-
Notifications
You must be signed in to change notification settings - Fork 92
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix dependabot alerts #697
Comments
kuritka
added a commit
that referenced
this issue
Oct 26, 2021
related to #697 Github virtual environment Ubuntu20.04 has [cached several Go tools](https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-README.md#go). GoReleaser doesn't accept `builds.gobinary` [parameter](https://goreleaser.com/customization/build/) and still uses default GO1.15. In order to fixing dependabot alerts, I would like to bump up the versions of some modules that are already [required to be compiled in GO 1.16](https://github.com/k8gb-io/k8gb/runs/4009137543?check_suite_focus=true#step:3:64). I'm introducing setup-go action which is switching GO to desired version. Signed-off-by: kuritka <kuritka@gmail.com>
kuritka
added a commit
that referenced
this issue
Oct 26, 2021
related to #697 Github virtual environment Ubuntu20.04 has [cached several Go tools](https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-README.md#go). GoReleaser doesn't accept `builds.gobinary` [parameter](https://goreleaser.com/customization/build/) and still uses default GO1.15. In order to fixing dependabot alerts, I would like to bump up the versions of some modules that are already [required to be compiled in GO 1.16](https://github.com/k8gb-io/k8gb/runs/4009137543?check_suite_focus=true#step:3:64). I'm introducing setup-go action which is switching GO to desired version. Signed-off-by: kuritka <kuritka@gmail.com>
kuritka
added a commit
that referenced
this issue
Oct 26, 2021
related to #697 `k8s.io/*` bundle to `v0.22.2` (controller-gen tool makes changes in CRD description after bump) - `github.com/golang/mock` to `v1.6.0` (is not compiled into final binary but checked by dependabot) - `github.com/miekg/dns` to `v1.1.43` - `github.com/infobloxopen/infoblox-go-client` to `v1.1.1` (changes argument CreateTXTRecord from integer to uint) The latest `sigs.k8s.io/external-dns` is problematic in terms it uses latest `github.com/go-logr/logr` which is incompatible with previous versions. This causes issues in `controller-runtime` and will require code changes on our side (another PR). [This PR](kubernetes-sigs/controller-runtime#1593 (comment)) would be unblock - github.com/go-logr/logr - sigs.k8s.io/external-dns Signed-off-by: kuritka <kuritka@gmail.com>
kuritka
added a commit
that referenced
this issue
Oct 26, 2021
related to #697 `k8s.io/*` bundle to `v0.22.2` (controller-gen tool makes changes in CRD description after bump) - `github.com/golang/mock` to `v1.6.0` (is not compiled into final binary but checked by dependabot) - `github.com/miekg/dns` to `v1.1.43` - `github.com/infobloxopen/infoblox-go-client` to `v1.1.1` (changes argument CreateTXTRecord from integer to uint) `sigs.k8s.io/controller-runtime` to `v0.10.2` The latest `sigs.k8s.io/external-dns` is problematic in terms it uses latest `github.com/go-logr/logr` which is incompatible with previous versions. This causes issues in `controller-runtime` and will require code changes on our side (another PR). [This PR](kubernetes-sigs/controller-runtime#1593 (comment)) would be unblock - github.com/go-logr/logr - sigs.k8s.io/external-dns Signed-off-by: kuritka <kuritka@gmail.com>
kuritka
added a commit
that referenced
this issue
Oct 26, 2021
related to #697 `k8s.io/*` bundle to `v0.22.2` (controller-gen tool makes changes in CRD description after bump) - `github.com/golang/mock` to `v1.6.0` (is not compiled into final binary but checked by dependabot) - `github.com/miekg/dns` to `v1.1.43` - `github.com/infobloxopen/infoblox-go-client` to `v1.1.1` (changes argument CreateTXTRecord from integer to uint) `sigs.k8s.io/controller-runtime` to `v0.10.2` requires more effort, will be part of follow-up PR `sigs.k8s.io/external-dns` is problematic in terms it uses latest `github.com/go-logr/logr` which is incompatible with previous versions. Will be part of followup PR Signed-off-by: kuritka <kuritka@gmail.com>
This was referenced Oct 26, 2021
Merged
kuritka
added a commit
that referenced
this issue
Oct 27, 2021
kuritka
added a commit
that referenced
this issue
Oct 27, 2021
