zncdatadev · whg517 · Sep 25, 2024 · Sep 23, 2024 · Sep 24, 2024
diff --git a/.chainsaw.yaml b/.chainsaw.yaml
@@ -3,13 +3,13 @@ kind: Configuration
 metadata:
   name: custom-config
 spec:
-  #namespace: test
   timeouts:
     apply: 120s
-    assert: 120s
+    assert: 300s
     cleanup: 240s
     delete: 240s
     error: 200s
     exec: 200s
   skipDelete: false
   failFast: true
+  parallel: 1
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -22,55 +22,25 @@ jobs:
         MARKDOWN_CONFIG_FILE: .markdownlint.yml
 
   golang-lint:
-    name: Golang Lint
-    runs-on: ubuntu-22.04
+    name: golang-lint
+    runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
-    - uses: actions/setup-go@v4
-      with:
-        go-version: '1.22'
-        cache: false
-    - name: golangci-lint
-      uses: golangci/golangci-lint-action@v3
-      with:
-        # Require: The version of golangci-lint to use.
-        # When `install-mode` is `binary` (default) the value can be v1.2 or v1.2.3 or `latest` to use the latest version.
-        # When `install-mode` is `goinstall` the value can be v1.2.3, `latest`, or the hash of a commit.
-        version: v1.54
-
-        # Optional: working directory, useful for monorepos
-        # working-directory: somedir
-
-        # Optional: golangci-lint command line arguments.
-        #
-        # Note: By default, the `.golangci.yml` file should be at the root of the repository.
-        # The location of the configuration file can be changed by using `--config=`
-        # args: --timeout=30m --config=/my/path/.golangci.yml --issues-exit-code=0
-        args: --timeout=30m
-
-        # Optional: show only new issues if it's a pull request. The default value is `false`.
-        # only-new-issues: true
-
-        # Optional: if set to true, then all caching functionality will be completely disabled,
-        #           takes precedence over all other caching options.
-        # skip-cache: true
-
-        # Optional: if set to true, then the action won't cache or restore ~/go/pkg.
-        # skip-pkg-cache: true
-
-        # Optional: if set to true, then the action won't cache or restore ~/.cache/go-build.
-        # skip-build-cache: true
-
-        # Optional: The mode to install golangci-lint. It can be 'binary' or 'goinstall'.
-        # install-mode: "goinstall"
-
+      - uses: actions/checkout@v3
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '1.23'
+          cache: false
+      - name: golangci-lint
+        run: |
+          make lint 
+
 
   golang-test:
     name: Golang Test
     runs-on: ubuntu-22.04
     strategy:
       matrix:
-        go-version: ['1.22']
+        go-version: ['1.23']
     steps:
     - uses: actions/checkout@v3
       with:
@@ -98,7 +68,7 @@ jobs:
     - uses: actions/checkout@v3
     - uses: actions/setup-go@v4
       with:
-        go-version: '1.22'
+        go-version: '1.23'
         cache: false
     - name: Create KinD clustet pur
       env:

diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM golang:1.22 as builder
+FROM golang:1.23 as builder
 ARG TARGETOS
 ARG TARGETARCH
 

diff --git a/Makefile b/Makefile
@@ -53,7 +53,7 @@ endif
 
 # Set the Operator SDK version to use. By default, what is installed on the system is used.
 # This is useful for CI or a project to utilize a specific version of the operator-sdk toolkit.
-OPERATOR_SDK_VERSION ?= v1.35.0
+OPERATOR_SDK_VERSION ?= v1.37.0
 
 # Image URL to use all building/pushing image targets
 IMG ?= $(REGISTRY)/$(PROJECT_NAME):$(VERSION)
@@ -116,8 +116,20 @@ fmt: ## Run go fmt against code.
 vet: ## Run go vet against code.
 	go vet ./...
 
