deps: update to use go 1.23.0

.github/workflows/codeql.yml

@@ -47,7 +47,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          go-version: "1.22"
+          go-version: "1.23"
         if: ${{ matrix.language == 'go' }}
 
       # Initializes the CodeQL tools for scanning.

.github/workflows/tests-main.yaml

@@ -40,7 +40,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          go-version: "1.22"
+          go-version: "1.23"
       - name: Set up build.env with phony secrets.
         run: cp build.sample.env build.env
       - name: make test
@@ -90,7 +90,7 @@ jobs:
       - name: "Setup Go"
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          go-version: "1.22"
+          go-version: "1.23"
       - name: Set up QEMU
         uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0
       - name: Set up Docker Buildx

.github/workflows/tests.yaml

@@ -28,7 +28,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          go-version: "1.22"
+          go-version: "1.23"
       - name: Checkout code
         uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
         with:
@@ -69,7 +69,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          go-version: "1.22"
+          go-version: "1.23"
       - name: Set up QEMU
         uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0
       - name: Set up Docker Buildx

Makefile

@@ -293,7 +293,7 @@ e2e_test_clean: e2e_cleanup_test_namespaces e2e_undeploy ## Remove all operator
 e2e_teardown: e2e_cluster_destroy ## Remove the test infrastructure for e2e tests from the Google Cloud Project
 
 .PHONY: e2e_test_job
-e2e_test_job: e2e_setup_job e2e_build_deploy e2e_test_run
+e2e_test_job: e2e_setup_job e2e_test_clean e2e_build_deploy e2e_test_run
 
 .PHONY: e2e_setup_job
 e2e_setup_job: e2e_project e2e_cluster_job e2e_cert_manager_deploy
@@ -372,17 +372,15 @@ e2e_test_run_gotest:  # Run the golang e2e tests
 
 .PHONY: e2e_cleanup_test_namespaces
 e2e_cleanup_test_namespaces: e2e_project kustomize kubectl # remove e2e test namespaces named "test*"
-	( $(E2E_KUBECTL) get ns -o=name | \
-		grep namespace/test | \
-		$(E2E_KUBECTL_ENV) xargs $(KUBECTL) delete ) || true
-	( $(E2E_PRIVATE_KUBECTL) get ns -o=name | \
-		grep namespace/test | \
-		$(E2E_PRIVATE_KUBECTL_ENV) xargs $(KUBECTL) delete ) || true
+	$(E2E_PRIVATE_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh
+	$(E2E_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh
 
 .PHONY: e2e_undeploy
 e2e_undeploy: e2e_project kustomize kubectl $(E2E_WORK_DIR) # Remove the operator from the GKE cluster
-	$(E2E_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml
-	$(E2E_PRIVATE_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml
+	$(E2E_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml --timeout=30s || true
+	$(E2E_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh namespace/cloud-sql-proxy-operator-system
+	$(E2E_PRIVATE_KUBECTL) delete -f $(E2E_WORK_DIR)/operator.yaml --timeout=30s || true
+	$(E2E_PRIVATE_KUBECTL_ENV) KUBECTL=$(KUBECTL) $(PWD)/tools/delete-test-namespaces.sh namespace/cloud-sql-proxy-operator-system
 
 ###
 # Build the operator docker image and push it to the

go.mod

@@ -1,6 +1,6 @@
 module github.com/GoogleCloudPlatform/cloud-sql-proxy-operator
 
-go 1.22
+go 1.23.0
 
 require (
 	github.com/go-logr/logr v1.4.1

infra/permissions/main.tf

@@ -76,6 +76,12 @@ resource "google_project_iam_member" "allow_image_pull" {
   role       = "roles/artifactregistry.reader"
   member     = "serviceAccount:${google_service_account.node_pool.email}"
 }
+resource "google_project_iam_member" "default_node_service_acct" {
+  depends_on = [google_project_service.project["iam.googleapis.com"]]
+  project    = var.project_id
+  role       = "roles/container.defaultNodeServiceAccount"
+  member     = "serviceAccount:${google_service_account.node_pool.email}"
+}
 
 resource "google_project_iam_binding" "cloud_sql_client" {
   depends_on = [google_project_service.project["iam.googleapis.com"]]

tools/delete-test-namespaces.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+# Copyright 2025 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -euxo pipefail
+KUBECTL=${KUBECTL:-bin/kubectl}
+export USE_GKE_E2E_AUTH_PLUGIN=True
+export KUBECONFIG=${KUBECONFIG:-bin/e2e-kubeconfig.yaml}
+
+mkdir -p bin/ns
+function remove_ns(){
+  # Check that the namespace exists, return if not.
+  if ! $KUBECTL get namespace "$1" ; then
+    return
+  fi
+
+  # Tell kubernetes to delete the namespace, If it times out, force delete.
+  if ! $KUBECTL delete namespace "$1" --timeout=10s ; then
+
+    # Get the namespace, remove finalizers from the namespace spec.
+    $KUBECTL get namespace "$1" -o json | \
+      jq '.spec.finalizers = []' > "bin/ns/$1.json"
+
+    # Force update the namespace resource, removing finalizers.
+    # This will allow Kubernetes to continue the deletion of the resource.
+    $KUBECTL replace --raw "/api/v1/namespaces/$1/finalize" -f "bin/ns/$1.json"
+  fi
+
+}
+
+
+if [[ ${#@} -gt 0 ]] ; then
+  remove_ns "$1"
+else
+  ( $KUBECTL get ns -o=name | grep namespace/test > bin/ns/list.txt ) || true
+  namespaces=( $( cat bin/ns/list.txt ) )
+  for ns in ${namespaces[*]} ; do
+    ns="${ns#*/}" # remove "namespace/" from the beginning of the string
+    echo "Deleting $ns"
+    remove_ns "$ns"
+  done
+fi

tools/e2e_test_job.sh

@@ -58,6 +58,7 @@ set -x
 echo "TIME: $(date) Run Tests"
 echo "Running tests on environment ${ENVIRONMENT_NAME:-undefined}"
 
+echo "Starting the tests"
 # Run e2e test, filtering the stdout so that it only logs go test results.
 if make e2e_test_job > bin/e2e_test.log 2>&1 ; then
   echo "STATUS: E2E Test Passed"