bump to k8s.io v1.30, Go 1.22.0, and controller-runtime v0.18.0

.github/workflows/enclave-cc-cicd.yaml

@@ -32,7 +32,7 @@ jobs:
 
       - name: Setup kind cluster
         run: |
-          kind create cluster --image "kindest/node:v1.29.2" -n coco-sgx --config tests/e2e/enclave-cc-kind-config.yaml --wait 120s
+          kind create cluster --image "kindest/node:v1.31.0@sha256:53df588e04085fd41ae12de0c3fe4c72f7013bba32a20e7325357a1ac94ba865" -n coco-sgx --config tests/e2e/enclave-cc-kind-config.yaml --wait 120s
           kubectl label node coco-sgx-worker node.kubernetes.io/worker=
 
       - name: Deploy operator from the local registry

.github/workflows/enclave-cc-e2e.yaml

@@ -42,7 +42,7 @@ jobs:
 
       - name: Setup kind cluster
         run: |
-          kind create cluster --image "kindest/node:v1.29.2" -n coco-sgx --config tests/e2e/enclave-cc-kind-config.yaml --wait 120s
+          kind create cluster --image "kindest/node:v1.31.0@sha256:53df588e04085fd41ae12de0c3fe4c72f7013bba32a20e7325357a1ac94ba865" -n coco-sgx --config tests/e2e/enclave-cc-kind-config.yaml --wait 120s
           kubectl label node coco-sgx-worker node.kubernetes.io/worker=
           docker network connect kind registry
 

.github/workflows/makefile.yaml

@@ -26,9 +26,6 @@ jobs:
     - name: Download kustomize
       run: make kustomize
 
-    - name: Download envtest
-      run: make envtest
-
     - name: Build controller
       run: make build
 
@@ -43,3 +40,26 @@ jobs:
     needs:
       - build
     uses: "./.github/workflows/lib-codeql.yaml"
+
+  envtest:
+    name: Test APIs using envtest
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        version:
+          - 1.29.x
+          - 1.30.x
+          - 1.31.x
+    steps:
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4
+      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5
+        with:
+          go-version-file: go.mod
+          check-latest: true
+      - name: Install envtest and k8s control plane
+        run: |
+          go install sigs.k8s.io/controller-runtime/tools/setup-envtest@latest
+          setup-envtest use ${{ matrix.version }}
+      - name: Run envtest
+        run: |
+          KUBEBUILDER_ASSETS=$(setup-envtest use -i -p path ${{ matrix.version }}) go test ./... -coverprofile cover.out

Dockerfile

@@ -4,7 +4,7 @@ ARG IMG_NAME
 ARG IMG_VERSION
 
 # Build the manager binary
-FROM ${IMG_NAME:-golang}:${IMG_VERSION:-1.20} as builder
+FROM ${IMG_NAME:-golang}:${IMG_VERSION:-1.22} as builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests

Dockerfile.peerpods

@@ -4,7 +4,7 @@ ARG IMG_NAME
 ARG IMG_VERSION
 
 # Build the manager binary
-FROM ${IMG_NAME:-golang}:${IMG_VERSION:-1.20} as builder
+FROM ${IMG_NAME:-golang}:${IMG_VERSION:-1.22} as builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
@@ -31,7 +31,7 @@ RUN CGO_ENABLED=1 GOOS=linux go build -a -o manager main.go
 # Refer to https://github.com/GoogleContainerTools/distroless for more details
 # FROM gcr.io/distroless/static:nonroot
 
-FROM ${IMG_NAME:-golang}:${IMG_VERSION:-1.20}
+FROM ${IMG_NAME:-golang}:${IMG_VERSION:-1.22}
 RUN apt-get update -y && apt-get install -y libvirt-dev
 WORKDIR /
 COPY --from=builder /workspace/manager .

Makefile

@@ -50,7 +50,7 @@ endif
 # Image URL to use all building/pushing image targets
 IMG ?= controller:latest
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
-ENVTEST_K8S_VERSION = 1.24.2
+ENVTEST_K8S_VERSION = 1.30.x
 
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
 ifeq (,$(shell go env GOBIN))
@@ -59,24 +59,6 @@ else
 GOBIN=$(shell go env GOBIN)
 endif
 
-ifeq ($(ARCH),s390x)
-K8S_VERSION=v1.24.2
-ETCD_VERSION=v3.5.4
-ETCD_BASE_NAME=etcd-$(ETCD_VERSION)-linux-$(ARCH)
-KUBEBUILDER_PATH=$${PWD}/kubebuilder-tools/bin
-# ATM, there is no s390x support for kubebuilder-tools.
-# We need to prepare core binaries without envtest.
-# $1: a path where binaries are installed
-define INSTALL_KUBEBUILDER_TOOLS
-$(shell mkdir -p $1 && cd $1 && \
-curl -sLO https://dl.k8s.io/$(K8S_VERSION)/bin/linux/$(ARCH)/kube-apiserver && \
-curl -sLO https://dl.k8s.io/$(K8S_VERSION)/bin/linux/$(ARCH)/kubectl && \
-chmod +x kube-apiserver kubectl && \
-curl -sLO https://github.com/coreos/etcd/releases/download/$(ETCD_VERSION)/$(ETCD_BASE_NAME).tar.gz && \
-tar xzf $(ETCD_BASE_NAME).tar.gz && cp $(ETCD_BASE_NAME)/etcd . && rm -rf $(ETCD_BASE_NAME)*)
-endef
-endif
-
 # Setting SHELL to bash allows bash commands to be executed by recipes.
 # Options are set to exit when a recipe line exits non-zero or a piped command fails.
 SHELL = /usr/bin/env bash -o pipefail
@@ -122,12 +104,7 @@ vet: ## Run go vet against code.
 
 .PHONY: test
 test: manifests generate fmt vet envtest ## Run tests.
-ifeq ($(ARCH),s390x)
-	$(call INSTALL_KUBEBUILDER_TOOLS,$(KUBEBUILDER_PATH))
-	KUBEBUILDER_ASSETS="$(KUBEBUILDER_PATH)" go test ./... -coverprofile cover.out
-else
 	KUBEBUILDER_ASSETS="$(shell $(ENVTEST) use $(ENVTEST_K8S_VERSION) -p path)" go test ./... -coverprofile cover.out
-endif
 
 ##@ Build
 
@@ -208,8 +185,8 @@ OPERATOR_SDK ?= $(LOCALBIN)/operator-sdk
 
 ## Tool Versions
 KUSTOMIZE_VERSION ?= v5.3.0
-CONTROLLER_TOOLS_VERSION ?= v0.15.0
-OPERATOR_SDK_VERSION ?= v1.30.0
+CONTROLLER_TOOLS_VERSION ?= v0.16.1
+OPERATOR_SDK_VERSION ?= v1.36.1
 
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize

docs/DEVELOPMENT.md

@@ -3,10 +3,10 @@ These instructions should help you to build a custom version of the operator wit
 changes
 
 ## Prerequisites
-- Golang (1.18.x)
+- Golang compiler supported by the Go team
 - Operator SDK version (1.23.x+)
 - podman and podman-docker or docker
-- Access to Kubernetes cluster (1.24+)
+- Access to Kubernetes cluster
 - Container registry to store images
 
 

docs/INSTALL.md

@@ -3,7 +3,6 @@
 ## Prerequisites
 - Ensure a minimum of 8GB RAM and 2 vCPU for the Kubernetes cluster node
 - Only containerd runtime based Kubernetes clusters are supported with the current Confidential Containers (CoCo) release
-- The minimum Kubernetes version should be 1.24.
 - Ensure KUBECONFIG points to the target Kubernetes cluster.
 - Ensure at least one Kubernetes node in the cluster is having the label `node.kubernetes.io/worker=`
   ```

go.mod

@@ -1,17 +1,19 @@
 module github.com/confidential-containers/operator
 
-go 1.21
+go 1.22.0
+
+toolchain go1.22.3
 
 require (
 	github.com/confidential-containers/cloud-api-adaptor/src/peerpod-ctrl v0.8.3-0.20240422235106-567287db9814
 	github.com/confidential-containers/cloud-api-adaptor/src/peerpodconfig-ctrl v0.8.3-0.20240422235106-567287db9814
-	github.com/go-logr/logr v1.3.0
-	github.com/onsi/ginkgo/v2 v2.9.5
-	github.com/onsi/gomega v1.27.7
-	k8s.io/api v0.27.5
-	k8s.io/apimachinery v0.27.5
-	k8s.io/client-go v0.27.5
-	sigs.k8s.io/controller-runtime v0.15.0
+	github.com/go-logr/logr v1.4.1
+	github.com/onsi/ginkgo/v2 v2.17.1
+	github.com/onsi/gomega v1.32.0
+	k8s.io/api v0.30.4
+	k8s.io/apimachinery v0.30.4
+	k8s.io/client-go v0.30.4
+	sigs.k8s.io/controller-runtime v0.18.5
 )
 
 require (
@@ -63,18 +65,18 @@ require (
 	github.com/confidential-containers/cloud-api-adaptor/src/cloud-providers v0.8.2 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
-	github.com/evanphx/json-patch/v5 v5.6.0 // indirect
-	github.com/fsnotify/fsnotify v1.6.0 // indirect
-	github.com/go-logr/zapr v1.2.4 // indirect
+	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
+	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.19.6 // indirect
 	github.com/go-openapi/jsonreference v0.20.2 // indirect
 	github.com/go-openapi/swag v0.22.4 // indirect
 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang-jwt/jwt/v5 v5.0.0 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.3 // indirect
-	github.com/google/gnostic v0.5.7-v3refs // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
+	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
 	github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect
@@ -89,32 +91,31 @@ require (
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/prometheus/client_golang v1.15.1 // indirect
+	github.com/prometheus/client_golang v1.16.0 // indirect
 	github.com/prometheus/client_model v0.4.0 // indirect
-	github.com/prometheus/common v0.42.0 // indirect
-	github.com/prometheus/procfs v0.9.0 // indirect
+	github.com/prometheus/common v0.44.0 // indirect
+	github.com/prometheus/procfs v0.12.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	go.uber.org/atomic v1.9.0 // indirect
-	go.uber.org/multierr v1.6.0 // indirect
-	go.uber.org/zap v1.24.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
+	go.uber.org/zap v1.26.0 // indirect
+	golang.org/x/exp v0.0.0-20220722155223-a9213eeb770e // indirect
 	golang.org/x/net v0.23.0 // indirect
-	golang.org/x/oauth2 v0.10.0 // indirect
+	golang.org/x/oauth2 v0.12.0 // indirect
 	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/term v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.9.1 // indirect
-	gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect
+	golang.org/x/tools v0.18.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.33.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/apiextensions-apiserver v0.27.2 // indirect
-	k8s.io/component-base v0.27.2 // indirect
-	k8s.io/klog/v2 v2.110.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20230501164219-8b0f38b5fd1f // indirect
-	k8s.io/utils v0.0.0-20230209194617-a36077c30491 // indirect
+	k8s.io/apiextensions-apiserver v0.30.1 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
+	k8s.io/utils v0.0.0-20230726121419-3b25d923346b // indirect
 	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
 	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 	sigs.k8s.io/yaml v1.3.0 // indirect