related to #697 `k8s.io/*` bundle to `v0.22.2` (controller-gen tool makes changes in CRD description after bump) - `github.com/golang/mock` to `v1.6.0` (is not compiled into final binary but checked by dependabot) - `github.com/miekg/dns` to `v1.1.43` - `github.com/infobloxopen/infoblox-go-client` to `v1.1.1` (changes argument CreateTXTRecord from integer to uint) - `sigs.k8s.io/controller-runtime` to `v0.10.2`, had to fix the test, see comment below. - `sigs.k8s.io/external-dns` is problematic in terms it uses latest `github.com/go-logr/logr` which is incompatible with previous versions. Will be part of followup PR Controller-runtime works on copies of annotations rather than their pointers, so I had to modify the test. ```go func TestGslbProperlyPropagatesAnnotationDownToIngress(t *testing.T) { // arrange settings := provideSettings(t, predefinedConfig) expectedAnnotations := map[string]string{"annotation": "test"} settings.gslb.Annotations = expectedAnnotations err := settings.client.Update(context.TODO(), settings.gslb) require.NoError(t, err, "Can't update gslb") // act reconcileAndUpdateGslb(t, settings) err2 := settings.client.Get(context.TODO(), settings.request.NamespacedName, settings.ingress) // assert assert.NoError(t, err2, "Failed to get expected ingress") assert.Equal(t, expectedAnnotations, settings.ingress.Annotations) } ``` If I extend fial assertion the passing test is doing this: ```go assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.ingress.Annotations) assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.gslb.Annotations) assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, expectedAnnotations) ``` The `"k8gb.io/strategy": "roundRobin"` is added to `expectedAnnotations` during `reconcileAndUpdateGslb` and controlle-runtime is the guy which extends `expectedAnnotations`. I bumped controller runtime to `v0.10.2`, and only this concrete test has to be updated, because expectedAnnotations are not altered within controller-runtime: ```go assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.ingress.Annotations) assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.gslb.Annotations) assert.Equal(t, map[string]string{"annotation": "test"}, expectedAnnotations) ``` Signed-off-by: kuritka <kuritka@gmail.com>
kuritka
added a commit
that referenced
this issue
Oct 30, 2021
related to #697 `k8s.io/*` bundle to `v0.22.2` (controller-gen tool makes changes in CRD description after bump) - `github.com/golang/mock` to `v1.6.0` (is not compiled into final binary but checked by dependabot) - `github.com/miekg/dns` to `v1.1.43` - `github.com/infobloxopen/infoblox-go-client` to `v1.1.1` (changes argument CreateTXTRecord from integer to uint) - `sigs.k8s.io/controller-runtime` to `v0.10.2`, had to fix the test, see comment below. - `sigs.k8s.io/external-dns` is problematic in terms it uses latest `github.com/go-logr/logr` which is incompatible with previous versions. Will be part of followup PR Controller-runtime works on copies of annotations rather than their pointers, so I had to modify the test. ```go func TestGslbProperlyPropagatesAnnotationDownToIngress(t *testing.T) { // arrange settings := provideSettings(t, predefinedConfig) expectedAnnotations := map[string]string{"annotation": "test"} settings.gslb.Annotations = expectedAnnotations err := settings.client.Update(context.TODO(), settings.gslb) require.NoError(t, err, "Can't update gslb") // act reconcileAndUpdateGslb(t, settings) err2 := settings.client.Get(context.TODO(), settings.request.NamespacedName, settings.ingress) // assert assert.NoError(t, err2, "Failed to get expected ingress") assert.Equal(t, expectedAnnotations, settings.ingress.Annotations) } ``` If I extend fial assertion the passing test is doing this: ```go assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.ingress.Annotations) assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.gslb.Annotations) assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, expectedAnnotations) ``` The `"k8gb.io/strategy": "roundRobin"` is added to `expectedAnnotations` during `reconcileAndUpdateGslb` and controlle-runtime is the guy which extends `expectedAnnotations`. I bumped controller runtime to `v0.10.2`, and only this concrete test has to be updated, because expectedAnnotations are not altered within controller-runtime: ```go assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.ingress.Annotations) assert.Equal(t, map[string]string{"annotation": "test", "k8gb.io/strategy": "roundRobin"}, settings.gslb.Annotations) assert.Equal(t, map[string]string{"annotation": "test"}, expectedAnnotations) ``` Signed-off-by: kuritka <kuritka@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The issue is a container for PR's fixing current dependabot alerts.
The text was updated successfully, but these errors were encountered: