + setupLog.Error(err, "Failed to initialize webhook certificate watcher") + os.Exit(1) + } + + webhookTLSOpts = append(webhookTLSOpts, func(config *tls.Config) { + config.GetCertificate = webhookCertWatcher.GetCertificate + }) + } + + webhookServer := webhook.NewServer(webhook.Options{ + TLSOpts: webhookTLSOpts, + Port: 9443, + }) + + // Metrics endpoint is enabled in 'config/default/kustomization.yaml'. The Metrics options configure the server. + // More info: + // - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.20.0/pkg/metrics/server + // - https://book.kubebuilder.io/reference/metrics.html + metricsServerOptions := metricsserver.Options{ + BindAddress: metricsAddr, + SecureServing: secureMetrics, + TLSOpts: tlsOpts, + } + + if secureMetrics { + // FilterProvider is used to protect the metrics endpoint with authn/authz. + // These configurations ensure that only authorized users and service accounts + // can access the metrics endpoint. The RBAC are configured in 'config/rbac/kustomization.yaml'. More info: + // https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.20.0/pkg/metrics/filters#WithAuthenticationAndAuthorization + metricsServerOptions.FilterProvider = filters.WithAuthenticationAndAuthorization + } + + // If the certificate is not specified, controller-runtime will automatically + // generate self-signed certificates for the metrics server. While convenient for development and testing, + // this setup is not recommended for production. + // + // - [METRICS-WITH-CERTS] at config/default/kustomization.yaml to generate and use certificates + // managed by cert-manager for the metrics server. + // - [PROMETHEUS-WITH-CERTS] at config/prometheus/kustomization.yaml for TLS certification. + if len(metricsCertPath) > 0 { + setupLog.Info("Initializing metrics certificate watcher using provided certificates", + "metrics-cert-path", metricsCertPath, "metrics-cert-name", metricsCertName, "metrics-cert-key", metricsCertKey) + + var err error + metricsCertWatcher, err = certwatcher.New( + filepath.Join(metricsCertPath, metricsCertName), + filepath.Join(metricsCertPath, metricsCertKey), + ) + if err != nil { + setupLog.Error(err, "to initialize metrics certificate watcher", "error", err) + os.Exit(1) + } + + metricsServerOptions.TLSOpts = append(metricsServerOptions.TLSOpts, func(config *tls.Config) { + config.GetCertificate = metricsCertWatcher.GetCertificate + }) + } + resources, err := processResources() if err != nil { os.Exit(1) @@ -165,6 +276,7 @@ func main() { Metrics: server.Options{ BindAddress: metricsAddr, }, + HealthProbeBindAddress: probeAddr, LeaderElection: enableLeaderElection, LeaderElectionID: "131bf64c.openfeature.dev", @@ -173,15 +285,29 @@ func main() { DisableFor: disableCacheFor, }, }, - WebhookServer: webhook.NewServer(webhook.Options{ - Port: 9443, - }), + WebhookServer: webhookServer, }) if err != nil { setupLog.Error(err, "unable to start manager") os.Exit(1) } + if metricsCertWatcher != nil { + setupLog.Info("Adding metrics certificate watcher to manager") + if err := mgr.Add(metricsCertWatcher); err != nil { + setupLog.Error(err, "unable to add metrics certificate watcher to manager") + os.Exit(1) + } + } + + if webhookCertWatcher != nil { + setupLog.Info("Adding webhook certificate watcher to manager") + if err := mgr.Add(webhookCertWatcher); err != nil { + setupLog.Error(err, "unable to add webhook certificate watcher to manager") + os.Exit(1) + } + } + // setup indexer for backfilling permissions on the flagd-kubernetes-sync role binding if err := mgr.GetFieldIndexer().IndexField( context.Background(), @@ -269,19 +395,19 @@ func main() { Client: mgr.GetClient(), Scheme: mgr.GetScheme(), ResourceReconciler: flagdResourceReconciler, - FlagdDeployment: &flagdresources.FlagdDeployment{ + FlagdDeployment: &flagdResources.FlagdDeployment{ Client: mgr.GetClient(), Log: flagdControllerLogger, FlagdInjector: flagdContainerInjector, FlagdConfig: flagdConfig, }, - FlagdService: &flagdresources.FlagdService{ + FlagdService: &flagdResources.FlagdService{ FlagdConfig: flagdConfig, }, - FlagdIngress: &flagdresources.FlagdIngress{ + FlagdIngress: &flagdResources.FlagdIngress{ FlagdConfig: flagdConfig, }, - FlagdGatewayApiHttpRoute: &flagdresources.FlagdGatewayApiHttpRoute{ + FlagdGatewayApiHttpRoute: &flagdResources.FlagdGatewayApiHttpRoute{ FlagdConfig: flagdConfig, }, }).SetupWithManager(mgr); err != nil { @@ -290,7 +416,7 @@ func main() { } if env.FlagsValidationEnabled { - if err = (&corev1beta1.FeatureFlag{}).SetupWebhookWithManager(mgr); err != nil { + if err = (&webhooks.FeatureFlagCustomValidator{}).SetupWebhookWithManager(mgr); err != nil { setupLog.Error(err, "unable to create the validation webhook for FeatureFlag CRD", "webhook", "FeatureFlag") os.Exit(1) } diff --git a/config/certmanager/certificate.yaml b/config/certmanager/certificate.yaml index 421f715f9..55953b0fd 100644 --- a/config/certmanager/certificate.yaml +++ b/config/certmanager/certificate.yaml @@ -5,6 +5,9 @@ apiVersion: cert-manager.io/v1 kind: Issuer metadata: name: selfsigned-issuer + labels: + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize spec: selfSigned: {} --- @@ -12,12 +15,35 @@ apiVersion: cert-manager.io/v1 kind: Certificate metadata: name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml + labels: + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize spec: - # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize + # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize dnsNames: - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc - - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local + - SERVICE_NAME.SERVICE_NAMESPACE.svc + - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local issuerRef: kind: Issuer name: selfsigned-issuer secretName: webhook-server-cert # this secret will not be prefixed, since it's not managed by kustomize +--- +# The following manifests contain a self-signed issuer CR and a metrics certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: metrics-certs # this name should match the one appeared in kustomizeconfig.yaml + labels: + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize +spec: + dnsNames: + # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize + # replacements in the config/default/kustomization.yaml file. + - SERVICE_NAME.SERVICE_NAMESPACE.svc + - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local + issuerRef: + kind: Issuer + name: selfsigned-issuer + secretName: metrics-server-cert diff --git a/config/certmanager/kustomizeconfig.yaml b/config/certmanager/kustomizeconfig.yaml index 90d7c313c..98d1da934 100644 --- a/config/certmanager/kustomizeconfig.yaml +++ b/config/certmanager/kustomizeconfig.yaml @@ -6,11 +6,3 @@ nameReference: - kind: Certificate group: cert-manager.io path: spec/issuerRef/name - -varReference: -- kind: Certificate - group: cert-manager.io - path: spec/commonName -- kind: Certificate - group: cert-manager.io - path: spec/dnsNames diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml index 89a31bc79..16a509474 100644 --- a/config/crd/kustomization.yaml +++ b/config/crd/kustomization.yaml @@ -8,7 +8,7 @@ resources: - bases/core.openfeature.dev_inprocessconfigurations.yaml #+kubebuilder:scaffold:crdkustomizeresource -patchesStrategicMerge: +patches: # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix. # patches here are for enabling the conversion webhook for each CRD #- patches/webhook_in_featureflags.yaml @@ -17,14 +17,6 @@ patchesStrategicMerge: #- patches/webhook_in_inprocessconfigurations.yaml #+kubebuilder:scaffold:crdkustomizewebhookpatch -# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix. -# patches here are for enabling the CA injection for each CRD -#- patches/cainjection_in_featureflags.yaml -#- patches/cainjection_in_featureflagsources.yaml -#- patches/cainjection_in_flagds.yaml -#- patches/cainjection_in_inprocessconfigurations.yaml -#+kubebuilder:scaffold:crdkustomizecainjectionpatch - # the following config is for teaching kustomize how to do kustomization for CRDs. configurations: - kustomizeconfig.yaml diff --git a/config/crd/kustomizeconfig.yaml b/config/crd/kustomizeconfig.yaml index ec5c150a9..c1418ddee 100644 --- a/config/crd/kustomizeconfig.yaml +++ b/config/crd/kustomizeconfig.yaml @@ -1,19 +1,19 @@ # This file is for teaching kustomize how to substitute name and namespace reference in CRD nameReference: -- kind: Service - version: v1 - fieldSpecs: - - kind: CustomResourceDefinition + - kind: Service version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/name + fieldSpecs: + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/name namespace: -- kind: CustomResourceDefinition - version: v1 - group: apiextensions.k8s.io - path: spec/conversion/webhook/clientConfig/service/namespace - create: false + - kind: CustomResourceDefinition + version: v1 + group: apiextensions.k8s.io + path: spec/conversion/webhook/clientConfig/service/namespace + create: false varReference: -- path: metadata/annotations + - path: metadata/annotations diff --git a/config/crd/patches/cainjection_in_core_featureflags.yaml b/config/crd/patches/cainjection_in_core_featureflags.yaml deleted file mode 100644 index 67581e1e6..000000000 --- a/config/crd/patches/cainjection_in_core_featureflags.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# The following patch adds a directive for certmanager to inject CA into the CRD -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: featureflags.core.openfeature.dev diff --git a/config/crd/patches/cainjection_in_core_featureflagsources.yaml b/config/crd/patches/cainjection_in_core_featureflagsources.yaml deleted file mode 100644 index d23936843..000000000 --- a/config/crd/patches/cainjection_in_core_featureflagsources.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# The following patch adds a directive for certmanager to inject CA into the CRD -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: featureflagsources.core.openfeature.dev diff --git a/config/crd/patches/cainjection_in_core_flagds.yaml b/config/crd/patches/cainjection_in_core_flagds.yaml deleted file mode 100644 index a1b2f05d1..000000000 --- a/config/crd/patches/cainjection_in_core_flagds.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# The following patch adds a directive for certmanager to inject CA into the CRD -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: flagds.core.openfeature.dev diff --git a/config/crd/patches/cainjection_in_core_inprocessconfigurations.yaml b/config/crd/patches/cainjection_in_core_inprocessconfigurations.yaml deleted file mode 100644 index 61e5471b7..000000000 --- a/config/crd/patches/cainjection_in_core_inprocessconfigurations.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# The following patch adds a directive for certmanager to inject CA into the CRD -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) - name: inprocessconfigurations.core.openfeature.dev diff --git a/config/default/cert_metrics_manager_patch.yaml b/config/default/cert_metrics_manager_patch.yaml new file mode 100644 index 000000000..d97501553 --- /dev/null +++ b/config/default/cert_metrics_manager_patch.yaml @@ -0,0 +1,30 @@ +# This patch adds the args, volumes, and ports to allow the manager to use the metrics-server certs. + +# Add the volumeMount for the metrics-server certs +- op: add + path: /spec/template/spec/containers/0/volumeMounts/- + value: + mountPath: /tmp/k8s-metrics-server/metrics-certs + name: metrics-certs + readOnly: true + +# Add the --metrics-cert-path argument for the metrics server +- op: add + path: /spec/template/spec/containers/0/args/- + value: --metrics-cert-path=/tmp/k8s-metrics-server/metrics-certs + +# Add the metrics-server certs volume configuration +- op: add + path: /spec/template/spec/volumes/- + value: + name: metrics-certs + secret: + secretName: metrics-server-cert + optional: false + items: + - key: ca.crt + path: ca.crt + - key: tls.crt + path: tls.crt + - key: tls.key + path: tls.key diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml index 5cec3af7d..b599336de 100644 --- a/config/default/kustomization.yaml +++ b/config/default/kustomization.yaml @@ -12,63 +12,206 @@ namePrefix: open-feature-operator- #commonLabels: # someName: someValue -bases: +resources: - ../crd - ../rbac - ../manager + # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml - ../webhook + # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required. - ../certmanager + # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'. #- ../prometheus -patchesStrategicMerge: -# Protect the /metrics endpoint by putting it behind auth. -# If you want your controller-manager to expose the /metrics -# endpoint w/o any authn/z, please comment the following line. -- manager_auth_proxy_patch.yaml +# [NETWORK POLICY] Protect the /metrics endpoint and Webhook Server with NetworkPolicy. +# Only Pod(s) running a namespace labeled with 'metrics: enabled' will be able to gather the metrics. +# Only CR(s) which requires webhooks and are applied on namespaces labeled with 'webhooks: enabled' will +# be able to communicate with the Webhook Server. +#- ../network-policy + +patches: # Mount the controller config file for loading manager configurations # through a ComponentConfig type #- manager_config_patch.yaml +# [METRICS] The following patch will enable the metrics endpoint using HTTPS and the port :8443. +# More info: https://book.kubebuilder.io/reference/metrics +- path: manager_metrics_patch.yaml + target: + kind: Deployment + +# Uncomment the patches line if you enable Metrics and CertManager +# [METRICS-WITH-CERTS] To enable metrics protected with certManager, uncomment the following line. +# This patch will protect the metrics with certManager self-signed certs. +- path: cert_metrics_manager_patch.yaml + target: + kind: Deployment + # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in # crd/kustomization.yaml -- manager_webhook_patch.yaml - -# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. -# Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks. -# 'CERTMANAGER' needs to be enabled to use ca injection -- webhookcainjection_patch.yaml +- path: manager_webhook_patch.yaml + target: + kind: Deployment -# the following config is for teaching kustomize how to do var substitution -vars: # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix. -- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR - objref: - kind: Certificate - group: cert-manager.io - version: v1 - name: serving-cert # this name should match the one in certificate.yaml - fieldref: - fieldpath: metadata.namespace -- name: CERTIFICATE_NAME - objref: - kind: Certificate - group: cert-manager.io - version: v1 - name: serving-cert # this name should match the one in certificate.yaml -- name: SERVICE_NAMESPACE # namespace of the service - objref: - kind: Service - version: v1 - name: webhook-service - fieldref: - fieldpath: metadata.namespace -- name: SERVICE_NAME - objref: - kind: Service - version: v1 - name: webhook-service +# Uncomment the following replacements to add the cert-manager CA injection annotations +replacements: + - source: # Uncomment the following block to enable certificates for metrics + kind: Service + version: v1 + name: controller-manager-metrics-service + fieldPath: metadata.name + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + name: metrics-certs + fieldPaths: + - spec.dnsNames.0 + - spec.dnsNames.1 + options: + delimiter: '.' + index: 0 + create: true + + - source: + kind: Service + version: v1 + name: controller-manager-metrics-service + fieldPath: metadata.namespace + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + name: metrics-certs + fieldPaths: + - spec.dnsNames.0 + - spec.dnsNames.1 + options: + delimiter: '.' + index: 1 + create: true + + - source: # Uncomment the following block if you have any webhook + kind: Service + version: v1 + name: webhook-service + fieldPath: .metadata.name # Name of the service + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert + fieldPaths: + - .spec.dnsNames.0 + - .spec.dnsNames.1 + options: + delimiter: '.' + index: 0 + create: true + - source: + kind: Service + version: v1 + name: webhook-service + fieldPath: .metadata.namespace # Namespace of the service + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert + fieldPaths: + - .spec.dnsNames.0 + - .spec.dnsNames.1 + options: + delimiter: '.' + index: 1 + create: true + + - source: # Uncomment the following block if you have a ValidatingWebhook (--programmatic-validation) + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert # This name should match the one in certificate.yaml + fieldPath: .metadata.namespace # Namespace of the certificate CR + targets: + - select: + kind: ValidatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 0 + create: true + - source: + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert + fieldPath: .metadata.name + targets: + - select: + kind: ValidatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 1 + create: true + + - source: # Uncomment the following block if you have a DefaultingWebhook (--defaulting ) + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert + fieldPath: .metadata.namespace # Namespace of the certificate CR + targets: + - select: + kind: MutatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 0 + create: true + + - source: + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert + fieldPath: .metadata.name + targets: + - select: + kind: MutatingWebhookConfiguration + fieldPaths: + - .metadata.annotations.[cert-manager.io/inject-ca-from] + options: + delimiter: '/' + index: 1 + create: true + +# - source: # Uncomment the following block if you have a ConversionWebhook (--conversion) +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert +# fieldPath: .metadata.namespace # Namespace of the certificate CR +# targets: # Do not remove or uncomment the following scaffold marker; required to generate code for target CRD. +# +kubebuilder:scaffold:crdkustomizecainjectionns +# - source: +# kind: Certificate +# group: cert-manager.io +# version: v1 +# name: serving-cert +# fieldPath: .metadata.name +# targets: # Do not remove or uncomment the following scaffold marker; required to generate code for target CRD. +# +kubebuilder:scaffold:crdkustomizecainjectionname diff --git a/config/default/manager_auth_proxy_patch.yaml b/config/default/manager_auth_proxy_patch.yaml deleted file mode 100644 index f4436468f..000000000 --- a/config/default/manager_auth_proxy_patch.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# This patch inject a sidecar container which is a HTTP proxy for the -# controller manager, it performs RBAC authorization against the Kubernetes API using SubjectAccessReviews. -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.14.0 - args: - - "--secure-listen-address=0.0.0.0:8443" - - "--upstream=http://127.0.0.1:8080/" - - "--logtostderr=true" - - "--v=0" - ports: - - containerPort: 8443 - protocol: TCP - name: https - resources: - limits: - cpu: 500m - memory: 128Mi - requests: - cpu: 5m - memory: 64Mi - securityContext: - allowPrivilegeEscalation: false - runAsNonRoot: true - - name: manager - args: - - "--health-probe-bind-address=:8081" - - "--metrics-bind-address=127.0.0.1:8080" - - "--leader-elect" - - "--sidecar-cpu-limit=0.5" # cores - - "--sidecar-ram-limit=64M" - securityContext: - allowPrivilegeEscalation: false - runAsNonRoot: true diff --git a/config/default/manager_metrics_patch.yaml b/config/default/manager_metrics_patch.yaml new file mode 100644 index 000000000..2aaef6536 --- /dev/null +++ b/config/default/manager_metrics_patch.yaml @@ -0,0 +1,4 @@ +# This patch adds the args to allow exposing the metrics endpoint using HTTPS +- op: add + path: /spec/template/spec/containers/0/args/0 + value: --metrics-bind-address=:8443 diff --git a/config/default/manager_webhook_patch.yaml b/config/default/manager_webhook_patch.yaml index 738de350b..963c8a4cc 100644 --- a/config/default/manager_webhook_patch.yaml +++ b/config/default/manager_webhook_patch.yaml @@ -1,23 +1,31 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: controller-manager - namespace: system -spec: - template: - spec: - containers: - - name: manager - ports: - - containerPort: 9443 - name: webhook-server - protocol: TCP - volumeMounts: - - mountPath: /tmp/k8s-webhook-server/serving-certs - name: cert - readOnly: true - volumes: - - name: cert - secret: - defaultMode: 420 - secretName: webhook-server-cert +# This patch ensures the webhook certificates are properly mounted in the manager container. +# It configures the necessary arguments, volumes, volume mounts, and container ports. + +# Add the --webhook-cert-path argument for configuring the webhook certificate path +- op: add + path: /spec/template/spec/containers/0/args/- + value: --webhook-cert-path=/tmp/k8s-webhook-server/serving-certs + +# Add the volumeMount for the webhook certificates +- op: add + path: /spec/template/spec/containers/0/volumeMounts/- + value: + mountPath: /tmp/k8s-webhook-server/serving-certs + name: webhook-certs + readOnly: true + +# Add the port configuration for the webhook server +- op: add + path: /spec/template/spec/containers/0/ports/- + value: + containerPort: 9443 + name: webhook-server + protocol: TCP + +# Add the volume configuration for the webhook certificates +- op: add + path: /spec/template/spec/volumes/- + value: + name: webhook-certs + secret: + secretName: webhook-server-cert diff --git a/config/default/metrics_service.yaml b/config/default/metrics_service.yaml new file mode 100644 index 000000000..04a71df89 --- /dev/null +++ b/config/default/metrics_service.yaml @@ -0,0 +1,18 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize + name: controller-manager-metrics-service + namespace: system +spec: + ports: + - name: https + port: 8443 + protocol: TCP + targetPort: 8443 + selector: + control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator diff --git a/config/default/webhookcainjection_patch.yaml b/config/default/webhookcainjection_patch.yaml deleted file mode 100644 index 0bfc9dc1f..000000000 --- a/config/default/webhookcainjection_patch.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# This patch add annotation to admission webhook config and -# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize. ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: MutatingWebhookConfiguration -metadata: - name: mutating-webhook-configuration - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) ---- -apiVersion: admissionregistration.k8s.io/v1 -kind: ValidatingWebhookConfiguration -metadata: - name: validating-webhook-configuration - annotations: - cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME) diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml index e2ec0318d..9f7dbf01d 100644 --- a/config/manager/kustomization.yaml +++ b/config/manager/kustomization.yaml @@ -1,13 +1,17 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + resources: - manager.yaml + generatorOptions: disableNameSuffixHash: true + configMapGenerator: - files: - controller_manager_config.yaml name: manager-config -apiVersion: kustomize.config.k8s.io/v1beta1 -kind: Kustomization + images: - name: controller newName: open-feature-operator-local diff --git a/config/manager/manager.yaml b/config/manager/manager.yaml index b73b3aab6..584758dd1 100644 --- a/config/manager/manager.yaml +++ b/config/manager/manager.yaml @@ -3,6 +3,7 @@ kind: Namespace metadata: labels: control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator name: system --- apiVersion: apps/v1 @@ -12,10 +13,13 @@ metadata: namespace: system labels: control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize spec: selector: matchLabels: control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator replicas: 1 template: metadata: @@ -23,6 +27,8 @@ spec: kubectl.kubernetes.io/default-container: manager labels: control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize spec: securityContext: runAsNonRoot: true @@ -43,6 +49,7 @@ spec: imagePullPolicy: IfNotPresent image: controller:main name: manager + ports: [] securityContext: allowPrivilegeEscalation: false runAsNonRoot: true @@ -67,5 +74,7 @@ spec: requests: cpu: 10m memory: 64Mi + volumeMounts: [] + volumes: [] serviceAccountName: controller-manager terminationGracePeriodSeconds: 10 diff --git a/config/network-policy/allow-metrics-traffic.yaml b/config/network-policy/allow-metrics-traffic.yaml new file mode 100644 index 000000000..e59f7233f --- /dev/null +++ b/config/network-policy/allow-metrics-traffic.yaml @@ -0,0 +1,27 @@ +# This NetworkPolicy allows ingress traffic +# with Pods running on namespaces labeled with 'metrics: enabled'. Only Pods on those +# namespaces are able to gather data from the metrics endpoint. +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize + name: allow-metrics-traffic + namespace: system +spec: + podSelector: + matchLabels: + control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator + policyTypes: + - Ingress + ingress: + # This allows ingress traffic from any namespace with the label metrics: enabled + - from: + - namespaceSelector: + matchLabels: + metrics: enabled # Only from namespaces with this label + ports: + - port: 8443 + protocol: TCP diff --git a/config/network-policy/allow-webhook-traffic.yaml b/config/network-policy/allow-webhook-traffic.yaml new file mode 100644 index 000000000..f83c021be --- /dev/null +++ b/config/network-policy/allow-webhook-traffic.yaml @@ -0,0 +1,27 @@ +# This NetworkPolicy allows ingress traffic to your webhook server running +# as part of the controller-manager from specific namespaces and pods. CR(s) which uses webhooks +# will only work when applied in namespaces labeled with 'webhook: enabled' +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + labels: + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize + name: allow-webhook-traffic + namespace: system +spec: + podSelector: + matchLabels: + control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator + policyTypes: + - Ingress + ingress: + # This allows ingress traffic from any namespace with the label webhook: enabled + - from: + - namespaceSelector: + matchLabels: + webhook: enabled # Only from namespaces with this label + ports: + - port: 443 + protocol: TCP diff --git a/config/network-policy/kustomization.yaml b/config/network-policy/kustomization.yaml new file mode 100644 index 000000000..ec0fb5e57 --- /dev/null +++ b/config/network-policy/kustomization.yaml @@ -0,0 +1,2 @@ +resources: +- allow-metrics-traffic.yaml diff --git a/config/overlays/helm/certificate-patch.yaml b/config/overlays/helm/certificate-patch.yaml new file mode 100644 index 000000000..a2995da5e --- /dev/null +++ b/config/overlays/helm/certificate-patch.yaml @@ -0,0 +1,21 @@ +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: serving-cert # this name should match the one appeared in kustomizeconfig.yaml +spec: + dnsNames: + - SERVICE_NAME.{{ include "chart.namespace" . }}.svc + - SERVICE_NAME.{{ include "chart.namespace" . }}.svc.cluster.local +--- +# The following manifests contain a self-signed issuer CR and a metrics certificate CR. +# More document can be found at https://docs.cert-manager.io +apiVersion: cert-manager.io/v1 +kind: Certificate +metadata: + name: metrics-certs # this name should match the one appeared in kustomizeconfig.yaml +spec: + dnsNames: + # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize + # replacements in the config/default/kustomization.yaml file. + - SERVICE_NAME.{{ include "chart.namespace" . }}.svc + - SERVICE_NAME.{{ include "chart.namespace" . }}.svc.cluster.local diff --git a/config/overlays/helm/kustomization.yaml b/config/overlays/helm/kustomization.yaml index 8c6c16dd9..e832cfbad 100644 --- a/config/overlays/helm/kustomization.yaml +++ b/config/overlays/helm/kustomization.yaml @@ -1,5 +1,5 @@ # import the default deployment as the base -bases: +resources: - ../../default # replace the default namespace with {{ include "chart.namespace" . }} @@ -11,15 +11,55 @@ namespace: |- # merge the exclude-ns.yaml with the existing namespace definition, this contains the `$patch: delete` directive allowing # for the helm chart to define the namespace conditionally (only deploys when no namespace is provided and the default # (open-feature-operator-system) is used -patchesStrategicMerge: - - exclude-ns.yaml - - manager.yaml - - exclude-webhook-server-container-port.yaml - - exclude-validatingwebhook.yaml - - mutatingwebhook.yaml +patches: + - path: exclude-ns.yaml + - path: manager.yaml + - path: exclude-webhook-server-container-port.yaml + - path: exclude-validatingwebhook.yaml + - path: mutatingwebhook.yaml + - path: certificate-patch.yaml configMapGenerator: - name: manager-config behavior: merge files: - controller_manager_config.yaml + +replacements: + - source: # Uncomment the following block to enable certificates for metrics + kind: Service + version: v1 + name: controller-manager-metrics-service + fieldPath: metadata.name + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + name: metrics-certs + fieldPaths: + - spec.dnsNames.0 + - spec.dnsNames.1 + options: + delimiter: '.' + index: 0 + create: true + + - source: # Uncomment the following block if you have any webhook + kind: Service + version: v1 + name: webhook-service + fieldPath: .metadata.name # Name of the service + targets: + - select: + kind: Certificate + group: cert-manager.io + version: v1 + name: serving-cert + fieldPaths: + - spec.dnsNames.0 + - spec.dnsNames.1 + options: + delimiter: '.' + index: 0 + create: true diff --git a/config/overlays/helm/manager.yaml b/config/overlays/helm/manager.yaml index 5232c2c0f..869ba7bd4 100644 --- a/config/overlays/helm/manager.yaml +++ b/config/overlays/helm/manager.yaml @@ -115,12 +115,3 @@ spec: - --metrics-bind-address=:{{ .Values.managerConfig.controllerManagerConfigYaml.metrics.bindPort }} - --labels={{ $labelKeys := keys .Values.labels -}}{{- $labelPairs := list -}}{{- range $key := $labelKeys -}}{{- $labelPairs = append $labelPairs (printf "%s:%s" $key (index $.Values.labels $key)) -}}{{- end -}}{{- join "," $labelPairs }} - --annotations={{ $annotationKeys := keys .Values.annotations -}}{{- $annotationPairs := list -}}{{- range $key := $annotationKeys -}}{{- $annotationPairs = append $annotationPairs (printf "%s:%s" $key (index $.Values.annotations $key)) -}}{{- end -}}{{- join "," $annotationPairs }} - - name: kube-rbac-proxy - image: "{{ .Values.controllerManager.kubeRbacProxy.image.repository }}:{{ .Values.controllerManager.kubeRbacProxy.image.tag }}" - resources: - limits: - cpu: "{{ .Values.controllerManager.kubeRbacProxy.resources.limits.cpu }}" - memory: "{{ .Values.controllerManager.kubeRbacProxy.resources.limits.memory }}" - requests: - cpu: "{{ .Values.controllerManager.kubeRbacProxy.resources.requests.cpu }}" - memory: "{{ .Values.controllerManager.kubeRbacProxy.resources.requests.memory }}" diff --git a/config/prometheus/kustomization.yaml b/config/prometheus/kustomization.yaml index ed137168a..8126ea89b 100644 --- a/config/prometheus/kustomization.yaml +++ b/config/prometheus/kustomization.yaml @@ -1,2 +1,11 @@ resources: - monitor.yaml + +# [PROMETHEUS-WITH-CERTS] The following patch configures the ServiceMonitor in ../prometheus +# to securely reference certificates created and managed by cert-manager. +# Additionally, ensure that you uncomment the [METRICS WITH CERTMANAGER] patch under config/default/kustomization.yaml +# to mount the "metrics-server-cert" secret in the Manager Deployment. +patches: + - path: monitor_tls_patch.yaml + target: + kind: ServiceMonitor diff --git a/config/prometheus/monitor.yaml b/config/prometheus/monitor.yaml index d19136ae7..57263dccc 100644 --- a/config/prometheus/monitor.yaml +++ b/config/prometheus/monitor.yaml @@ -1,20 +1,27 @@ - # Prometheus Monitor Service (Metrics) apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: labels: control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator + app.kubernetes.io/managed-by: kustomize name: controller-manager-metrics-monitor namespace: system spec: endpoints: - path: /metrics - port: https + port: https # Ensure this is the name of the port that exposes HTTPS metrics scheme: https bearerTokenFile: /var/run/secrets/kubernetes.io/serviceaccount/token tlsConfig: + # TODO(user): The option insecureSkipVerify: true is not recommended for production since it disables + # certificate verification, exposing the system to potential man-in-the-middle attacks. + # For production environments, it is recommended to use cert-manager for automatic TLS certificate management. + # To apply this configuration, enable cert-manager and use the patch located at config/prometheus/servicemonitor_tls_patch.yaml, + # which securely references the certificate from the 'metrics-server-cert' secret. insecureSkipVerify: true selector: matchLabels: control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator diff --git a/config/prometheus/monitor_tls_patch.yaml b/config/prometheus/monitor_tls_patch.yaml new file mode 100644 index 000000000..e824dd0ff --- /dev/null +++ b/config/prometheus/monitor_tls_patch.yaml @@ -0,0 +1,22 @@ +# Patch for Prometheus ServiceMonitor to enable secure TLS configuration +# using certificates managed by cert-manager +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: controller-manager-metrics-monitor + namespace: system +spec: + endpoints: + - tlsConfig: + insecureSkipVerify: false + ca: + secret: + name: metrics-server-cert + key: ca.crt + cert: + secret: + name: metrics-server-cert + key: tls.crt + keySecret: + name: metrics-server-cert + key: tls.key diff --git a/config/webhook/kustomization.yaml b/config/webhook/kustomization.yaml index 7e202f577..9cf26134e 100644 --- a/config/webhook/kustomization.yaml +++ b/config/webhook/kustomization.yaml @@ -4,6 +4,3 @@ resources: configurations: - kustomizeconfig.yaml - -commonAnnotations: - cert-manager.io/inject-ca-from: open-feature-operator-system/webhook-cert diff --git a/config/webhook/kustomizeconfig.yaml b/config/webhook/kustomizeconfig.yaml index 25e21e3c9..30293f0f5 100644 --- a/config/webhook/kustomizeconfig.yaml +++ b/config/webhook/kustomizeconfig.yaml @@ -20,6 +20,3 @@ namespace: group: admissionregistration.k8s.io path: webhooks/clientConfig/service/namespace create: true - -varReference: -- path: metadata/annotations diff --git a/config/webhook/service.yaml b/config/webhook/service.yaml index 3f638bd9c..bcd385d22 100644 --- a/config/webhook/service.yaml +++ b/config/webhook/service.yaml @@ -1,9 +1,11 @@ - apiVersion: v1 kind: Service metadata: name: webhook-service namespace: system + labels: + app.kubernetes.io/name: openfeature-operator + app.kubernetes.io/managed-by: kustomize spec: ports: - port: 443 @@ -11,3 +13,4 @@ spec: targetPort: 9443 selector: control-plane: controller-manager + app.kubernetes.io/name: open-feature-operator diff --git a/docs/installation.md b/docs/installation.md index f70bb2cd6..6dd980039 100644 --- a/docs/installation.md +++ b/docs/installation.md @@ -62,13 +62,13 @@ Apply the release yaml directly via kubectl ```sh kubectl create namespace open-feature-operator-system && -kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.4/release.yaml +kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.5/release.yaml ``` ### Uninstall ```sh -kubectl delete -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.4/release.yaml && +kubectl delete -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.5/release.yaml && kubectl delete namespace open-feature-operator-system ``` diff --git a/docs/quick_start.md b/docs/quick_start.md index dce362c2c..a054247a0 100644 --- a/docs/quick_start.md +++ b/docs/quick_start.md @@ -40,7 +40,7 @@ helm upgrade --install openfeature openfeature/open-feature-operator ```sh kubectl create namespace open-feature-operator-system && -kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.4/release.yaml +kubectl apply -f https://github.com/open-feature/open-feature-operator/releases/download/v0.8.5/release.yaml ``` diff --git a/go.mod b/go.mod index 9c1e918d2..08ab5a5ab 100644 --- a/go.mod +++ b/go.mod @@ -1,79 +1,109 @@ module github.com/open-feature/open-feature-operator -go 1.23 +go 1.23.0 toolchain go1.23.3 +godebug default=go1.23 + require ( github.com/go-logr/logr v1.4.2 - github.com/golang/mock v1.4.4 + github.com/golang/mock v1.6.0 github.com/kelseyhightower/envconfig v1.4.0 - github.com/open-feature/open-feature-operator/apis v0.2.44 - github.com/stretchr/testify v1.9.0 + github.com/open-feature/flagd-schemas v0.2.9-0.20250127221449-bb763438abc5 + github.com/open-feature/open-feature-operator/apis v0.2.45 + github.com/stretchr/testify v1.10.0 + github.com/xeipuuv/gojsonschema v1.2.0 go.uber.org/zap v1.27.0 - golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 - k8s.io/api v0.31.4 - k8s.io/apimachinery v0.31.4 - k8s.io/client-go v0.31.4 + golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 + k8s.io/api v0.32.1 + k8s.io/apimachinery v0.32.1 + k8s.io/client-go v0.32.1 k8s.io/utils v0.0.0-20241210054802-24370beab758 - sigs.k8s.io/controller-runtime v0.18.6 + sigs.k8s.io/controller-runtime v0.20.1 sigs.k8s.io/gateway-api v1.2.1 ) require ( + cel.dev/expr v0.18.0 // indirect + github.com/antlr4-go/antlr/v4 v4.13.0 // indirect + github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a // indirect github.com/beorn7/perks v1.0.1 // indirect + github.com/blang/semver/v4 v4.0.0 // indirect + github.com/cenkalti/backoff/v4 v4.3.0 // indirect github.com/cespare/xxhash/v2 v2.3.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/emicklei/go-restful/v3 v3.12.0 // indirect - github.com/evanphx/json-patch v5.7.0+incompatible // indirect + github.com/emicklei/go-restful/v3 v3.12.1 // indirect github.com/evanphx/json-patch/v5 v5.9.0 // indirect + github.com/felixge/httpsnoop v1.0.4 // indirect + github.com/fsnotify/fsnotify v1.8.0 // indirect github.com/fxamacker/cbor/v2 v2.7.0 // indirect + github.com/go-logr/stdr v1.2.2 // indirect github.com/go-logr/zapr v1.3.0 // indirect github.com/go-openapi/jsonpointer v0.21.0 // indirect github.com/go-openapi/jsonreference v0.21.0 // indirect github.com/go-openapi/swag v0.23.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.4 // indirect - github.com/google/gnostic-models v0.6.8 // indirect + github.com/google/btree v1.1.3 // indirect + github.com/google/cel-go v0.22.0 // indirect + github.com/google/gnostic-models v0.6.9 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect + github.com/google/pprof v0.0.0-20250125003558-7fdb3d7e6fa0 // indirect github.com/google/uuid v1.6.0 // indirect - github.com/imdario/mergo v0.3.16 // indirect + github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect + github.com/inconshreveable/mousetrap v1.1.0 // indirect github.com/josharian/intern v1.0.0 // indirect github.com/json-iterator/go v1.1.12 // indirect - github.com/mailru/easyjson v0.7.7 // indirect + github.com/klauspost/compress v1.17.11 // indirect + github.com/mailru/easyjson v0.9.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.2 // indirect github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect - github.com/open-feature/flagd-schemas v0.2.9-0.20240708163558-2aa89b314322 // indirect github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - github.com/prometheus/client_golang v1.19.1 // indirect + github.com/prometheus/client_golang v1.20.5 // indirect github.com/prometheus/client_model v0.6.1 // indirect - github.com/prometheus/common v0.55.0 // indirect + github.com/prometheus/common v0.62.0 // indirect github.com/prometheus/procfs v0.15.1 // indirect + github.com/spf13/cobra v1.8.1 // indirect github.com/spf13/pflag v1.0.5 // indirect + github.com/stoewer/go-strcase v1.3.0 // indirect github.com/x448/float16 v0.8.4 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f // indirect github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect - github.com/xeipuuv/gojsonschema v1.2.0 // indirect + go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 // indirect + go.opentelemetry.io/otel v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 // indirect + go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 // indirect + go.opentelemetry.io/otel/metric v1.28.0 // indirect + go.opentelemetry.io/otel/sdk v1.28.0 // indirect + go.opentelemetry.io/otel/trace v1.28.0 // indirect + go.opentelemetry.io/proto/otlp v1.3.1 // indirect go.uber.org/multierr v1.11.0 // indirect - golang.org/x/net v0.30.0 // indirect - golang.org/x/oauth2 v0.23.0 // indirect - golang.org/x/sys v0.26.0 // indirect - golang.org/x/term v0.25.0 // indirect - golang.org/x/text v0.19.0 // indirect - golang.org/x/time v0.7.0 // indirect + golang.org/x/net v0.34.0 // indirect + golang.org/x/oauth2 v0.25.0 // indirect + golang.org/x/sync v0.10.0 // indirect + golang.org/x/sys v0.29.0 // indirect + golang.org/x/term v0.28.0 // indirect + golang.org/x/text v0.21.0 // indirect + golang.org/x/time v0.9.0 // indirect gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect - google.golang.org/protobuf v1.35.1 // indirect + google.golang.org/genproto/googleapis/api v0.0.0-20240826202546-f6391c0de4c7 // indirect + google.golang.org/genproto/googleapis/rpc v0.0.0-20240826202546-f6391c0de4c7 // indirect + google.golang.org/grpc v1.66.2 // indirect + google.golang.org/protobuf v1.36.4 // indirect gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect - k8s.io/apiextensions-apiserver v0.31.1 // indirect + k8s.io/apiextensions-apiserver v0.32.1 // indirect + k8s.io/apiserver v0.32.1 // indirect + k8s.io/component-base v0.32.1 // indirect k8s.io/klog/v2 v2.130.1 // indirect - k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f // indirect - sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect + k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 // indirect + sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 // indirect + sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect sigs.k8s.io/structured-merge-diff/v4 v4.5.0 // indirect sigs.k8s.io/yaml v1.4.0 // indirect ) diff --git a/go.sum b/go.sum index 96e72dd24..1b81fd0a8 100644 --- a/go.sum +++ b/go.sum @@ -1,21 +1,39 @@ +cel.dev/expr v0.18.0 h1:CJ6drgk+Hf96lkLikr4rFf19WrU0BOWEihyZnI2TAzo= +cel.dev/expr v0.18.0/go.mod h1:MrpN08Q+lEBs+bGYdLxxHkZoUSsCp0nSKTs0nTymJgw= +github.com/antlr4-go/antlr/v4 v4.13.0 h1:lxCg3LAv+EUK6t1i0y1V6/SLeUi0eKEKdhQAlS8TVTI= +github.com/antlr4-go/antlr/v4 v4.13.0/go.mod h1:pfChB/xh/Unjila75QW7+VU4TSnWnnk9UTnmpPaOR2g= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4B6AGu/h5Sxe66HYVdqdGu2l9Iebqhi/AEoA= +github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= +github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM= +github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ= +github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= +github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM= github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/emicklei/go-restful/v3 v3.12.0 h1:y2DdzBAURM29NFF94q6RaY4vjIH1rtwDapwQtU84iWk= -github.com/emicklei/go-restful/v3 v3.12.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= +github.com/emicklei/go-restful/v3 v3.12.1 h1:PJMDIM/ak7btuL8Ex0iYET9hxM3CI2sjZtzpL63nKAU= +github.com/emicklei/go-restful/v3 v3.12.1/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc= github.com/evanphx/json-patch v5.7.0+incompatible h1:vgGkfT/9f8zE6tvSCe74nfpAVDQ2tG6yudJd8LBksgI= github.com/evanphx/json-patch v5.7.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk= github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg= github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ= +github.com/felixge/httpsnoop v1.0.4 h1:NFTV2Zj1bL4mc9sqWACXbQFVBBg2W3GPvqp8/ESS2Wg= +github.com/felixge/httpsnoop v1.0.4/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U= +github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/8M= +github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= +github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY= github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= +github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ= github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg= github.com/go-openapi/jsonpointer v0.21.0 h1:YgdVicSA9vH5RiHs9TZW5oyafXZFc6+2Vc1rr/O9oNQ= @@ -24,31 +42,34 @@ github.com/go-openapi/jsonreference v0.21.0 h1:Rs+Y7hSXT83Jacb7kFyjn4ijOuVGSvOdF github.com/go-openapi/jsonreference v0.21.0/go.mod h1:LmZmgsrTkVg9LG4EaHeY8cBDslNPMo06cago5JNLkm4= github.com/go-openapi/swag v0.23.0 h1:vsEVJDUo2hPJ2tu0/Xc+4noaxyEffXNIs3cOULZ+GrE= github.com/go-openapi/swag v0.23.0/go.mod h1:esZ8ITTYEsH1V2trKHjAN8Ai7xHb8RV+YSZ577vPjgQ= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/mock v1.4.4 h1:l75CXGRSwbaYNpl/Z2X1XIIAMSCquvXgpVZDhwEIJsc= -github.com/golang/mock v1.4.4/go.mod h1:l3mdAwkq5BuhzHwde/uurv3sEJeZMXNpwsxVWU71h+4= +github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc= +github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= -github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= -github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U= +github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg= +github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4= +github.com/google/cel-go v0.22.0 h1:b3FJZxpiv1vTMo2/5RDUqAHPxkT8mmMfJIrq1llbf7g= +github.com/google/cel-go v0.22.0/go.mod h1:BuznPXXfQDpXKWQ9sPW3TzlAJN5zzFe+i9tIs0yC4s8= +github.com/google/gnostic-models v0.6.9 h1:MU/8wDLif2qCXZmzncUQ/BOfxWfthHi63KqpoNbWqVw= +github.com/google/gnostic-models v0.6.9/go.mod h1:CiWsm0s6BSQd1hRn8/QmxqB6BesYcbSZxsz9b0KuDBw= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8 h1:FKHo8hFI3A+7w0aUQuYXQ+6EN5stWmeY/AZqtM8xk9k= -github.com/google/pprof v0.0.0-20240727154555-813a5fbdbec8/go.mod h1:K1liHPHnj73Fdn/EKuT8nrFqBihUSKXoLYU0BuatOYo= +github.com/google/pprof v0.0.0-20250125003558-7fdb3d7e6fa0 h1:my2ucqBZmv+cWHIhZNSIYKzgN8EBGyHdC7zD5sASRAg= +github.com/google/pprof v0.0.0-20250125003558-7fdb3d7e6fa0/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= -github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 h1:bkypFPDjIYGfCYD5mRBvpqxfYX1YCS1PXdKYWi8FsN0= +github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0/go.mod h1:P+Lt/0by1T8bfcF3z737NnSbmxQAppXMRziHUxPOC8k= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY= github.com/josharian/intern v1.0.0/go.mod h1:5DoeVV0s6jJacbCEi61lwdGj/aVlrQvzHFFd8Hwg//Y= github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= @@ -57,12 +78,16 @@ github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dv github.com/kelseyhightower/envconfig v1.4.0/go.mod h1:cccZRl6mQpaq41TPp5QxidR+Sa3axMbJDNb//FQX6Gg= github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= +github.com/klauspost/compress v1.17.11 h1:In6xLpyWOi1+C7tXUUWv2ot1QvBjxevKAaI6IXrJmUc= +github.com/klauspost/compress v1.17.11/go.mod h1:pMDklpSncoRMuLFrf1W9Ss9KT+0rH90U12bZKk7uwG0= github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0= -github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc= +github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= +github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= +github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4= +github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU= github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= @@ -70,35 +95,47 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= -github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= -github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= -github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= +github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= +github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= +github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= +github.com/onsi/gomega v1.35.1/go.mod h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog= github.com/open-feature/flagd-schemas v0.2.9-0.20240708163558-2aa89b314322 h1:5zbNHqcZAc9jlhSrC0onuVL2RPpvYcDaNvW2wOZBfUY= github.com/open-feature/flagd-schemas v0.2.9-0.20240708163558-2aa89b314322/go.mod h1:WKtwo1eW9/K6D+4HfgTXWBqCDzpvMhDa5eRxW7R5B2U= -github.com/open-feature/open-feature-operator/apis v0.2.44 h1:0r4Z+RnJltuHdRBv79NFgAckhna6/M3Wcec6gzNX5vI= -github.com/open-feature/open-feature-operator/apis v0.2.44/go.mod h1:xB2uLzvUkbydieX7q6/NqannBz3bt/e5BS2DeOyyw4Q= +github.com/open-feature/flagd-schemas v0.2.9-0.20250127221449-bb763438abc5 h1:0RKCLYeQpvSsKR95kc894tm8GAZmq7bcG48v0KJ0HCs= +github.com/open-feature/flagd-schemas v0.2.9-0.20250127221449-bb763438abc5/go.mod h1:WKtwo1eW9/K6D+4HfgTXWBqCDzpvMhDa5eRxW7R5B2U= +github.com/open-feature/open-feature-operator/apis v0.2.45 h1:URnUf22ZoAx7/W8ek8dXCBYgY8FmnFEuEOSDLROQafY= +github.com/open-feature/open-feature-operator/apis v0.2.45/go.mod h1:PYh/Hfyna1lZYZUeu/8LM0qh0ZgpH7kKEXRLYaaRhGs= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U= github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE= -github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho= +github.com/prometheus/client_golang v1.20.5 h1:cxppBPuYhUnsO6yo/aoRol4L7q7UFfdm+bR9r+8l63Y= +github.com/prometheus/client_golang v1.20.5/go.mod h1:PIEt8X02hGcP8JWbeHyeZ53Y/jReSnHgO035n//V5WE= github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E= github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY= -github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc= -github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8= +github.com/prometheus/common v0.62.0 h1:xasJaQlnWAeyHdUBeGjXmutelfJHWMRr+Fg4QszZ2Io= +github.com/prometheus/common v0.62.0/go.mod h1:vyBcEuLSvWos9B1+CyL7JZ2up+uFzXhkqml0W5zIY1I= github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc= github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk= github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= +github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= +github.com/stoewer/go-strcase v1.3.0 h1:g0eASXYtp+yvN9fK8sH94oCIk0fau9uV1/ZdJ0AVEzs= +github.com/stoewer/go-strcase v1.3.0/go.mod h1:fAH5hQ5pehh+j3nZfvwdk2RgEgQjAoM8wodgtPmh1xo= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= -github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= +github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f h1:J9EGpcZtP0E/raorCMxlFGSTBrsSlaDGf3jU/qvAE2c= @@ -109,7 +146,24 @@ github.com/xeipuuv/gojsonschema v1.2.0 h1:LhYJRs+L4fBtjZUfuSZIKGeVu0QRy8e5Xi7D17 github.com/xeipuuv/gojsonschema v1.2.0/go.mod h1:anYRn/JVcOK2ZgGU+IjEV4nwlhoK5sQluxsYJ78Id3Y= github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= +github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0 h1:4K4tsIXefpVJtvA/8srF4V4y0akAoPHkIslgAkjixJA= +go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.53.0/go.mod h1:jjdQuTGVsXV4vSs+CJ2qYDeDPf9yIJV23qlIzBm73Vg= +go.opentelemetry.io/otel v1.28.0 h1:/SqNcYk+idO0CxKEUOtKQClMK/MimZihKYMruSMViUo= +go.opentelemetry.io/otel v1.28.0/go.mod h1:q68ijF8Fc8CnMHKyzqL6akLO46ePnjkgfIMIjUIX9z4= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0 h1:3Q/xZUyC1BBkualc9ROb4G8qkH90LXEIICcs5zv1OYY= +go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.28.0/go.mod h1:s75jGIWA9OfCMzF0xr+ZgfrB5FEbbV7UuYo32ahUiFI= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0 h1:qFffATk0X+HD+f1Z8lswGiOQYKHRlzfmdJm0wEaVrFA= +go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.27.0/go.mod h1:MOiCmryaYtc+V0Ei+Tx9o5S1ZjA7kzLucuVuyzBZloQ= +go.opentelemetry.io/otel/metric v1.28.0 h1:f0HGvSl1KRAU1DLgLGFjrwVyismPlnuU6JD6bOeuA5Q= +go.opentelemetry.io/otel/metric v1.28.0/go.mod h1:Fb1eVBFZmLVTMb6PPohq3TO9IIhUisDsbJoL/+uQW4s= +go.opentelemetry.io/otel/sdk v1.28.0 h1:b9d7hIry8yZsgtbmM0DKyPWMMUMlK9NEKuIG4aBqWyE= +go.opentelemetry.io/otel/sdk v1.28.0/go.mod h1:oYj7ClPUA7Iw3m+r7GeEjz0qckQRJK2B8zjcZEfu7Pg= +go.opentelemetry.io/otel/trace v1.28.0 h1:GhQ9cUuQGmNDd5BTCP2dAvv75RdMxEfTmYejp+lkx9g= +go.opentelemetry.io/otel/trace v1.28.0/go.mod h1:jPyXzNPg6da9+38HEwElrQiHlVMTnVfM3/yv2OlIHaI= +go.opentelemetry.io/proto/otlp v1.3.1 h1:TrMUixzpM0yuc/znrFTP9MMRh8trP93mkCiDVeXrui0= +go.opentelemetry.io/proto/otlp v1.3.1/go.mod h1:0X1WI4de4ZsLrrJNLAQbFeLCm3T7yBkR0XqQ7niQU+8= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= @@ -119,65 +173,76 @@ go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.25.0/go.mod h1:T+wALwcMOSE0kXgUAnPAHqTLW+XHgcELELW8VaDgm/M= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= +golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 h1:yqrTHse8TCMW1M1ZCP+VAR/l0kKxwaAIqN/il7x4voA= +golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8/go.mod h1:tujkw807nyEEAamNbDrEGzRav+ilXA7PCRAd6xsmwiU= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys= golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE= -golang.org/x/oauth2 v0.23.0 h1:PbgcYx2W7i4LvjJWEbf0ngHV6qJYr86PkAV3bXdLEbs= -golang.org/x/oauth2 v0.23.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= +golang.org/x/oauth2 v0.25.0 h1:CY4y7XT9v0cRI9oupztF8AgiIu99L/ksR/Xp/6jrZ70= +golang.org/x/oauth2 v0.25.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= +golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.22.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= -golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= +golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.22.0/go.mod h1:F3qCibpT5AMpCRfhfT53vVJwhLtIVHhB9XDjfFvnMI4= -golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= -golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= +golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= +golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI= -golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM= -golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= -golang.org/x/time v0.7.0 h1:ntUhktv3OPE6TgYxXWv9vKvUSJyIFJlyohwbkEwPrKQ= -golang.org/x/time v0.7.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= +golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= +golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/time v0.9.0 h1:EsRrnYcQiGH+5FfbgvV4AP7qEZstoyrHB0DzarOQ4ZY= +golang.org/x/time v0.9.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190425150028-36563e24a262/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= +golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= -golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24= -golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ= +golang.org/x/tools v0.29.0 h1:Xx0h3TtM9rzQpQuR4dKLrdglAmCEN5Oi+P74JdhdzXE= +golang.org/x/tools v0.29.0/go.mod h1:KMQVMRsVxU6nHCFXrBPhDB8XncLNLM0lIy/F14RP588= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw= gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY= -google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA= -google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/genproto/googleapis/api v0.0.0-20240826202546-f6391c0de4c7 h1:YcyjlL1PRr2Q17/I0dPk2JmYS5CDXfcdb2Z3YRioEbw= +google.golang.org/genproto/googleapis/api v0.0.0-20240826202546-f6391c0de4c7/go.mod h1:OCdP9MfskevB/rbYvHTsXTtKC+3bHWajPdoKgjcYkfo= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240826202546-f6391c0de4c7 h1:2035KHhUv+EpyB+hWgJnaWKJOdX1E95w2S8Rr4uWKTs= +google.golang.org/genproto/googleapis/rpc v0.0.0-20240826202546-f6391c0de4c7/go.mod h1:UqMtugtsSgubUsoxbuAoiCXvqvErP7Gf0so0mK9tHxU= +google.golang.org/grpc v1.66.2 h1:3QdXkuq3Bkh7w+ywLdLvM56cmGvQHUMZpiCzt6Rqaoo= +google.golang.org/grpc v1.66.2/go.mod h1:s3/l6xSSCURdVfAnL+TqCNMyTDAGN6+lZeVxnZR128Y= +google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM= +google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= @@ -185,28 +250,35 @@ gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSP gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M= gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -k8s.io/api v0.31.4 h1:I2QNzitPVsPeLQvexMEsj945QumYraqv9m74isPDKhM= -k8s.io/api v0.31.4/go.mod h1:d+7vgXLvmcdT1BCo79VEgJxHHryww3V5np2OYTr6jdw= -k8s.io/apiextensions-apiserver v0.31.1 h1:L+hwULvXx+nvTYX/MKM3kKMZyei+UiSXQWciX/N6E40= -k8s.io/apiextensions-apiserver v0.31.1/go.mod h1:tWMPR3sgW+jsl2xm9v7lAyRF1rYEK71i9G5dRtkknoQ= -k8s.io/apimachinery v0.31.4 h1:8xjE2C4CzhYVm9DGf60yohpNUh5AEBnPxCryPBECmlM= -k8s.io/apimachinery v0.31.4/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo= -k8s.io/client-go v0.31.4 h1:t4QEXt4jgHIkKKlx06+W3+1JOwAFU/2OPiOo7H92eRQ= -k8s.io/client-go v0.31.4/go.mod h1:kvuMro4sFYIa8sulL5Gi5GFqUPvfH2O/dXuKstbaaeg= +k8s.io/api v0.32.1 h1:f562zw9cy+GvXzXf0CKlVQ7yHJVYzLfL6JAS4kOAaOc= +k8s.io/api v0.32.1/go.mod h1:/Yi/BqkuueW1BgpoePYBRdDYfjPF5sgTr5+YqDZra5k= +k8s.io/apiextensions-apiserver v0.32.1 h1:hjkALhRUeCariC8DiVmb5jj0VjIc1N0DREP32+6UXZw= +k8s.io/apiextensions-apiserver v0.32.1/go.mod h1:sxWIGuGiYov7Io1fAS2X06NjMIk5CbRHc2StSmbaQto= +k8s.io/apimachinery v0.32.1 h1:683ENpaCBjma4CYqsmZyhEzrGz6cjn1MY/X2jB2hkZs= +k8s.io/apimachinery v0.32.1/go.mod h1:GpHVgxoKlTxClKcteaeuF1Ul/lDVb74KpZcxcmLDElE= +k8s.io/apiserver v0.32.1 h1:oo0OozRos66WFq87Zc5tclUX2r0mymoVHRq8JmR7Aak= +k8s.io/apiserver v0.32.1/go.mod h1:UcB9tWjBY7aryeI5zAgzVJB/6k7E97bkr1RgqDz0jPw= +k8s.io/client-go v0.32.1 h1:otM0AxdhdBIaQh7l1Q0jQpmo7WOFIk5FFa4bg6YMdUU= +k8s.io/client-go v0.32.1/go.mod h1:aTTKZY7MdxUaJ/KiUs8D+GssR9zJZi77ZqtzcGXIiDg= +k8s.io/component-base v0.32.1 h1:/5IfJ0dHIKBWysGV0yKTFfacZ5yNV1sulPh3ilJjRZk= +k8s.io/component-base v0.32.1/go.mod h1:j1iMMHi/sqAHeG5z+O9BFNCF698a1u0186zkjMZQ28w= k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk= k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE= -k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f h1:GA7//TjRY9yWGy1poLzYYJJ4JRdzg3+O6e8I+e+8T5Y= -k8s.io/kube-openapi v0.0.0-20241105132330-32ad38e42d3f/go.mod h1:R/HEjbvWI0qdfb8viZUeVZm0X6IZnxAydC7YU42CMw4= +k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7 h1:hcha5B1kVACrLujCKLbr8XWMxCxzQx42DY8QKYJrDLg= +k8s.io/kube-openapi v0.0.0-20241212222426-2c72e554b1e7/go.mod h1:GewRfANuJ70iYzvn+i4lezLDAFzvjxZYK1gn1lWcfas= k8s.io/utils v0.0.0-20241210054802-24370beab758 h1:sdbE21q2nlQtFh65saZY+rRM6x6aJJI8IUa1AmH/qa0= k8s.io/utils v0.0.0-20241210054802-24370beab758/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0= -sigs.k8s.io/controller-runtime v0.18.6 h1:UnEoLBLDpQwzJ2jYh6aTdiMhGjNDR7IdFn9YEqHIccc= -sigs.k8s.io/controller-runtime v0.18.6/go.mod h1:Dcsa9v8AEBWa3sQNJHsuWPT4ICv99irl5wj83NiC12U= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0 h1:CPT0ExVicCzcpeN4baWEV2ko2Z/AsiZgEdwgcfwLgMo= +sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.31.0/go.mod h1:Ve9uj1L+deCXFrPOk1LpFXqTg7LCFzFso6PA48q/XZw= +sigs.k8s.io/controller-runtime v0.20.1 h1:JbGMAG/X94NeM3xvjenVUaBjy6Ui4Ogd/J5ZtjZnHaE= +sigs.k8s.io/controller-runtime v0.20.1/go.mod h1:BrP3w158MwvB3ZbNpaAcIKkHQ7YGpYnzpoSTZ8E14WU= sigs.k8s.io/gateway-api v1.2.1 h1:fZZ/+RyRb+Y5tGkwxFKuYuSRQHu9dZtbjenblleOLHM= sigs.k8s.io/gateway-api v1.2.1/go.mod h1:EpNfEXNjiYfUJypf0eZ0P5iXA9ekSGWaS1WgPaM42X0= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 h1:/Rv+M11QRah1itp8VhT6HoVx1Ray9eB4DBr+K+/sCJ8= -sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3/go.mod h1:18nIHnGi6636UCz6m8i4DhaJ65T6EruyzmoQqI2BVDo= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 h1:gBQPwqORJ8d8/YNZWEjoZs7npUVDpVXUUOFfW6CgAqE= +sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg= sigs.k8s.io/structured-merge-diff/v4 v4.5.0 h1:nbCitCK2hfnhyiKo6uf2HxUPTCodY6Qaf85SbDIaMBk= sigs.k8s.io/structured-merge-diff/v4 v4.5.0/go.mod h1:N8f93tFZh9U6vpxwRArLiikrE5/2tiu1w1AGfACIGE4= sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= diff --git a/common/common.go b/internal/common/common.go similarity index 100% rename from common/common.go rename to internal/common/common.go diff --git a/common/common_test.go b/internal/common/common_test.go similarity index 100% rename from common/common_test.go rename to internal/common/common_test.go diff --git a/common/flagdinjector/fake/flagdinjector_mock.go b/internal/common/flagdinjector/fake/flagdinjector_mock.go similarity index 100% rename from common/flagdinjector/fake/flagdinjector_mock.go rename to internal/common/flagdinjector/fake/flagdinjector_mock.go diff --git a/common/flagdinjector/flagdinjector.go b/internal/common/flagdinjector/flagdinjector.go similarity index 98% rename from common/flagdinjector/flagdinjector.go rename to internal/common/flagdinjector/flagdinjector.go index a5fb545a7..94b72115a 100644 --- a/common/flagdinjector/flagdinjector.go +++ b/internal/common/flagdinjector/flagdinjector.go @@ -9,10 +9,10 @@ import ( "github.com/go-logr/logr" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" apicommon "github.com/open-feature/open-feature-operator/apis/core/v1beta1/common" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/flagdproxy" - "github.com/open-feature/open-feature-operator/common/types" - "github.com/open-feature/open-feature-operator/common/utils" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/flagdproxy" + "github.com/open-feature/open-feature-operator/internal/common/types" + "github.com/open-feature/open-feature-operator/internal/common/utils" appsV1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" diff --git a/common/flagdinjector/flagdinjector_test.go b/internal/common/flagdinjector/flagdinjector_test.go similarity index 99% rename from common/flagdinjector/flagdinjector_test.go rename to internal/common/flagdinjector/flagdinjector_test.go index 1f658c5df..c53865f82 100644 --- a/common/flagdinjector/flagdinjector_test.go +++ b/internal/common/flagdinjector/flagdinjector_test.go @@ -9,9 +9,9 @@ import ( "github.com/go-logr/logr/testr" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" apicommon "github.com/open-feature/open-feature-operator/apis/core/v1beta1/common" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/flagdproxy" - "github.com/open-feature/open-feature-operator/common/utils" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/flagdproxy" + "github.com/open-feature/open-feature-operator/internal/common/utils" "github.com/stretchr/testify/require" appsV1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" diff --git a/common/flagdinjector/mock/flagd-injector.go b/internal/common/flagdinjector/mock/flagd-injector.go similarity index 100% rename from common/flagdinjector/mock/flagd-injector.go rename to internal/common/flagdinjector/mock/flagd-injector.go diff --git a/common/flagdproxy/flagdproxy.go b/internal/common/flagdproxy/flagdproxy.go similarity index 98% rename from common/flagdproxy/flagdproxy.go rename to internal/common/flagdproxy/flagdproxy.go index c96f8e269..3bbebc9e5 100644 --- a/common/flagdproxy/flagdproxy.go +++ b/internal/common/flagdproxy/flagdproxy.go @@ -6,8 +6,8 @@ import ( "reflect" "github.com/go-logr/logr" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/types" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/types" "golang.org/x/exp/maps" appsV1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/common/flagdproxy/flagdproxy_test.go b/internal/common/flagdproxy/flagdproxy_test.go similarity index 99% rename from common/flagdproxy/flagdproxy_test.go rename to internal/common/flagdproxy/flagdproxy_test.go index b3a5a4c02..5124e7b44 100644 --- a/common/flagdproxy/flagdproxy_test.go +++ b/internal/common/flagdproxy/flagdproxy_test.go @@ -6,8 +6,8 @@ import ( "testing" "github.com/go-logr/logr/testr" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/types" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/types" "github.com/stretchr/testify/require" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/common/types/envconfig.go b/internal/common/types/envconfig.go similarity index 99% rename from common/types/envconfig.go rename to internal/common/types/envconfig.go index c2c4231fa..f9b5be51b 100644 --- a/common/types/envconfig.go +++ b/internal/common/types/envconfig.go @@ -6,14 +6,14 @@ type EnvConfig struct { FlagsValidationEnabled bool `envconfig:"FLAGS_VALIDATION_ENABLED" default:"true"` FlagdProxyReplicaCount int `envconfig:"FLAGD_PROXY_REPLICA_COUNT" default:"1"` // renovate: datasource=github-tags depName=open-feature/flagd/flagd-proxy - FlagdProxyTag string `envconfig:"FLAGD_PROXY_TAG" default:"v0.6.4"` + FlagdProxyTag string `envconfig:"FLAGD_PROXY_TAG" default:"v0.7.0"` FlagdProxyPort int `envconfig:"FLAGD_PROXY_PORT" default:"8015"` FlagdProxyManagementPort int `envconfig:"FLAGD_PROXY_MANAGEMENT_PORT" default:"8016"` FlagdProxyDebugLogging bool `envconfig:"FLAGD_PROXY_DEBUG_LOGGING" default:"false"` FlagdImage string `envconfig:"FLAGD_IMAGE" default:"ghcr.io/open-feature/flagd"` // renovate: datasource=github-tags depName=open-feature/flagd/flagd - FlagdTag string `envconfig:"FLAGD_TAG" default:"v0.11.1"` + FlagdTag string `envconfig:"FLAGD_TAG" default:"v0.12.0"` FlagdPort int `envconfig:"FLAGD_PORT" default:"8013"` FlagdOFREPPort int `envconfig:"FLAGD_OFREP_PORT" default:"8016"` FlagdSyncPort int `envconfig:"FLAGD_SYNC_PORT" default:"8015"` @@ -25,7 +25,7 @@ type EnvConfig struct { SidecarPort int `envconfig:"SIDECAR_PORT" default:"8013"` SidecarImage string `envconfig:"SIDECAR_IMAGE" default:"ghcr.io/open-feature/flagd"` // renovate: datasource=github-tags depName=open-feature/flagd/flagd - SidecarTag string `envconfig:"SIDECAR_TAG" default:"v0.11.1"` + SidecarTag string `envconfig:"SIDECAR_TAG" default:"v0.12.0"` SidecarSocketPath string `envconfig:"SIDECAR_SOCKET_PATH" default:""` SidecarEvaluator string `envconfig:"SIDECAR_EVALUATOR" default:"json"` SidecarProviderArgs string `envconfig:"SIDECAR_PROVIDER_ARGS" default:""` diff --git a/common/types/sourceconfig.go b/internal/common/types/sourceconfig.go similarity index 100% rename from common/types/sourceconfig.go rename to internal/common/types/sourceconfig.go diff --git a/common/utils/utils.go b/internal/common/utils/utils.go similarity index 100% rename from common/utils/utils.go rename to internal/common/utils/utils.go diff --git a/common/utils/utils_test.go b/internal/common/utils/utils_test.go similarity index 100% rename from common/utils/utils_test.go rename to internal/common/utils/utils_test.go diff --git a/controllers/core/featureflagsource/controller.go b/internal/controller/core/featureflagsource/controller.go similarity index 96% rename from controllers/core/featureflagsource/controller.go rename to internal/controller/core/featureflagsource/controller.go index 98857db29..a3b54248e 100644 --- a/controllers/core/featureflagsource/controller.go +++ b/internal/controller/core/featureflagsource/controller.go @@ -24,9 +24,9 @@ import ( "github.com/go-logr/logr" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/flagdproxy" - "github.com/open-feature/open-feature-operator/common/utils" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/flagdproxy" + "github.com/open-feature/open-feature-operator/internal/common/utils" appsV1 "k8s.io/api/apps/v1" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" @@ -50,7 +50,7 @@ type FeatureFlagSourceReconciler struct { } // renovate: datasource=github-tags depName=open-feature/flagd/flagd-proxy -const flagdProxyTag = "v0.6.4" +const flagdProxyTag = "v0.7.0" //+kubebuilder:rbac:groups=core.openfeature.dev,resources=featureflagsources,verbs=get;list;watch;create;update;patch;delete //+kubebuilder:rbac:groups=core.openfeature.dev,resources=featureflagsources/status,verbs=get;update;patch diff --git a/controllers/core/featureflagsource/controller_test.go b/internal/controller/core/featureflagsource/controller_test.go similarity index 96% rename from controllers/core/featureflagsource/controller_test.go rename to internal/controller/core/featureflagsource/controller_test.go index d88451b78..a53223eb4 100644 --- a/controllers/core/featureflagsource/controller_test.go +++ b/internal/controller/core/featureflagsource/controller_test.go @@ -8,10 +8,10 @@ import ( api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" apicommon "github.com/open-feature/open-feature-operator/apis/core/v1beta1/common" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/flagdproxy" - commontypes "github.com/open-feature/open-feature-operator/common/types" - "github.com/open-feature/open-feature-operator/common/utils" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/flagdproxy" + commontypes "github.com/open-feature/open-feature-operator/internal/common/types" + "github.com/open-feature/open-feature-operator/internal/common/utils" "github.com/stretchr/testify/require" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/core/flagd/common/common.go b/internal/controller/core/flagd/common/common.go similarity index 100% rename from controllers/core/flagd/common/common.go rename to internal/controller/core/flagd/common/common.go diff --git a/controllers/core/flagd/config.go b/internal/controller/core/flagd/config.go similarity index 75% rename from controllers/core/flagd/config.go rename to internal/controller/core/flagd/config.go index 33a1c3434..2c869e622 100644 --- a/controllers/core/flagd/config.go +++ b/internal/controller/core/flagd/config.go @@ -1,9 +1,9 @@ package flagd import ( - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/types" - resources "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/types" + resources "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" ) func NewFlagdConfiguration(env types.EnvConfig, imagePullSecrets []string, labels map[string]string, annotations map[string]string) resources.FlagdConfiguration { diff --git a/controllers/core/flagd/controller.go b/internal/controller/core/flagd/controller.go similarity index 95% rename from controllers/core/flagd/controller.go rename to internal/controller/core/flagd/controller.go index 6c823b5ae..33ede98bc 100644 --- a/controllers/core/flagd/controller.go +++ b/internal/controller/core/flagd/controller.go @@ -22,8 +22,8 @@ import ( "github.com/go-logr/logr" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - resources2 "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" - "github.com/open-feature/open-feature-operator/controllers/core/flagd/resources" + resources2 "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/resources" appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" diff --git a/controllers/core/flagd/controller_test.go b/internal/controller/core/flagd/controller_test.go similarity index 97% rename from controllers/core/flagd/controller_test.go rename to internal/controller/core/flagd/controller_test.go index f2dbb1a25..8694f4748 100644 --- a/controllers/core/flagd/controller_test.go +++ b/internal/controller/core/flagd/controller_test.go @@ -10,9 +10,9 @@ import ( "github.com/golang/mock/gomock" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - resources "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" - commonmock "github.com/open-feature/open-feature-operator/controllers/core/flagd/mock" - resourcemock "github.com/open-feature/open-feature-operator/controllers/core/flagd/resources/mock" + resources "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" + commonmock "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/mock" + resourcemock "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/resources/mock" "github.com/stretchr/testify/require" appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" diff --git a/controllers/core/flagd/mock/mock.go b/internal/controller/core/flagd/mock/mock.go similarity index 95% rename from controllers/core/flagd/mock/mock.go rename to internal/controller/core/flagd/mock/mock.go index 0df09e3d6..6b1779ca3 100644 --- a/controllers/core/flagd/mock/mock.go +++ b/internal/controller/core/flagd/mock/mock.go @@ -6,11 +6,11 @@ package commonmock import ( context "context" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/resources" reflect "reflect" gomock "github.com/golang/mock/gomock" v1beta1 "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - resources "github.com/open-feature/open-feature-operator/controllers/core/flagd/resources" client "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/controllers/core/flagd/resource_reconciler.go b/internal/controller/core/flagd/resource_reconciler.go similarity index 94% rename from controllers/core/flagd/resource_reconciler.go rename to internal/controller/core/flagd/resource_reconciler.go index fcb11c938..4808d1b3a 100644 --- a/controllers/core/flagd/resource_reconciler.go +++ b/internal/controller/core/flagd/resource_reconciler.go @@ -6,8 +6,8 @@ import ( "github.com/go-logr/logr" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/controllers/core/flagd/resources" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/resources" "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/runtime" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/controllers/core/flagd/resource_reconciler_test.go b/internal/controller/core/flagd/resource_reconciler_test.go similarity index 96% rename from controllers/core/flagd/resource_reconciler_test.go rename to internal/controller/core/flagd/resource_reconciler_test.go index 964fe614b..8bbfc91be 100644 --- a/controllers/core/flagd/resource_reconciler_test.go +++ b/internal/controller/core/flagd/resource_reconciler_test.go @@ -7,8 +7,8 @@ import ( "github.com/golang/mock/gomock" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - resourcemock "github.com/open-feature/open-feature-operator/controllers/core/flagd/resources/mock" + "github.com/open-feature/open-feature-operator/internal/common" + resourcemock "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/resources/mock" "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/controllers/core/flagd/resources/deployment.go b/internal/controller/core/flagd/resources/deployment.go similarity index 94% rename from controllers/core/flagd/resources/deployment.go rename to internal/controller/core/flagd/resources/deployment.go index 05b71ae80..70d1e92ad 100644 --- a/controllers/core/flagd/resources/deployment.go +++ b/internal/controller/core/flagd/resources/deployment.go @@ -8,9 +8,9 @@ import ( "github.com/go-logr/logr" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/flagdinjector" - resources "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/flagdinjector" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" "golang.org/x/exp/maps" appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" diff --git a/controllers/core/flagd/resources/deployment_test.go b/internal/controller/core/flagd/resources/deployment_test.go similarity index 97% rename from controllers/core/flagd/resources/deployment_test.go rename to internal/controller/core/flagd/resources/deployment_test.go index f2209f359..282530c2e 100644 --- a/controllers/core/flagd/resources/deployment_test.go +++ b/internal/controller/core/flagd/resources/deployment_test.go @@ -9,8 +9,8 @@ import ( "github.com/golang/mock/gomock" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - commonfake "github.com/open-feature/open-feature-operator/common/flagdinjector/fake" - resources "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" + commonfake "github.com/open-feature/open-feature-operator/internal/common/flagdinjector/fake" + resources "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" "github.com/stretchr/testify/require" appsv1 "k8s.io/api/apps/v1" v1 "k8s.io/api/core/v1" diff --git a/controllers/core/flagd/resources/gateway_api.go b/internal/controller/core/flagd/resources/gateway_api.go similarity index 96% rename from controllers/core/flagd/resources/gateway_api.go rename to internal/controller/core/flagd/resources/gateway_api.go index 561344785..f2d0a62a1 100644 --- a/controllers/core/flagd/resources/gateway_api.go +++ b/internal/controller/core/flagd/resources/gateway_api.go @@ -5,8 +5,8 @@ import ( "reflect" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" gatewayApiv1 "sigs.k8s.io/gateway-api/apis/v1" diff --git a/controllers/core/flagd/resources/gateway_api_test.go b/internal/controller/core/flagd/resources/gateway_api_test.go similarity index 98% rename from controllers/core/flagd/resources/gateway_api_test.go rename to internal/controller/core/flagd/resources/gateway_api_test.go index 934b595d3..0f2f55f97 100644 --- a/controllers/core/flagd/resources/gateway_api_test.go +++ b/internal/controller/core/flagd/resources/gateway_api_test.go @@ -5,7 +5,7 @@ import ( "testing" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" + "github.com/open-feature/open-feature-operator/internal/common" "github.com/stretchr/testify/require" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" gatewayApiv1 "sigs.k8s.io/gateway-api/apis/v1" diff --git a/controllers/core/flagd/resources/ingress.go b/internal/controller/core/flagd/resources/ingress.go similarity index 96% rename from controllers/core/flagd/resources/ingress.go rename to internal/controller/core/flagd/resources/ingress.go index 847700b99..be9938cf9 100644 --- a/controllers/core/flagd/resources/ingress.go +++ b/internal/controller/core/flagd/resources/ingress.go @@ -5,8 +5,8 @@ import ( "reflect" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - resources "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" networkingv1 "k8s.io/api/networking/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/controllers/core/flagd/resources/ingress_test.go b/internal/controller/core/flagd/resources/ingress_test.go similarity index 99% rename from controllers/core/flagd/resources/ingress_test.go rename to internal/controller/core/flagd/resources/ingress_test.go index 9f31a3fdf..f28818dd4 100644 --- a/controllers/core/flagd/resources/ingress_test.go +++ b/internal/controller/core/flagd/resources/ingress_test.go @@ -6,7 +6,7 @@ import ( "testing" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" + "github.com/open-feature/open-feature-operator/internal/common" "github.com/stretchr/testify/require" v1 "k8s.io/api/core/v1" networkingv1 "k8s.io/api/networking/v1" diff --git a/controllers/core/flagd/resources/interface.go b/internal/controller/core/flagd/resources/interface.go similarity index 100% rename from controllers/core/flagd/resources/interface.go rename to internal/controller/core/flagd/resources/interface.go diff --git a/controllers/core/flagd/resources/mock/mock.go b/internal/controller/core/flagd/resources/mock/mock.go similarity index 100% rename from controllers/core/flagd/resources/mock/mock.go rename to internal/controller/core/flagd/resources/mock/mock.go diff --git a/controllers/core/flagd/resources/service.go b/internal/controller/core/flagd/resources/service.go similarity index 93% rename from controllers/core/flagd/resources/service.go rename to internal/controller/core/flagd/resources/service.go index 5a46b19e9..aae15beed 100644 --- a/controllers/core/flagd/resources/service.go +++ b/internal/controller/core/flagd/resources/service.go @@ -5,8 +5,8 @@ import ( "reflect" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/controllers/core/flagd/common" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/controller/core/flagd/common" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/intstr" diff --git a/controllers/core/flagd/resources/service_test.go b/internal/controller/core/flagd/resources/service_test.go similarity index 100% rename from controllers/core/flagd/resources/service_test.go rename to internal/controller/core/flagd/resources/service_test.go diff --git a/webhooks/common.go b/internal/webhook/common.go similarity index 96% rename from webhooks/common.go rename to internal/webhook/common.go index a38c0aed5..1a29ae08d 100644 --- a/webhooks/common.go +++ b/internal/webhook/common.go @@ -1,4 +1,4 @@ -package webhooks +package webhook import ( "context" @@ -7,8 +7,8 @@ import ( api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" apicommon "github.com/open-feature/open-feature-operator/apis/core/v1beta1/common" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/types" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/types" corev1 "k8s.io/api/core/v1" "sigs.k8s.io/controller-runtime/pkg/client" ) diff --git a/webhooks/common_test.go b/internal/webhook/common_test.go similarity index 97% rename from webhooks/common_test.go rename to internal/webhook/common_test.go index 2bd100fd1..fa532333c 100644 --- a/webhooks/common_test.go +++ b/internal/webhook/common_test.go @@ -1,4 +1,4 @@ -package webhooks +package webhook import ( "fmt" @@ -7,8 +7,8 @@ import ( api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" apicommon "github.com/open-feature/open-feature-operator/apis/core/v1beta1/common" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/types" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/types" "github.com/stretchr/testify/require" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/apis/core/v1beta1/featureflag_webhook.go b/internal/webhook/featureflag_webhook.go similarity index 53% rename from apis/core/v1beta1/featureflag_webhook.go rename to internal/webhook/featureflag_webhook.go index 539507847..55d4d4ff4 100644 --- a/apis/core/v1beta1/featureflag_webhook.go +++ b/internal/webhook/featureflag_webhook.go @@ -14,16 +14,17 @@ See the License for the specific language governing permissions and limitations under the License. */ -package v1beta1 +package webhook import ( + "context" + _ "embed" "encoding/json" "fmt" "sync" - _ "embed" - schema "github.com/open-feature/flagd-schemas/json" + "github.com/open-feature/open-feature-operator/apis/core/v1beta1" "github.com/xeipuuv/gojsonschema" "k8s.io/apimachinery/pkg/runtime" ctrl "sigs.k8s.io/controller-runtime" @@ -32,26 +33,36 @@ import ( "sigs.k8s.io/controller-runtime/pkg/webhook/admission" ) +type FeatureFlagCustomValidator struct { +} + // log is for logging in this package. -var featureFlagLog = logf.Log.WithName("featureflag-resource") +var featureFlagLog = logf.Log.WithName("featureflag-resource validator") var compiledSchema *gojsonschema.Schema var schemaInitOnce sync.Once -func (ff *FeatureFlag) SetupWebhookWithManager(mgr ctrl.Manager) error { +func (v *FeatureFlagCustomValidator) SetupWebhookWithManager(mgr ctrl.Manager) error { return ctrl.NewWebhookManagedBy(mgr). - For(ff). + For(&v1beta1.FeatureFlag{}). + WithValidator(&FeatureFlagCustomValidator{}). Complete() } -//+kubebuilder:webhook:path=/validate-core-openfeature-dev-v1beta1-featureflag,mutating=false,failurePolicy=fail,sideEffects=None,groups=core.openfeature.dev,resources=featureflags,verbs=create;update,versions=v1beta1,name=vfeatureflag.kb.io,admissionReviewVersions=v1 +// +kubebuilder:webhook:path=/validate-core-openfeature-dev-v1beta1-featureflag,mutating=false,failurePolicy=fail,sideEffects=None,groups=core.openfeature.dev,resources=featureflags,verbs=create;update,versions=v1beta1,name=vfeatureflag.kb.io,admissionReviewVersions=v1 -var _ webhook.Validator = &FeatureFlag{} +var _ webhook.CustomValidator = &FeatureFlagCustomValidator{} // ValidateCreate implements webhook.Validator so a webhook will be registered for the type -func (ff *FeatureFlag) ValidateCreate() (admission.Warnings, error) { - featureFlagLog.Info("validate create", "name", ff.Name) +func (v *FeatureFlagCustomValidator) ValidateCreate(ctx context.Context, obj runtime.Object) (warnings admission.Warnings, err error) { + featureFlag, ok := obj.(*v1beta1.FeatureFlag) + + if !ok { + return nil, fmt.Errorf("expected a FeatureFlag object but got %T", obj) + } + + featureFlagLog.Info("validate create", "name", featureFlag.Name) - if err := validateFeatureFlagFlags(ff.Spec.FlagSpec.Flags); err != nil { + if err := validateFeatureFlagFlags(featureFlag.Spec.FlagSpec.Flags); err != nil { return []string{}, err } @@ -59,10 +70,16 @@ func (ff *FeatureFlag) ValidateCreate() (admission.Warnings, error) { } // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type -func (ff *FeatureFlag) ValidateUpdate(old runtime.Object) (admission.Warnings, error) { - featureFlagLog.Info("validate update", "name", ff.Name) +func (v *FeatureFlagCustomValidator) ValidateUpdate(ctx context.Context, oldObj runtime.Object, newObj runtime.Object) (warnings admission.Warnings, err error) { + featureFlag, ok := oldObj.(*v1beta1.FeatureFlag) - if err := validateFeatureFlagFlags(ff.Spec.FlagSpec.Flags); err != nil { + if !ok { + return nil, fmt.Errorf("expected a FeatureFlag object but got %T", oldObj) + } + + featureFlagLog.Info("validate update", "name", featureFlag.Name) + + if err := validateFeatureFlagFlags(featureFlag.Spec.FlagSpec.Flags); err != nil { return []string{}, err } @@ -70,13 +87,19 @@ func (ff *FeatureFlag) ValidateUpdate(old runtime.Object) (admission.Warnings, e } // ValidateDelete implements webhook.Validator so a webhook will be registered for the type -func (ff *FeatureFlag) ValidateDelete() (admission.Warnings, error) { - featureFlagLog.Info("validate delete", "name", ff.Name) +func (v *FeatureFlagCustomValidator) ValidateDelete(ctx context.Context, obj runtime.Object) (warnings admission.Warnings, err error) { + featureFlag, ok := obj.(*v1beta1.FeatureFlag) + + if !ok { + return nil, fmt.Errorf("expected a FeatureFlag object but got %T", obj) + } + + featureFlagLog.Info("validate delete", "name", featureFlag.Name) return []string{}, nil } -func validateFeatureFlagFlags(flags Flags) error { +func validateFeatureFlagFlags(flags v1beta1.Flags) error { b, err := json.Marshal(flags) if err != nil { return err @@ -97,9 +120,10 @@ func validateFeatureFlagFlags(flags Flags) error { if !result.Valid() { err = fmt.Errorf("") for _, desc := range result.Errors() { - err = fmt.Errorf(err.Error() + desc.Description() + "\n") + err = fmt.Errorf("%s", err.Error()+desc.Description()+"\n") } } + return err } diff --git a/apis/core/v1beta1/featureflag_webhook_test.go b/internal/webhook/featureflag_webhook_test.go similarity index 86% rename from apis/core/v1beta1/featureflag_webhook_test.go rename to internal/webhook/featureflag_webhook_test.go index 0696929c0..f28c16b1f 100644 --- a/apis/core/v1beta1/featureflag_webhook_test.go +++ b/internal/webhook/featureflag_webhook_test.go @@ -1,22 +1,23 @@ -package v1beta1 +package webhook import ( "encoding/json" "testing" + "github.com/open-feature/open-feature-operator/apis/core/v1beta1" "github.com/stretchr/testify/require" ) func Test_validateFeatureFlagTargeting(t *testing.T) { tests := []struct { name string - in Flags + in v1beta1.Flags wantErr bool }{ { name: "happy path", - in: Flags{ - FlagsMap: map[string]Flag{ + in: v1beta1.Flags{ + FlagsMap: map[string]v1beta1.Flag{ "fractional": { State: "ENABLED", Variants: json.RawMessage(`{ @@ -42,8 +43,8 @@ func Test_validateFeatureFlagTargeting(t *testing.T) { }, { name: "happy path no targeting", - in: Flags{ - FlagsMap: map[string]Flag{ + in: v1beta1.Flags{ + FlagsMap: map[string]v1beta1.Flag{ "fractional": { State: "ENABLED", Variants: json.RawMessage(`{ @@ -61,8 +62,8 @@ func Test_validateFeatureFlagTargeting(t *testing.T) { }, { name: "fractional invalid bucketing", - in: Flags{ - FlagsMap: map[string]Flag{ + in: v1beta1.Flags{ + FlagsMap: map[string]v1beta1.Flag{ "fractional-invalid-bucketing": { State: "ENABLED", Variants: json.RawMessage(`{ @@ -89,8 +90,8 @@ func Test_validateFeatureFlagTargeting(t *testing.T) { }, { name: "empty variants", - in: Flags{ - FlagsMap: map[string]Flag{ + in: v1beta1.Flags{ + FlagsMap: map[string]v1beta1.Flag{ "fractional-invalid-bucketing": { State: "ENABLED", Variants: json.RawMessage{}, @@ -102,8 +103,8 @@ func Test_validateFeatureFlagTargeting(t *testing.T) { }, { name: "fractional invalid weighting", - in: Flags{ - FlagsMap: map[string]Flag{ + in: v1beta1.Flags{ + FlagsMap: map[string]v1beta1.Flag{ "fractional-invalid-weighting": { State: "ENABLED", Variants: json.RawMessage(`{ @@ -129,8 +130,8 @@ func Test_validateFeatureFlagTargeting(t *testing.T) { }, { name: "invalid-ends-with-param", - in: Flags{ - FlagsMap: map[string]Flag{ + in: v1beta1.Flags{ + FlagsMap: map[string]v1beta1.Flag{ "invalid-ends-with-param": { State: "ENABLED", Variants: json.RawMessage(`{ diff --git a/webhooks/pod_webhook.go b/internal/webhook/pod_webhook.go similarity index 95% rename from webhooks/pod_webhook.go rename to internal/webhook/pod_webhook.go index cf5b3791f..66806b94a 100644 --- a/webhooks/pod_webhook.go +++ b/internal/webhook/pod_webhook.go @@ -1,4 +1,4 @@ -package webhooks +package webhook import ( "context" @@ -10,11 +10,11 @@ import ( "github.com/go-logr/logr" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" - "github.com/open-feature/open-feature-operator/common" - "github.com/open-feature/open-feature-operator/common/flagdinjector" - "github.com/open-feature/open-feature-operator/common/flagdproxy" - "github.com/open-feature/open-feature-operator/common/types" - "github.com/open-feature/open-feature-operator/common/utils" + "github.com/open-feature/open-feature-operator/internal/common" + "github.com/open-feature/open-feature-operator/internal/common/flagdinjector" + "github.com/open-feature/open-feature-operator/internal/common/flagdproxy" + "github.com/open-feature/open-feature-operator/internal/common/types" + "github.com/open-feature/open-feature-operator/internal/common/utils" corev1 "k8s.io/api/core/v1" k8serrors "k8s.io/apimachinery/pkg/api/errors" "sigs.k8s.io/controller-runtime/pkg/cache" diff --git a/webhooks/pod_webhook_test.go b/internal/webhook/pod_webhook_test.go similarity index 99% rename from webhooks/pod_webhook_test.go rename to internal/webhook/pod_webhook_test.go index f3bc69fe6..9f95395aa 100644 --- a/webhooks/pod_webhook_test.go +++ b/internal/webhook/pod_webhook_test.go @@ -1,4 +1,4 @@ -package webhooks +package webhook import ( "context" @@ -13,8 +13,8 @@ import ( "github.com/golang/mock/gomock" api "github.com/open-feature/open-feature-operator/apis/core/v1beta1" apicommon "github.com/open-feature/open-feature-operator/apis/core/v1beta1/common" - "github.com/open-feature/open-feature-operator/common" - flagdinjectorfake "github.com/open-feature/open-feature-operator/common/flagdinjector/fake" + "github.com/open-feature/open-feature-operator/internal/common" + flagdinjectorfake "github.com/open-feature/open-feature-operator/internal/common/flagdinjector/fake" "github.com/stretchr/testify/require" admissionv1 "k8s.io/api/admission/v1" corev1 "k8s.io/api/core/v1" diff --git a/test/e2e/chainsaw/assets/manifests.yaml b/test/e2e/chainsaw/assets/manifests.yaml index e9d9527c8..631ecaeb7 100644 --- a/test/e2e/chainsaw/assets/manifests.yaml +++ b/test/e2e/chainsaw/assets/manifests.yaml @@ -96,7 +96,7 @@ spec: spec: containers: - name: test-flagd-endpoint - image: curlimages/curl:8.8.0 + image: curlimages/curl:8.11.1 args: - /bin/sh - -ec diff --git a/test/e2e/chainsaw/flagd-disabled/00-install.yaml b/test/e2e/chainsaw/flagd-disabled/00-install.yaml index ebe6ccb73..2165b811e 100644 --- a/test/e2e/chainsaw/flagd-disabled/00-install.yaml +++ b/test/e2e/chainsaw/flagd-disabled/00-install.yaml @@ -99,7 +99,7 @@ spec: spec: containers: - name: test-flagd-endpoint - image: curlimages/curl:8.8.0 + image: curlimages/curl:8.11.1 args: - /bin/sh - -ec diff --git a/test/e2e/chainsaw/flagd-with-custom-ports/00-assert.yaml b/test/e2e/chainsaw/flagd-with-custom-ports/00-assert.yaml index be38eaf0e..cec9b7078 100644 --- a/test/e2e/chainsaw/flagd-with-custom-ports/00-assert.yaml +++ b/test/e2e/chainsaw/flagd-with-custom-ports/00-assert.yaml @@ -26,7 +26,7 @@ spec: containers: - name: flagd # renovate: datasource=github-tags depName=open-feature/flagd/flagd - image: ghcr.io/open-feature/flagd:v0.11.1 + image: ghcr.io/open-feature/flagd:v0.12.0 ports: - containerPort: 8014 name: management diff --git a/test/e2e/chainsaw/flagd-with-gateway-api/00-assert.yaml b/test/e2e/chainsaw/flagd-with-gateway-api/00-assert.yaml index 9666ff885..0d183a2a6 100644 --- a/test/e2e/chainsaw/flagd-with-gateway-api/00-assert.yaml +++ b/test/e2e/chainsaw/flagd-with-gateway-api/00-assert.yaml @@ -26,7 +26,7 @@ spec: containers: - name: flagd # renovate: datasource=github-tags depName=open-feature/flagd/flagd - image: ghcr.io/open-feature/flagd:v0.11.1 + image: ghcr.io/open-feature/flagd:v0.12.0 ports: - containerPort: 8014 name: management diff --git a/test/e2e/chainsaw/flagd-with-ingress-custom-paths/00-assert.yaml b/test/e2e/chainsaw/flagd-with-ingress-custom-paths/00-assert.yaml index 643c2e8b0..634def380 100644 --- a/test/e2e/chainsaw/flagd-with-ingress-custom-paths/00-assert.yaml +++ b/test/e2e/chainsaw/flagd-with-ingress-custom-paths/00-assert.yaml @@ -26,7 +26,7 @@ spec: containers: - name: flagd # renovate: datasource=github-tags depName=open-feature/flagd/flagd - image: ghcr.io/open-feature/flagd:v0.11.1 + image: ghcr.io/open-feature/flagd:v0.12.0 ports: - containerPort: 8014 name: management diff --git a/test/e2e/chainsaw/flagd-with-ingress-default-paths/00-assert.yaml b/test/e2e/chainsaw/flagd-with-ingress-default-paths/00-assert.yaml index 5dadf2e8b..4e43b0dee 100644 --- a/test/e2e/chainsaw/flagd-with-ingress-default-paths/00-assert.yaml +++ b/test/e2e/chainsaw/flagd-with-ingress-default-paths/00-assert.yaml @@ -26,7 +26,7 @@ spec: containers: - name: flagd # renovate: datasource=github-tags depName=open-feature/flagd/flagd - image: ghcr.io/open-feature/flagd:v0.11.1 + image: ghcr.io/open-feature/flagd:v0.12.0 ports: - containerPort: 8014 name: management diff --git a/test/e2e/chainsaw/fsconfig-file-sync/00-assert.yaml b/test/e2e/chainsaw/fsconfig-file-sync/00-assert.yaml index e2157feba..f0c5463bc 100644 --- a/test/e2e/chainsaw/fsconfig-file-sync/00-assert.yaml +++ b/test/e2e/chainsaw/fsconfig-file-sync/00-assert.yaml @@ -13,4 +13,4 @@ spec: - name: open-feature-e2e-test image: nginx:stable-alpine - name: flagd # this part verifies flagd injection happened - image: ghcr.io/open-feature/flagd:v0.11.1 + image: ghcr.io/open-feature/flagd:v0.12.0 diff --git a/test/e2e/chainsaw/fsconfig-flagd-proxy-sync/00-assert.yaml b/test/e2e/chainsaw/fsconfig-flagd-proxy-sync/00-assert.yaml index e2157feba..f0c5463bc 100644 --- a/test/e2e/chainsaw/fsconfig-flagd-proxy-sync/00-assert.yaml +++ b/test/e2e/chainsaw/fsconfig-flagd-proxy-sync/00-assert.yaml @@ -13,4 +13,4 @@ spec: - name: open-feature-e2e-test image: nginx:stable-alpine - name: flagd # this part verifies flagd injection happened - image: ghcr.io/open-feature/flagd:v0.11.1 + image: ghcr.io/open-feature/flagd:v0.12.0 diff --git a/test/e2e/chainsaw/fsconfig-k8s-sync/00-assert.yaml b/test/e2e/chainsaw/fsconfig-k8s-sync/00-assert.yaml index d567b37a3..89241873f 100644 --- a/test/e2e/chainsaw/fsconfig-k8s-sync/00-assert.yaml +++ b/test/e2e/chainsaw/fsconfig-k8s-sync/00-assert.yaml @@ -14,4 +14,4 @@ spec: - name: open-feature-e2e-test image: nginx:stable-alpine - name: flagd # this part verifies flagd injection happened - image: ghcr.io/open-feature/flagd:v0.11.1 + image: ghcr.io/open-feature/flagd:v0.12.0 diff --git a/test/e2e/chainsaw/in-process/00-assert.yaml b/test/e2e/chainsaw/in-process/00-assert.yaml index 94bc93967..d7f680ca7 100644 --- a/test/e2e/chainsaw/in-process/00-assert.yaml +++ b/test/e2e/chainsaw/in-process/00-assert.yaml @@ -8,7 +8,7 @@ status: spec: containers: - name: open-feature-e2e-test - image: busybox:1.36.1 + image: busybox:1.37.0 env: - name: my-second-prefix_name2 value: val2 @@ -29,7 +29,7 @@ spec: - name: my-second-prefix_OFFLINE_FLAG_SOURCE_PATH value: my-path - name: open-feature-e2e-test2 - image: busybox:1.36.1 + image: busybox:1.37.0 env: - name: my-second-prefix_name2 value: val2 diff --git a/test/e2e/chainsaw/in-process/00-install.yaml b/test/e2e/chainsaw/in-process/00-install.yaml index 026c8af8e..debdf5f9b 100644 --- a/test/e2e/chainsaw/in-process/00-install.yaml +++ b/test/e2e/chainsaw/in-process/00-install.yaml @@ -21,10 +21,10 @@ spec: spec: containers: - name: open-feature-e2e-test - image: busybox:1.36.1 + image: busybox:1.37.0 command: ['sh', '-c', 'echo The app is running! && sleep infinity'] - name: open-feature-e2e-test2 - image: busybox:1.36.1 + image: busybox:1.37.0 command: ['sh', '-c', 'echo The app is running! && sleep infinity'] --- apiVersion: core.openfeature.dev/v1beta1 diff --git a/test/e2e/chainsaw/validate-featureflag/featureflag_bad.yaml b/test/e2e/chainsaw/validate-featureflag/featureflag_bad.yaml index 8756074a5..38ca0ce12 100644 --- a/test/e2e/chainsaw/validate-featureflag/featureflag_bad.yaml +++ b/test/e2e/chainsaw/validate-featureflag/featureflag_bad.yaml @@ -1,7 +1,7 @@ apiVersion: core.openfeature.dev/v1beta1 kind: FeatureFlag metadata: - name: featureflag-sample + name: featureflag-sample-bad spec: flagSpec: flags: diff --git a/test/e2e/chainsaw/validate-featureflag/featureflag_good.yaml b/test/e2e/chainsaw/validate-featureflag/featureflag_good.yaml index d023c89dc..5014c6b1a 100644 --- a/test/e2e/chainsaw/validate-featureflag/featureflag_good.yaml +++ b/test/e2e/chainsaw/validate-featureflag/featureflag_good.yaml @@ -1,7 +1,7 @@ apiVersion: core.openfeature.dev/v1beta1 kind: FeatureFlag metadata: - name: featureflag-sample + name: featureflag-sample-good spec: flagSpec: flags: diff --git a/test/e2e/chainsaw/validate-featureflag/featureflag_good_empty.yaml b/test/e2e/chainsaw/validate-featureflag/featureflag_good_empty.yaml index 669e2a25a..4ed5ef398 100644 --- a/test/e2e/chainsaw/validate-featureflag/featureflag_good_empty.yaml +++ b/test/e2e/chainsaw/validate-featureflag/featureflag_good_empty.yaml @@ -1,7 +1,7 @@ apiVersion: core.openfeature.dev/v1beta1 kind: FeatureFlag metadata: - name: featureflag-sample + name: featureflag-sample-good-empty spec: flagSpec: flags: