From 1bb77564161a4bce9bb82041919a4661d1b593eb Mon Sep 17 00:00:00 2001 From: Seth Heidkamp <61526534+sheidkamp@users.noreply.github.com> Date: Wed, 13 Nov 2024 15:26:51 -0500 Subject: [PATCH 1/8] Fix published Helm docs from main branch (#10334) --- changelog/v1.18.0-beta35/helm-doc-gen.yaml | 6 ++++++ docs/cmd/generate_docs.go | 8 +++----- pkg/github-action-utils/version.go | 4 +++- 3 files changed, 12 insertions(+), 6 deletions(-) create mode 100644 changelog/v1.18.0-beta35/helm-doc-gen.yaml diff --git a/changelog/v1.18.0-beta35/helm-doc-gen.yaml b/changelog/v1.18.0-beta35/helm-doc-gen.yaml new file mode 100644 index 00000000000..4b97b85471d --- /dev/null +++ b/changelog/v1.18.0-beta35/helm-doc-gen.yaml @@ -0,0 +1,6 @@ +changelog: + - type: NON_USER_FACING + issueLink: https://github.com/solo-io/solo-projects/issues/6888 + resolvesIssue: false + description: >- + Update helm public docs generation to work from main branch and only pull in released changes diff --git a/docs/cmd/generate_docs.go b/docs/cmd/generate_docs.go index 0a5a61cd0d3..f0936f7de64 100644 --- a/docs/cmd/generate_docs.go +++ b/docs/cmd/generate_docs.go @@ -454,11 +454,9 @@ func fetchEnterpriseHelmValues(_ []string) error { if err != nil { return err } - version, err := semver.NewVersion(string(semverReleaseTag)) - if err != nil { - return err - } - minorReleaseTag := fmt.Sprintf("v%d.%d.x", version.Major(), version.Minor()) + + minorReleaseTag := "v" + string(semverReleaseTag) + files, err := githubutils.GetFilesFromGit(ctx, client, repoOwner, glooEnterpriseRepo, minorReleaseTag, path) if err != nil { return err diff --git a/pkg/github-action-utils/version.go b/pkg/github-action-utils/version.go index 167cbb7fe35..25189901f8e 100644 --- a/pkg/github-action-utils/version.go +++ b/pkg/github-action-utils/version.go @@ -35,7 +35,9 @@ func GetLatestEnterpriseVersion(repoRootPath string, repo string, owner string) return err } defer f.Close() - enterpriseVersion, err := version.GetLatestHelmChartVersionWithMaxVersion(version.EnterpriseHelmRepoIndex, version.GlooEE, true, maxGlooEVersion) + // get the latest version from the helm repo, include unstable versions so it works from the main branches + // for LTS branches, unstable versions will be filtered out by the version constraints + enterpriseVersion, err := version.GetLatestHelmChartVersionWithMaxVersion(version.EnterpriseHelmRepoIndex, version.GlooEE, false, maxGlooEVersion) if err != nil { return err } From c559bed10c19b14e07c876d8b31dbf374bc66843 Mon Sep 17 00:00:00 2001 From: David Jumani Date: Thu, 14 Nov 2024 11:47:18 -0500 Subject: [PATCH 2/8] fix failing unit tests --- .github/workflows/pr-unit-tests.yaml | 3 +++ test/kubernetes/testutils/helper/util_test.go | 4 ++-- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-unit-tests.yaml b/.github/workflows/pr-unit-tests.yaml index d3b6988e95f..a24c015d06e 100644 --- a/.github/workflows/pr-unit-tests.yaml +++ b/.github/workflows/pr-unit-tests.yaml @@ -6,6 +6,9 @@ name: Unit Tests # # Our historical unit tests are run via CloudBuild # Overtime, it would be valuable to consolidate these approaches +env: + VERSION: '1.0.0-ci1' + GITHUB_TOKEN: ${{ github.token }} on: pull_request: diff --git a/test/kubernetes/testutils/helper/util_test.go b/test/kubernetes/testutils/helper/util_test.go index 91a8a4ac272..ed8c891639b 100644 --- a/test/kubernetes/testutils/helper/util_test.go +++ b/test/kubernetes/testutils/helper/util_test.go @@ -23,8 +23,8 @@ func