chore(controller-runtime) : Update controller-runtime version

[snehachhabria]

Description:

Update controller-runtime to v0.10.2

part of #4165

Signed-off-by: Sneha Chhabria snchh@microsoft.com

Affected area:

Functional Area
New Functionality	[ ]
CI System	[ ]
CLI Tool	[ ]
Certificate Management	[ ]
Control Plane	[ ]
Demo	[ ]
Documentation	[ ]
Egress	[ ]
Ingress	[ ]
Install	[ ]
Networking	[ ]
Observability	[ ]
Performance	[ ]
SMI Policy	[ ]
Security	[ ]
Sidecar Injection	[ ]
Tests	[ ]
Upgrade	[ ]
Other	[X]

Please answer the following questions with yes/no.

1. Does this change contain code from or inspired by another project? no

   • Did you notify the maintainers and provide attribution?

2. Is this a breaking change? no

[shashankram]

Why is controller-runtime being updated? Is this a dependency to update the TLS version? If not, please keep this PR scoped to TLS version changes.

[shashankram]

Why is this required?

[snehachhabria]

runners don't have go preinstalled (according to this list) and we never have the "Setup Go" step this job. Not sure how it was running and validating all along

[shashankram]

Let's investigate why that's passing, and if this is even required. It also seems totally unrelated to this PR.

[snehachhabria]

The mock check for this PR will not pass without this, so it can be very much a related fix to this PR

[snehachhabria]

Why is controller-runtime being updated? Is this a dependency to update the TLS version? If not, please keep this PR scoped to TLS version changes.

Yes it is, please refer to this issue for more details : #4165

[trstringer]

@shashankram from #4165 that CR needs to be 0.9.1+ to support configuring minimum TLS version.

@snehachhabria is there a reason we are defaulting to TLS 1.2 instead of TLS 1.3? Is it because of the Kubernetes support for TLS 1.3 requiring 1.17?

[shashankram]

Why is controller-runtime being updated? Is this a dependency to update the TLS version? If not, please keep this PR scoped to TLS version changes.

Yes it is, please refer to this issue for more details : #4165

We do not use controller-runtime for TLS, it's just used for creating JSON patches and hence there should be no dependency on updating controller-runtime in a PR that suggests the TLS version is being fixed.

Please make the controller-runtime change in a separate PR if necessary, as I do not believe it is related to TLS in any way.

[shashankram]

I'd like to see this PR split up and scoped to the TLS version updates.

I don't believe controller-runtime needs to be updated, even though the issue suggests to update it, because we do not use controller-runtime other than for patching JSON.

Could you split this up and isolate this change to be specific to TLS config updates? Else it's just confusing to review.

[shashankram]

Let's investigate why that's passing, and if this is even required. It also seems totally unrelated to this PR.

[snehachhabria]

I'd like to see this PR split up and scoped to the TLS version updates.

I don't believe controller-runtime needs to be updated, even though the issue suggests to update it, because we do not use controller-runtime other than for patching JSON.

Could you split this up and isolate this change to be specific to TLS config updates? Else it's just confusing to review.

I've updated this PR to just update the controller runtime, I will send the TLS min version in a follow up PR

[snehachhabria]

@shashankram from #4165 that CR needs to be 0.9.1+ to support configuring minimum TLS version.

@snehachhabria is there a reason we are defaulting to TLS 1.2 instead of TLS 1.3? Is it because of the Kubernetes support for TLS 1.3 requiring 1.17?

Since OSM is supported for k8s version 1.18 and above I guess we can bump this up to 1.3. I'll send the changes in a separate PR

[snehachhabria]

synced with @shashankram offline and we will skip updating the controller-runtime version for now. I'll send a separate PR for the TLS min version