diff --git a/.buildkite/Makefile b/.buildkite/Makefile index 113273d6c4..c36aa7b8f3 100644 --- a/.buildkite/Makefile +++ b/.buildkite/Makefile @@ -4,7 +4,7 @@ # This Makefile is used to run the buildkite agent in virtual machines when Docker access is required. -CI_IMAGE ?= docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:e7abeaab +CI_IMAGE ?= docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d ROOT_DIR := $(CURDIR)/.. GO_MOUNT_PATH ?= /go/src/github.com/elastic/cloud-on-k8s export VAULT_ROOT_PATH = secret/ci/elastic-cloud-on-k8s diff --git a/.buildkite/e2e/pipeline-gen/pipeline.tpl.yaml b/.buildkite/e2e/pipeline-gen/pipeline.tpl.yaml index d9dd04d987..fa28e338f1 100644 --- a/.buildkite/e2e/pipeline-gen/pipeline.tpl.yaml +++ b/.buildkite/e2e/pipeline-gen/pipeline.tpl.yaml @@ -34,7 +34,7 @@ steps: machineType: "{{ .KindAgentsMachineType }}" {{- end }} {{- else }} - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "4G" {{- end }} @@ -85,7 +85,7 @@ steps: machineType: "{{ $.KindAgentsMachineType }}" {{- end }} {{- else }} - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "4G" {{- end }} @@ -121,7 +121,7 @@ steps: {{- if not $test.Dind }} - make run-deployer agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "4G" {{- else }} - make -C .buildkite TARGET="run-deployer" ci @@ -144,5 +144,5 @@ steps: - ".buildkite/e2e/reporter/*.md" - ".buildkite/e2e/reporter/*.yml" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" diff --git a/.buildkite/e2e/reporter/templates/notify-failures.tpl.yml b/.buildkite/e2e/reporter/templates/notify-failures.tpl.yml index 32cb5b7f44..e3ae8969b0 100644 --- a/.buildkite/e2e/reporter/templates/notify-failures.tpl.yml +++ b/.buildkite/e2e/reporter/templates/notify-failures.tpl.yml @@ -4,7 +4,7 @@ steps: - label: "{{ .ShortFailuresCount }} failure(s)" command: exit {{ .ShortFailuresCount }} agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" # notify e2e tests failures for the main branch and tags @@ -13,7 +13,7 @@ steps: if: build.branch == "main" || build.tag != null command: echo "notify" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" notify: diff --git a/.buildkite/pipeline-e2e-clusters-cleanup.yml b/.buildkite/pipeline-e2e-clusters-cleanup.yml index 80acce5134..b696d7b819 100644 --- a/.buildkite/pipeline-e2e-clusters-cleanup.yml +++ b/.buildkite/pipeline-e2e-clusters-cleanup.yml @@ -10,7 +10,7 @@ steps: - make build-deployer - buildkite-agent artifact upload hack/deployer/deployer agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: 2G - label: ":broom: e2e test cluster cleanup gke" @@ -26,7 +26,7 @@ steps: - chmod u+x /usr/local/hack/deployer/deployer - /usr/local/hack/deployer/deployer cleanup --plans-file hack/deployer/config/plans.yml --cluster-prefix $${E2E_TEST_CLUSTER_PREFIX} --config-file deployer-config.yml agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: 2G - label: ":broom: e2e test cluster cleanup aks" @@ -55,7 +55,7 @@ steps: - chmod u+x /usr/local/hack/deployer/deployer - /usr/local/hack/deployer/deployer cleanup --plans-file hack/deployer/config/plans.yml --cluster-prefix $${E2E_TEST_CLUSTER_PREFIX} --config-file deployer-config.yml agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: 2G - label: ":broom: e2e test cluster cleanup eks-arm" @@ -71,7 +71,7 @@ steps: - chmod u+x /usr/local/hack/deployer/deployer - /usr/local/hack/deployer/deployer cleanup --plans-file hack/deployer/config/plans.yml --cluster-prefix $${E2E_TEST_CLUSTER_PREFIX} --config-file deployer-config.yml agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: 2G - label: ":broom: e2e test cluster cleanup ocp" diff --git a/.buildkite/pipeline-e2e-tests.yml b/.buildkite/pipeline-e2e-tests.yml index 24dc8c7eb8..1c65bbdd7f 100644 --- a/.buildkite/pipeline-e2e-tests.yml +++ b/.buildkite/pipeline-e2e-tests.yml @@ -17,7 +17,7 @@ steps: E2E_PROVIDER: gke DEF agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" # for nightly builds from main @@ -30,7 +30,7 @@ steps: cd .buildkite/e2e/pipeline-gen && go build -o pipeline-gen cat ../nightly-main-matrix.yaml | ./pipeline-gen | buildkite-agent pipeline upload agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" # for all tags @@ -41,5 +41,5 @@ steps: cd .buildkite/e2e/pipeline-gen && go build -o pipeline-gen cat ../release-branch-matrix.yaml | ./pipeline-gen | buildkite-agent pipeline upload agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" diff --git a/.buildkite/pipeline-release-helm.yml b/.buildkite/pipeline-release-helm.yml index dcece5afaa..de97bd8451 100644 --- a/.buildkite/pipeline-release-helm.yml +++ b/.buildkite/pipeline-release-helm.yml @@ -10,7 +10,7 @@ steps: - make build - buildkite-agent artifact upload bin/releaser agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - label: "operator dev helm chart" @@ -29,7 +29,7 @@ steps: - chmod u+x /usr/local/bin/releaser - releaser --env=dev --charts-dir=deploy/eck-operator agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - wait @@ -50,7 +50,7 @@ steps: - chmod u+x /usr/local/bin/releaser - releaser --env=dev --charts-dir=deploy/eck-stack agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - wait @@ -68,7 +68,7 @@ steps: - chmod u+x /usr/local/bin/releaser - releaser --env=prod --charts-dir=deploy/eck-operator agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - wait @@ -86,5 +86,5 @@ steps: - chmod u+x /usr/local/bin/releaser - releaser --env=prod --charts-dir=deploy/eck-stack agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" diff --git a/.buildkite/pipeline-release-redhat.yml b/.buildkite/pipeline-release-redhat.yml index 7202dd04f7..99d25dcc02 100644 --- a/.buildkite/pipeline-release-redhat.yml +++ b/.buildkite/pipeline-release-redhat.yml @@ -7,7 +7,7 @@ steps: - make build - buildkite-agent artifact upload bin/operatorhub agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - label: ":docker: push container" @@ -20,7 +20,7 @@ steps: cd hack/operatorhub operatorhub container push agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - label: ":docker: preflight container check" @@ -32,7 +32,7 @@ steps: commands: - .buildkite/scripts/release/redhat-preflight.sh agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - label: ":docker: publish container" @@ -47,7 +47,7 @@ steps: cd hack/operatorhub operatorhub container publish agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - label: ":redhat: generate and create-pr" @@ -62,5 +62,5 @@ steps: operatorhub generate-manifests operatorhub bundle create-pr agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" diff --git a/.buildkite/pipeline-release.yml b/.buildkite/pipeline-release.yml index 665dffbdce..7f1bddd8b6 100644 --- a/.buildkite/pipeline-release.yml +++ b/.buildkite/pipeline-release.yml @@ -10,7 +10,7 @@ steps: commands: - .buildkite/scripts/release/k8s-manifests.sh agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" - label: "copy images to dockerhub" diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index bfe713473a..d044af32e7 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -9,14 +9,14 @@ steps: - label: ":go: lint" command: "make lint check-local-changes" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d cpu: "6" memory: "7G" - label: ":go: generate" command: "make generate check-local-changes" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d cpu: "4" memory: "2G" @@ -25,7 +25,7 @@ steps: - "make check-license-header check-predicates shellcheck reattach-pv" - "make -C hack/helm/release build" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d cpu: "4" memory: "4G" @@ -35,28 +35,28 @@ steps: - label: ":go: unit-tests" command: "make unit-xml" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d cpu: "4" memory: "4G" - label: ":go: integration-tests" command: "make integration-xml" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d cpu: "4" memory: "4G" - label: ":go: manifest-gen-tests" command: "make manifest-gen-test" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d cpu: "4" memory: "2G" - label: ":go: helm-tests" command: "make helm-test" agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d cpu: "4" memory: "2G" @@ -110,7 +110,7 @@ steps: E2E_SKIP_CLEANUP: true DEF agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" # for PR comment @@ -123,14 +123,14 @@ steps: $$(echo ./pipeline-gen $$GITHUB_PR_COMMENT_VAR_ARGS) \ | buildkite-agent pipeline upload agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" # for the main branch (merge and nightly) and tags - label: ":buildkite:" command: buildkite-agent pipeline upload .buildkite/pipeline-e2e-tests.yml agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" # ---------- @@ -140,5 +140,5 @@ steps: - "operator-image-build" command: buildkite-agent pipeline upload .buildkite/pipeline-release.yml agents: - image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:02c746a1 + image: docker.elastic.co/ci-agent-images/cloud-k8s-operator/buildkite-agent:16a56a1d memory: "2G" diff --git a/.golangci.yml b/.golangci.yml index 21dd01c05f..269036fde4 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -15,11 +15,19 @@ linters-settings: # put imports beginning with prefix after 3rd-party packages; local-prefixes: github.com/elastic/cloud-on-k8s + gosec: + excludes: + - G115 # potential integer overflow when converting between integer types + nolintlint: allow-leading-space: false allow-unused: false require-specific: true + predeclared: + # comma-separated list of predeclared identifiers to not report on. + ignore: "min,max" + revive: ## Default rules from https://github.com/mgechev/revive/blob/75a8e403f52c9634546fbfe5ec5429560ca74494/defaults.toml enable-all-rules: false @@ -78,7 +86,7 @@ linters: - cyclop - depguard - dupl - - exhaustivestruct + - err113 - forbidigo - funlen - gci @@ -88,18 +96,13 @@ linters: - gocyclo - godot - godox - - goerr113 - gofmt - gofumpt - - golint - gomnd - gomodguard - - interfacer - - maligned - nlreturn - paralleltest - rowserrcheck - - scopelint - sqlclosecheck - stylecheck - testpackage @@ -114,7 +117,6 @@ linters: - errcheck - errorlint - exhaustive - - exportloopref - forcetypeassert - gocritic - goheader diff --git a/build/Dockerfile-ubi b/build/Dockerfile-ubi index 7d52c7d36f..73d83e27f5 100644 --- a/build/Dockerfile-ubi +++ b/build/Dockerfile-ubi @@ -1,5 +1,5 @@ # Build the operator binary -FROM docker.io/library/golang:1.22.6 as builder +FROM docker.io/library/golang:1.23.1 as builder ARG VERSION ARG SHA1 diff --git a/cmd/manager/main.go b/cmd/manager/main.go index ca40ed0af8..eb529f56d9 100644 --- a/cmd/manager/main.go +++ b/cmd/manager/main.go @@ -463,7 +463,7 @@ func startOperator(ctx context.Context) error { } }() - if err := pprofServer.ListenAndServe(); !errors.Is(http.ErrServerClosed, err) { + if err := pprofServer.ListenAndServe(); !errors.Is(err, http.ErrServerClosed) { log.Error(err, "Failed to start debug HTTP server") panic(err) } diff --git a/hack/manifest-gen/Dockerfile b/hack/manifest-gen/Dockerfile index 52b7dbcfbb..fe3e22f018 100644 --- a/hack/manifest-gen/Dockerfile +++ b/hack/manifest-gen/Dockerfile @@ -1,4 +1,4 @@ -FROM docker.io/library/golang:1.22.6 as builder +FROM docker.io/library/golang:1.23.1 as builder ADD . /manifest-gen WORKDIR /manifest-gen ENV GO111MODULE=on CGO_ENABLED=0 GOOS=linux diff --git a/pkg/controller/common/autoscaling/validations.go b/pkg/controller/common/autoscaling/validations.go index ceda8e6758..cf2c2e604a 100644 --- a/pkg/controller/common/autoscaling/validations.go +++ b/pkg/controller/common/autoscaling/validations.go @@ -123,7 +123,7 @@ func ValidateAutoscalingPolicies( } // Validate the set of roles managed by this autoscaling policy. - if autoscalingSpec.Roles == nil || len(autoscalingSpec.Roles) == 0 { + if len(autoscalingSpec.Roles) == 0 { errs = append(errs, field.Required(autoscalingSpecPath(i, "roles"), "roles field is mandatory and must not be empty")) } else { if