Merge pull request #77 from jwsui/fix-cve

Upgrade Golang and Openshift module
vmware · Feb 7, 2023 · c3abbaa · c3abbaa
2 parents 7d677ec + 87bbf3d
commit c3abbaa
Show file tree

Hide file tree

Showing 12 changed files with 525 additions and 912 deletions.
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -10,10 +10,10 @@ jobs:
     name: Build binary and run unit tests
     runs-on: [ubuntu-latest]
     steps:
-      - name: Set up Go 1.16
+      - name: Set up Go 1.19
         uses: actions/setup-go@v1
         with:
-          go-version: 1.16
+          go-version: 1.19
       - name: Check-out code
         uses: actions/checkout@v2
       - name: Build antrea-operator binary
@@ -25,10 +25,10 @@ jobs:
     name: Check tidy
     runs-on: [ubuntu-latest]
     steps:
-      - name: Set up Go 1.16
+      - name: Set up Go 1.19
         uses: actions/setup-go@v1
         with:
-          go-version: 1.16
+          go-version: 1.19
       - name: Check-out code
         uses: actions/checkout@v2
       - name: Check tidy

diff --git a/.golangci.yml b/.golangci.yml
@@ -15,7 +15,7 @@ linters:
   enable:
     - misspell
     - gofmt
-    - deadcode
+    - unused
     - staticcheck
     - gosec
     - goimports

diff --git a/Makefile b/Makefile
@@ -45,7 +45,7 @@ all: manager
 
 .golangci-bin:
 	@echo "===> Installing Golangci-lint <==="
-	@curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $@ v1.30.0
+	@curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $@ v1.51.0
 
 .PHONY: golangci
 golangci: .golangci-bin
@@ -106,11 +106,7 @@ controller-gen:
 ifeq (, $(shell which controller-gen))
 	@{ \
 	set -e ;\
-	CONTROLLER_GEN_TMP_DIR=$$(mktemp -d) ;\
-	cd $$CONTROLLER_GEN_TMP_DIR ;\
-	go mod init tmp ;\
-	go get sigs.k8s.io/controller-tools/cmd/[email protected] ;\
-	rm -rf $$CONTROLLER_GEN_TMP_DIR ;\
+	go install sigs.k8s.io/controller-tools/cmd/[email protected] ;\
 	}
 CONTROLLER_GEN=$(GOBIN)/controller-gen
 else

diff --git a/build/Dockerfile b/build/Dockerfile
@@ -1,4 +1,4 @@
-FROM golang:1.16 as antrea-operator-build
+FROM golang:1.19 as antrea-operator-build
 
 WORKDIR /workspace
 # Copy the Go Modules manifests

diff --git a/controllers/antreainstall_controller.go b/controllers/antreainstall_controller.go
@@ -13,6 +13,7 @@ import (
 	configv1 "github.com/openshift/api/config/v1"
 	ocoperv1 "github.com/openshift/api/operator/v1"
 	"github.com/openshift/cluster-network-operator/pkg/apply"
+	cnoclient "github.com/openshift/cluster-network-operator/pkg/client"
 	"github.com/openshift/cluster-network-operator/pkg/render"
 	k8sutil "github.com/openshift/cluster-network-operator/pkg/util/k8s"
 	appsv1 "k8s.io/api/apps/v1"
@@ -119,7 +120,7 @@ func applyConfig(r *AntreaInstallReconciler, config configutil.Config, clusterCo
 
 		// Apply configurations.
 		for _, obj := range objs {
-			if err = apply.ApplyObject(context.TODO(), r.Client, obj); err != nil {
+			if err = apply.ApplyObject(context.TODO(), r.Client, obj, ""); err != nil {
 				log.Error(err, "failed to apply resource")
 				r.Status.SetDegraded(statusmanager.OperatorConfig, "ApplyObjectsError", fmt.Sprintf("Failed to apply operator configurations: %v", err))
 				return reconcile.Result{Requeue: true}, err
@@ -128,14 +129,14 @@ func applyConfig(r *AntreaInstallReconciler, config configutil.Config, clusterCo
 
 		// Delete old antrea-agent and antrea-controller pods.
 		if r.AppliedOperConfig != nil && agentNeedChange && !imageChange {
-			if err = deleteExistingPods(r.Client, operatortypes.AntreaAgentDaemonSetName); err != nil {
+			if err = deleteExistingPods(r.Client.Default().CRClient(), operatortypes.AntreaAgentDaemonSetName); err != nil {
 				msg := fmt.Sprintf("DaemonSet %s is not using the latest configuration updates because: %v", operatortypes.AntreaAgentDaemonSetName, err)
 				r.Status.SetDegraded(statusmanager.OperatorConfig, "DeleteOldPodsError", msg)
 				return reconcile.Result{Requeue: true}, err
 			}
 		}
 		if r.AppliedOperConfig != nil && controllerNeedChange && !imageChange {
-			if err = deleteExistingPods(r.Client, operatortypes.AntreaControllerDeploymentName); err != nil {
+			if err = deleteExistingPods(r.Client.Default().CRClient(), operatortypes.AntreaControllerDeploymentName); err != nil {
 				msg := fmt.Sprintf("Deployment %s is not using the latest configuration updates because: %v", operatortypes.AntreaControllerDeploymentName, err)
 				r.Status.SetDegraded(statusmanager.OperatorConfig, "DeleteOldPodsError", msg)
 				return reconcile.Result{Requeue: true}, err
@@ -148,7 +149,7 @@ func applyConfig(r *AntreaInstallReconciler, config configutil.Config, clusterCo
 func fetchAntreaInstall(r *AntreaInstallReconciler, request ctrl.Request) (*operatorv1.AntreaInstall, error, bool, bool) {
 	// Fetch antrea-install CR.
 	operConfig := &operatorv1.AntreaInstall{}
-	err := r.Client.Get(context.TODO(), types.NamespacedName{Namespace: operatortypes.OperatorNameSpace, Name: operatortypes.OperatorConfigName}, operConfig)
+	err := r.Client.Default().CRClient().Get(context.TODO(), types.NamespacedName{Namespace: operatortypes.OperatorNameSpace, Name: operatortypes.OperatorConfigName}, operConfig)
 	if err != nil {
 		if apierrors.IsNotFound(err) {
 			msg := fmt.Sprintf("%s CR not found", operatortypes.OperatorConfigName)
@@ -219,7 +220,7 @@ func (oc *AdaptorOc) Reconcile(r *AntreaInstallReconciler, request ctrl.Request)
 
 	// Fetch Cluster Network CR.
 	clusterConfig := &configv1.Network{}
-	err := r.Client.Get(context.TODO(), types.NamespacedName{Name: operatortypes.ClusterConfigName}, clusterConfig)
+	err := r.Client.Default().CRClient().Get(context.TODO(), types.NamespacedName{Name: operatortypes.ClusterConfigName}, clusterConfig)
 	if err != nil {
 		if apierrors.IsNotFound(err) {
 			msg := "Cluster Network CR not found"
@@ -240,7 +241,7 @@ func (oc *AdaptorOc) Reconcile(r *AntreaInstallReconciler, request ctrl.Request)
 
 	// Fetch the Network.operator.openshift.io instance
 	operatorNetwork := &ocoperv1.Network{}
-	err = r.Client.Get(context.TODO(), types.NamespacedName{Name: operatortypes.ClusterOperatorNetworkName}, operatorNetwork)
+	err = r.Client.Default().CRClient().Get(context.TODO(), types.NamespacedName{Name: operatortypes.ClusterOperatorNetworkName}, operatorNetwork)
 	if err != nil {
 		if apierrors.IsNotFound(err) {
 			r.Status.SetDegraded(statusmanager.OperatorConfig, "NoClusterNetworkOperatorConfig", fmt.Sprintf("Cluster network operator configuration not found"))
@@ -293,7 +294,7 @@ func (oc *AdaptorOc) Reconcile(r *AntreaInstallReconciler, request ctrl.Request)
 
 // AntreaInstallReconciler reconciles a AntreaInstall object
 type AntreaInstallReconciler struct {
-	Client client.Client
+	Client cnoclient.Client
 	Log    logr.Logger
 	Scheme *runtime.Scheme
 	Status *statusmanager.StatusManager
@@ -306,9 +307,9 @@ type AntreaInstallReconciler struct {
 	AppliedOperConfig    *operatorv1.AntreaInstall
 }
 
-func New(mgr ctrl.Manager, statusManager *statusmanager.StatusManager, info *sharedinfo.SharedInfo) (*AntreaInstallReconciler, error) {
+func New(mgr ctrl.Manager, statusManager *statusmanager.StatusManager, info *sharedinfo.SharedInfo, cli cnoclient.Client) (*AntreaInstallReconciler, error) {
 	r := AntreaInstallReconciler{
-		Client:     mgr.GetClient(),
+		Client:     cli,
 		Log:        ctrl.Log.WithName("controllers").WithName("AntreaInstall"),
 		Scheme:     mgr.GetScheme(),
 		Status:     statusManager,
@@ -370,7 +371,8 @@ func (r *AntreaInstallReconciler) getAppliedOperConfig() (*operatorv1.AntreaInst
 	var antreaConfig *corev1.ConfigMap
 	configList := &corev1.ConfigMapList{}
 	label := map[string]string{"app": "antrea"}
-	if err := r.Client.List(context.TODO(), configList, client.InNamespace(operatortypes.AntreaNamespace), client.MatchingLabels(label)); err != nil {
+	crcClient := r.Client.Default().CRClient()
+	if err := crcClient.List(context.TODO(), configList, client.InNamespace(operatortypes.AntreaNamespace), client.MatchingLabels(label)); err != nil {
 		if apierrors.IsNotFound(err) {
 			return nil, nil
 		} else {
@@ -388,7 +390,7 @@ func (r *AntreaInstallReconciler) getAppliedOperConfig() (*operatorv1.AntreaInst
 		return nil, nil
 	}
 	antreaControllerDeployment := appsv1.Deployment{}
-	if err := r.Client.Get(context.TODO(), types.NamespacedName{Namespace: operatortypes.AntreaNamespace, Name: operatortypes.AntreaControllerDeploymentName}, &antreaControllerDeployment); err != nil {
+	if err := crcClient.Get(context.TODO(), types.NamespacedName{Namespace: operatortypes.AntreaNamespace, Name: operatortypes.AntreaControllerDeploymentName}, &antreaControllerDeployment); err != nil {
 		if apierrors.IsNotFound(err) {
 			return nil, nil
 		} else {
@@ -417,7 +419,7 @@ func deleteExistingPods(c client.Client, component string) error {
 	return err
 }
 
-func updateNetworkStatus(c client.Client, clusterConfig *configv1.Network, defaultMTU int) error {
+func updateNetworkStatus(c cnoclient.Client, clusterConfig *configv1.Network, defaultMTU int) error {
 	status := configutil.BuildNetworkStatus(clusterConfig, defaultMTU)
 	clusterConfig.Status = *status
 	data, err := k8sutil.ToUnstructured(clusterConfig)
@@ -427,7 +429,7 @@ func updateNetworkStatus(c client.Client, clusterConfig *configv1.Network, defau
 	}
 
 	if data != nil {
-		if err := apply.ApplyObject(context.TODO(), c, data); err != nil {
+		if err := apply.ApplyObject(context.TODO(), c, data, ""); err != nil {
 			log.Error(err, fmt.Sprintf("Could not apply (%s) %s/%s", data.GroupVersionKind(),
 				data.GetNamespace(), data.GetName()))
 			return err

diff --git a/controllers/pod_controller.go b/controllers/pod_controller.go
@@ -22,6 +22,7 @@ import (
 	"github.com/go-logr/logr"
 
 	"github.com/openshift/cluster-network-operator/pkg/apply"
+	cnocient "github.com/openshift/cluster-network-operator/pkg/client"
 
 	"github.com/vmware/antrea-operator-for-kubernetes/controllers/sharedinfo"
 	"github.com/vmware/antrea-operator-for-kubernetes/controllers/statusmanager"
@@ -34,7 +35,7 @@ var ResyncPeriod = 2 * time.Minute
 
 // PodReconciler reconciles a Pod object
 type PodReconciler struct {
-	Client     client.Client
+	Client     cnocient.Client
 	Log        logr.Logger
 	Scheme     *runtime.Scheme
 	Status     *statusmanager.StatusManager
@@ -91,7 +92,7 @@ func (r *PodReconciler) recreateResourceIfNotExist(request *reconcile.Request) e
 		curObject = &appsv1.Deployment{}
 		objectSpec = r.SharedInfo.AntreaControllerDeploymentSpec.DeepCopy()
 	}
-	err := r.Client.Get(context.TODO(), request.NamespacedName, curObject)
+	err := r.Client.Default().CRClient().Get(context.TODO(), request.NamespacedName, curObject)
 	if err != nil {
 		if apierrors.IsNotFound(err) {
 			r.Log.Info(fmt.Sprintf("K8s resource - '%s' dose not exist", request.Name))
@@ -104,7 +105,7 @@ func (r *PodReconciler) recreateResourceIfNotExist(request *reconcile.Request) e
 		r.Log.Info(fmt.Sprintf("K8s resource - '%s' already exists", request.Name))
 		return nil
 	}
-	if err = apply.ApplyObject(context.TODO(), r.Client, objectSpec); err != nil {
+	if err = apply.ApplyObject(context.TODO(), r.Client, objectSpec, ""); err != nil {
 		r.Log.Error(
 			err, fmt.Sprintf("could not apply (%s) %s/%s",
 				objectSpec.GroupVersionKind(), objectSpec.GetNamespace(), objectSpec.GetName()))