+GOLANGCI_LINT = $(shell pwd)/bin/golangci-lint
+GOLANGCI_LINT_VERSION ?= v1.60.3
+golangci-lint:
+	@[ -f $(GOLANGCI_LINT) ] || { \
+	set -e ;\
+	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(shell dirname $(GOLANGCI_LINT)) $(GOLANGCI_LINT_VERSION) ;\
+	}
+
+.PHONY: lint
+lint: golangci-lint ## Run golangci-lint linter & yamllint
+	$(GOLANGCI_LINT) run --timeout 5m
+
 .PHONY: test
-test: manifests generate fmt vet envtest ## Run tests.
+test: manifests generate fmt vet envtest lint ## Run tests.
 	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) --bin-dir $(LOCALBIN) -p path)" go test ./... -coverprofile cover.out
 
 ##@ Build
@@ -201,7 +213,7 @@ ENVTEST ?= $(LOCALBIN)/setup-envtest
 
 ## Tool Versions
 KUSTOMIZE_VERSION ?= v5.4.2
-CONTROLLER_TOOLS_VERSION ?= v0.15.0
+CONTROLLER_TOOLS_VERSION ?= v0.16.2
 
 .PHONY: kustomize
 kustomize: $(KUSTOMIZE) ## Download kustomize locally if necessary. If wrong version is installed, it will be removed before downloading.
@@ -368,14 +380,29 @@ kind-delete: kind ## Delete a kind cluster.
 
 # chainsaw
 
-CHAINSAW_VERSION ?= v0.2.6
+CHAINSAW_VERSION ?= v0.2.8
 CHAINSAW = $(LOCALBIN)/chainsaw
 
 .PHONY: chainsaw
 chainsaw: $(CHAINSAW) ## Download chainsaw locally if necessary.
 $(CHAINSAW): $(LOCALBIN)
-	test -s $(LOCALBIN)/chainsaw && $(LOCALBIN)/chainsaw version | grep -q $(CHAINSAW_VERSION) || \
-	GOBIN=$(LOCALBIN) go install github.com/kyverno/chainsaw@$(CHAINSAW_VERSION)
+	@{ \
+	set -xe ;\
+	if test -x $(LOCALBIN)/chainsaw && ! $(LOCALBIN)/chainsaw version | grep $(CHAINSAW_VERSION:v%=%) > /dev/null; then \
+		echo "$(LOCALBIN)/chainsaw version is not expected $(CHAINSAW_VERSION). Removing it before installing."; \
+		rm -rf $(LOCALBIN)/chainsaw; \
+	fi; \
+	if test ! -s $(LOCALBIN)/chainsaw; then \
+		mkdir -p $(dir $(CHAINSAW)) ;\
+		TMP=$(shell mktemp -d) ;\
+		OS=$(shell go env GOOS) && ARCH=$(shell go env GOARCH) && \
+		curl -sSL https://github.com/kyverno/chainsaw/releases/download/$(CHAINSAW_VERSION)/chainsaw_$${OS}_$${ARCH}.tar.gz | tar -xz -C $$TMP ;\
+		mv $$TMP/chainsaw $(CHAINSAW) ;\
+		rm -rf $$TMP ;\
+		chmod +x $(CHAINSAW) ;\
+		touch $(CHAINSAW) ;\
+	fi; \
+	}
 
 # chainsaw setup logical
 # - Build the operator docker image

diff --git a/api/v1alpha1/hdfscluster_types.go b/api/v1alpha1/hdfscluster_types.go
@@ -220,13 +220,32 @@ type ClusterConfigSpec struct {
 }
 
 type AuthenticationSpec struct {
+	// +kubebuilder:validation:Optional
+	AuthenticationClass string `json:"authenticationClass,omitempty"`
+
+	// +kubebuilder:validation:Optional
+	Oidc *OidcSpec `json:"oidc,omitempty"`
+
 	// +kubebuilder:validation:Optional
 	Tls *TlsSpec `json:"tls,omitempty"`
 
 	// +kubebuilder:validation:Optional
 	Kerberos *KerberosSpec `json:"kerberos,omitempty"`
 }
 