TestReturnsLatestPatchForMinor(t *testing.T) { ctx := context.Background() // this is fine because this is a public repo client := githubutils.GetClientWithOrWithoutToken(ctx) - minor, err := getLatestReleasedPatchVersion(ctx, client, "gloo", 1, 8) + minor, err := getLatestReleasedPatchVersion(ctx, client, "gloo", 1, 9) require.NoError(t, err) - assert.Equal(t, "v1.8.37", minor.String()) + assert.Equal(t, "v1.9.30", minor.String()) } From 49e733330c84a9f85184fe5f7962f2aea709db4a Mon Sep 17 00:00:00 2001 From: Shane O'Donnell Date: Thu, 14 Nov 2024 13:53:06 -0500 Subject: [PATCH 3/8] Bump kubectl to match the k8s deps in go.mod Addresses CVE-2023-45288 caught by Snyk scanner (golang http2 lib, Rated HIGH) --- changelog/v1.18.0-beta34/bump-kubectl-image.yaml | 6 ++++++ jobs/kubectl/Dockerfile | 2 +- 2 files changed, 7 insertions(+), 1 deletion(-) create mode 100644 changelog/v1.18.0-beta34/bump-kubectl-image.yaml diff --git a/changelog/v1.18.0-beta34/bump-kubectl-image.yaml b/changelog/v1.18.0-beta34/bump-kubectl-image.yaml new file mode 100644 index 00000000000..aceaf43b452 --- /dev/null +++ b/changelog/v1.18.0-beta34/bump-kubectl-image.yaml @@ -0,0 +1,6 @@ +changelog: + - type: NON_USER_FACING + issueLink: https://github.com/solo-io/gloo-mesh-enterprise/issues/19119 + resolvesIssue: false + description: >- + Bump the kubectl image from 1.29.6 to to 1.31.1 to address CVE-2023-45288. \ No newline at end of file diff --git a/jobs/kubectl/Dockerfile b/jobs/kubectl/Dockerfile index 1cf3dd409e0..7ad742a008b 100644 --- a/jobs/kubectl/Dockerfile +++ b/jobs/kubectl/Dockerfile @@ -1,6 +1,6 @@ ARG BASE_IMAGE -FROM bitnami/kubectl:1.29.6 as kubectl +FROM bitnami/kubectl:1.31.1 as kubectl FROM $BASE_IMAGE From affe1e6f1c7297d621be66eb50e977077bcd45b4 Mon Sep 17 00:00:00 2001 From: Shane O'Donnell Date: Thu, 14 Nov 2024 14:01:09 -0500 Subject: [PATCH 4/8] Move changelog to newer beta folder --- .../{v1.18.0-beta34 => v1.18.0-beta35}/bump-kubectl-image.yaml | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename changelog/{v1.18.0-beta34 => v1.18.0-beta35}/bump-kubectl-image.yaml (100%) diff --git a/changelog/v1.18.0-beta34/bump-kubectl-image.yaml b/changelog/v1.18.0-beta35/bump-kubectl-image.yaml similarity index 100% rename from changelog/v1.18.0-beta34/bump-kubectl-image.yaml rename to changelog/v1.18.0-beta35/bump-kubectl-image.yaml From af22b6c21834f712c090e574a12481b419cf4c6d Mon Sep 17 00:00:00 2001 From: Steven Landow Date: Thu, 14 Nov 2024 10:49:37 -0800 Subject: [PATCH 5/8] fix CRDExists check --- pkg/schemes/extended_scheme.go | 3 ++- projects/gateway2/controller/start.go | 4 ++++ projects/gateway2/setup/ggv2setup.go | 13 +++++-------- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/pkg/schemes/extended_scheme.go b/pkg/schemes/extended_scheme.go index 0e4cc557d98..69aaf372b86 100644 --- a/pkg/schemes/extended_scheme.go +++ b/pkg/schemes/extended_scheme.go @@ -4,6 +4,7 @@ import ( "fmt" "github.com/solo-io/gloo/projects/gateway2/wellknown" + "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/meta" "k8s.io/apimachinery/pkg/runtime" "k8s.io/client-go/discovery" @@ -38,7 +39,7 @@ func CRDExists(restConfig *rest.Config, group, version, kind string) (bool, erro groupVersion := fmt.Sprintf("%s/%s", group, version) apiResourceList, err := discoveryClient.ServerResourcesForGroupVersion(groupVersion) if err != nil { - if discovery.IsGroupDiscoveryFailedError(err) || meta.IsNoMatchError(err) { + if errors.IsNotFound(err) || discovery.IsGroupDiscoveryFailedError(err) || meta.IsNoMatchError(err) { return false, nil } return false, err diff --git a/projects/gateway2/controller/start.go b/projects/gateway2/controller/start.go index 787ee182c07..cbfdc45ef20 100644 --- a/projects/gateway2/controller/start.go +++ b/projects/gateway2/controller/start.go @@ -151,6 +151,7 @@ func NewControllerBuilder(ctx context.Context, cfg StartConfig) (*ControllerBuil krt.WithName("AuthConfig")) inputChannels := proxy_syncer.NewGatewayInputChannels() + setupLog.Info("setting up k8s gw ext") k8sGwExtensions, err := cfg.ExtensionsFactory(ctx, ext.K8sGatewayExtensionsFactoryParameters{ Mgr: mgr, IstioClient: cfg.Client, @@ -168,6 +169,7 @@ func NewControllerBuilder(ctx context.Context, cfg StartConfig) (*ControllerBuil return nil, err } + setupLog.Info("setting proxy syncer") // Create the proxy syncer for the Gateway API resources proxySyncer := proxy_syncer.NewProxySyncer( ctx, @@ -187,8 +189,10 @@ func NewControllerBuilder(ctx context.Context, cfg StartConfig) (*ControllerBuil cfg.GlooStatusReporter, cfg.SetupOpts.ProxyReconcileQueue, ) + setupLog.Info("init proxy syncer") proxySyncer.Init(ctx, cfg.Debugger) + setupLog.Info("register proxy syncer") if err := mgr.Add(proxySyncer); err != nil { setupLog.Error(err, "unable to add proxySyncer runnable") return nil, err diff --git a/projects/gateway2/setup/ggv2setup.go b/projects/gateway2/setup/ggv2setup.go index 8f2f1300244..673ea768b08 100644 --- a/projects/gateway2/setup/ggv2setup.go +++ b/projects/gateway2/setup/ggv2setup.go @@ -2,12 +2,11 @@ package setup import ( "context" + "errors" "fmt" "sort" "strings" - "errors" - "github.com/solo-io/gloo/pkg/utils/envutils" "github.com/solo-io/gloo/pkg/utils/setuputils" gloostatusutils "github.com/solo-io/gloo/pkg/utils/statusutils" @@ -43,9 +42,7 @@ import ( ctrl "sigs.k8s.io/controller-runtime" ) -var ( - settingsGVR = glookubev1.SchemeGroupVersion.WithResource("settings") -) +var settingsGVR = glookubev1.SchemeGroupVersion.WithResource("settings") func createKubeClient(restConfig *rest.Config) (istiokube.Client, error) { restCfg := istiokube.NewClientConfigForRestConfig(restConfig) @@ -77,15 +74,14 @@ func getInitialSettings(ctx context.Context, c istiokube.Client, nns types.Names return nil } return out - } func StartGGv2(ctx context.Context, setupOpts *bootstrap.SetupOpts, uccBuilder krtcollections.UniquelyConnectedClientsBulider, extensionsFactory extensions.K8sGatewayExtensionsFactory, - pluginRegistryFactory func(opts registry.PluginOpts) plugins.PluginRegistryFactory) error { - + pluginRegistryFactory func(opts registry.PluginOpts) plugins.PluginRegistryFactory, +) error { restConfig := ctrl.GetConfigOrDie() return StartGGv2WithConfig(ctx, setupOpts, restConfig, uccBuilder, extensionsFactory, pluginRegistryFactory, setuputils.SetupNamespaceName()) @@ -164,6 +160,7 @@ func StartGGv2WithConfig(ctx context.Context, Debugger: setupOpts.KrtDebugger, }) if err != nil { + logger.Error("failed building controller: ", err) return err } /// no collections after this point From 5bc8a0a77237f86afdcee2b44f27ad26e362dff1 Mon Sep 17 00:00:00 2001 From: Steven Landow Date: Thu, 14 Nov 2024 12:32:06 -0800 Subject: [PATCH 6/8] changelog --- changelog/v1.18.0-beta35/crdcheck.yaml | 4 ++++ projects/gateway2/controller/start.go | 8 +++----- projects/gateway2/setup/ggv2setup.go | 2 +- 3 files changed, 8 insertions(+), 6 deletions(-) create mode 100644 changelog/v1.18.0-beta35/crdcheck.yaml diff --git a/changelog/v1.18.0-beta35/crdcheck.yaml b/changelog/v1.18.0-beta35/crdcheck.yaml new file mode 100644 index 00000000000..c50b01d981f --- /dev/null +++ b/changelog/v1.18.0-beta35/crdcheck.yaml @@ -0,0 +1,4 @@ +changelog: + - type: NON_USER_FACING + description: >- + Fix CRD check to allow the group/kind to be missing. diff --git a/projects/gateway2/controller/start.go b/projects/gateway2/controller/start.go index cbfdc45ef20..e9f7efd63ab 100644 --- a/projects/gateway2/controller/start.go +++ b/projects/gateway2/controller/start.go @@ -151,7 +151,8 @@ func NewControllerBuilder(ctx context.Context, cfg StartConfig) (*ControllerBuil krt.WithName("AuthConfig")) inputChannels := proxy_syncer.NewGatewayInputChannels() - setupLog.Info("setting up k8s gw ext") + + setupLog.Info("initializing k8sgateway extensions") k8sGwExtensions, err := cfg.ExtensionsFactory(ctx, ext.K8sGatewayExtensionsFactoryParameters{ Mgr: mgr, IstioClient: cfg.Client, @@ -169,8 +170,8 @@ func NewControllerBuilder(ctx context.Context, cfg StartConfig) (*ControllerBuil return nil, err } - setupLog.Info("setting proxy syncer") // Create the proxy syncer for the Gateway API resources + setupLog.Info("initializing proxy syncer") proxySyncer := proxy_syncer.NewProxySyncer( ctx, cfg.InitialSettings, @@ -189,10 +190,7 @@ func NewControllerBuilder(ctx context.Context, cfg StartConfig) (*ControllerBuil cfg.GlooStatusReporter, cfg.SetupOpts.ProxyReconcileQueue, ) - setupLog.Info("init proxy syncer") proxySyncer.Init(ctx, cfg.Debugger) - - setupLog.Info("register proxy syncer") if err := mgr.Add(proxySyncer); err != nil { setupLog.Error(err, "unable to add proxySyncer runnable") return nil, err diff --git a/projects/gateway2/setup/ggv2setup.go b/projects/gateway2/setup/ggv2setup.go index 673ea768b08..e0bea7e7661 100644 --- a/projects/gateway2/setup/ggv2setup.go +++ b/projects/gateway2/setup/ggv2setup.go @@ -160,7 +160,7 @@ func StartGGv2WithConfig(ctx context.Context, Debugger: setupOpts.KrtDebugger, }) if err != nil { - logger.Error("failed building controller: ", err) + logger.Error("failed initializing controller: ", err) return err } /// no collections after this point From 30f8442396ed74bc4d3d65de69940d22d31a1ef9 Mon Sep 17 00:00:00 2001 From: Shane O'Donnell Date: Fri, 15 Nov 2024 10:24:22 -0500 Subject: [PATCH 7/8] Also bump kubectl distroless --- jobs/kubectl/Dockerfile.distroless | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jobs/kubectl/Dockerfile.distroless b/jobs/kubectl/Dockerfile.distroless index c4914c8bee9..e6b2e30e77f 100644 --- a/jobs/kubectl/Dockerfile.distroless +++ b/jobs/kubectl/Dockerfile.distroless @@ -1,6 +1,6 @@ ARG BASE_IMAGE -FROM bitnami/kubectl:1.29.6 as kubectl +FROM bitnami/kubectl:1.31.1 as kubectl FROM $BASE_IMAGE From 829ae336427c5da9b25f23148f6c34deb0386819 Mon Sep 17 00:00:00 2001 From: Shane O'Donnell Date: Fri, 15 Nov 2024 11:19:13 -0500 Subject: [PATCH 8/8] Update changelog/v1.18.0-beta35/bump-kubectl-image.yaml --- changelog/v1.18.0-beta35/bump-kubectl-image.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog/v1.18.0-beta35/bump-kubectl-image.yaml b/changelog/v1.18.0-beta35/bump-kubectl-image.yaml index aceaf43b452..88e8d82acf1 100644 --- a/changelog/v1.18.0-beta35/bump-kubectl-image.yaml +++ b/changelog/v1.18.0-beta35/bump-kubectl-image.yaml @@ -1,5 +1,5 @@ changelog: - - type: NON_USER_FACING + - type: FIX issueLink: https://github.com/solo-io/gloo-mesh-enterprise/issues/19119 resolvesIssue: false description: >-