containsStringSlice(rolesSet, autoscalingSpec.Roles) { diff --git a/pkg/controller/license/trial/trial_controller.go b/pkg/controller/license/trial/trial_controller.go index de95a4ea2e..5b68de1373 100644 --- a/pkg/controller/license/trial/trial_controller.go +++ b/pkg/controller/license/trial/trial_controller.go @@ -79,7 +79,7 @@ func (r *ReconcileTrials) Reconcile(ctx context.Context, request reconcile.Reque validationMsg := validateEULA(secret) if validationMsg != "" { - return r.invalidOperation(ctx, secret, validationMsg) + return reconcile.Result{}, r.invalidOperation(ctx, secret, validationMsg) } // 1. reconcile trial status secret @@ -90,23 +90,25 @@ func (r *ReconcileTrials) Reconcile(ctx context.Context, request reconcile.Reque // 2. reconcile the trial license itself trialLicensePopulated := license.IsMissingFields() == nil licenseStatus := r.validateLicense(ctx, license) + switch { case !trialLicensePopulated && r.trialState.IsTrialStarted(): // user wants to start a trial for the second time - return r.invalidOperation(ctx, secret, trialOnlyOnceMsg) + return reconcile.Result{}, r.invalidOperation(ctx, secret, trialOnlyOnceMsg) case !trialLicensePopulated && !r.trialState.IsTrialStarted(): // user wants to init a trial for the first time - return r.initTrialLicense(ctx, secret, license) + return reconcile.Result{}, r.initTrialLicense(ctx, secret, license) case trialLicensePopulated && !validLicense(licenseStatus): // existing license is invalid (expired or tampered with) - return r.invalidOperation(ctx, secret, userFriendlyMsgs[licenseStatus]) + return reconcile.Result{}, r.invalidOperation(ctx, secret, userFriendlyMsgs[licenseStatus]) case trialLicensePopulated && validLicense(licenseStatus) && !r.trialState.IsTrialStarted(): // valid license, let's consider the trial started and complete the activation - return r.completeTrialActivation(ctx, request.NamespacedName) + return reconcile.Result{}, r.completeTrialActivation(ctx, request.NamespacedName) case trialLicensePopulated && validLicense(licenseStatus) && r.trialState.IsTrialStarted(): // all good nothing to do } - return reconcile.Result{}, nil + + return reconcile.Result{}, err } func (r *ReconcileTrials) reconcileTrialStatus(ctx context.Context, licenseName types.NamespacedName, license licensing.EnterpriseLicense) error { @@ -175,28 +177,28 @@ func (r *ReconcileTrials) startTrialActivation() error { return nil } -func (r *ReconcileTrials) completeTrialActivation(ctx context.Context, license types.NamespacedName) (reconcile.Result, error) { +func (r *ReconcileTrials) completeTrialActivation(ctx context.Context, license types.NamespacedName) error { if r.trialState.CompleteTrialActivation() { expectedStatus, err := licensing.ExpectedTrialStatus(r.OperatorNamespace, license, r.trialState) if err != nil { - return reconcile.Result{}, err + return err } _, err = reconciler.ReconcileSecret(ctx, r, expectedStatus, nil) - return reconcile.Result{}, err + return err } - return reconcile.Result{}, nil + return nil } -func (r *ReconcileTrials) initTrialLicense(ctx context.Context, secret corev1.Secret, license licensing.EnterpriseLicense) (reconcile.Result, error) { +func (r *ReconcileTrials) initTrialLicense(ctx context.Context, secret corev1.Secret, license licensing.EnterpriseLicense) error { if err := r.trialState.InitTrialLicense(ctx, &license); err != nil { - return reconcile.Result{}, err + return err } - return reconcile.Result{}, licensing.UpdateEnterpriseLicense(ctx, r, secret, license) + return licensing.UpdateEnterpriseLicense(ctx, r, secret, license) } -func (r *ReconcileTrials) invalidOperation(ctx context.Context, secret corev1.Secret, msg string) (reconcile.Result, error) { +func (r *ReconcileTrials) invalidOperation(ctx context.Context, secret corev1.Secret, msg string) error { setValidationMsg(ctx, &secret, msg) - return reconcile.Result{}, r.Update(ctx, &secret) + return r.Update(ctx, &secret) } func validLicense(status licensing.LicenseStatus) bool {