+// OidcSpec defines the OIDC spec.
+type OidcSpec struct {
+	// OIDC client credentials secret. It must contain the following keys:
+	//   - `CLIENT_ID`: The client ID of the OIDC client.
+	//   - `CLIENT_SECRET`: The client secret of the OIDC client.
+	// credentials will omit to pod environment variables.
+	// +kubebuilder:validation:Required
+	ClientCredentialsSecret string `json:"clientCredentialsSecret"`
+
+	// +kubebuilder:validation:Optional
+	ExtraScopes []string `json:"extraScopes,omitempty"`
+}
+
 type TlsSpec struct {
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default:="tls"

diff --git a/api/v1alpha1/image.go b/api/v1alpha1/image.go
@@ -6,10 +6,10 @@ import (
 )
 
 const (
-	DefaultRepository     = "quay.io/zncdatadev"
-	DefaultProductVersion = "3.3.6"
-	DefaultProductName    = "hadoop"
-	DefaultStackVersion   = "0.0.0-dev"
+	DefaultRepository      = "quay.io/zncdatadev"
+	DefaultProductVersion  = "3.3.6"
+	DefaultProductName     = "hadoop"
+	DefaultKubedoopVersion = "0.0.0-dev"
 )
 
 type ImageSpec struct {
@@ -22,28 +22,28 @@ type ImageSpec struct {
 
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default="0.0.0-dev"
-	PlatformVersion string `json:"platformVersion,omitempty"`
+	KubedoopVersion string `json:"kubedoopVersion,omitempty"`
 
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default="3.3.6"
 	ProductVersion string `json:"productVersion,omitempty"`
 
 	// +kubebuilder:validation:Optional
 	// +kubebuilder:default:=IfNotPresent
-	PullPolicy *corev1.PullPolicy `json:"pullPolicy,omitempty"`
+	PullPolicy corev1.PullPolicy `json:"pullPolicy,omitempty"`
 
 	// +kubebuilder:validation:Optional
 	PullSecretName string `json:"pullSecretName,omitempty"`
 }
 
 func TransformImage(imageSpec *ImageSpec) *util.Image {
 	if imageSpec == nil {
-		return util.NewImage(DefaultProductName, DefaultStackVersion, DefaultProductVersion)
+		return util.NewImage(DefaultProductName, DefaultKubedoopVersion, DefaultProductVersion)
 	}
 	return &util.Image{
 		Custom:          imageSpec.Custom,
 		Repo:            imageSpec.Repo,
-		PlatformVersion: imageSpec.PlatformVersion,
+		KubedoopVersion: imageSpec.KubedoopVersion,
 		ProductVersion:  imageSpec.ProductVersion,
 		PullPolicy:      imageSpec.PullPolicy,
 		PullSecretName:  imageSpec.PullSecretName,

diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go
diff --git a/cmd/main.go b/cmd/main.go
@@ -29,6 +29,8 @@ import (
 	// to ensure that exec-entrypoint and run can make use of them.
 	_ "k8s.io/client-go/plugin/pkg/client/auth"
 
+	authv1alpha1 "github.com/zncdatadev/operator-go/pkg/apis/authentication/v1alpha1"
+	listenerv1alpha1 "github.com/zncdatadev/operator-go/pkg/apis/listeners/v1alpha1"
 	"k8s.io/apimachinery/pkg/runtime"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
@@ -38,7 +40,6 @@ import (
 
 	hdfsv1alpha1 "github.com/zncdatadev/hdfs-operator/api/v1alpha1"
 	"github.com/zncdatadev/hdfs-operator/internal/controller"
-	listenerv1alpha1 "github.com/zncdatadev/operator-go/pkg/apis/listeners/v1alpha1"
 	//+kubebuilder:scaffold:imports
 )
 
@@ -50,6 +51,7 @@ var (
 func init() {
 	utilruntime.Must(clientgoscheme.AddToScheme(scheme))
 
+	utilruntime.Must(authv1alpha1.AddToScheme(scheme))
 	utilruntime.Must(hdfsv1alpha1.AddToScheme(scheme))
 	utilruntime.Must(listenerv1alpha1.AddToScheme(scheme))
 	//+kubebuilder:scaffold:scheme