Feat/cleanup

.github/workflows/gotest-cover.yml

@@ -0,0 +1,29 @@
+name: golangci-lint
+
+on:
+  pull_request:
+    types: [opened, edited, synchronize, reopened]
+
+# Remove all permissions from GH_TOKEN except metadata.
+permissions: {}
+
+jobs:
+  golangci:
+    name: lint
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        working-directory:
+          - ""
+    steps:
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # tag=v4.1.6
+      - name: Calculate go version
+        id: vars
+        run: echo "go_version=$(make go-version)" >> $GITHUB_OUTPUT
+      - name: Set up Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # tag=v5.5.0
+        with:
+          go-version: ${{ steps.vars.outputs.go_version }}
+      - name: Go Tests with coverage
+        run: |
+          make test-cover

.github/workflows/release.yml

@@ -31,7 +31,7 @@ jobs:
         run: |
           make release-notes
       - name: Release
-        uses: softprops/action-gh-release@da05d552573ad5aba039eaac05058a918a7bf631 # tag=v2.2.2
+        uses: softprops/action-gh-release@72f2c25fcb47643c292f7107632f7a47c1df5cd8 # tag=v2.3.2
         with:
           draft: true
           files: out/*

Dockerfile

@@ -72,20 +72,27 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
 FROM ${deployment_base_image}:${deployment_base_image_tag}
 
 # Set shell with pipefail option for better error handling
-SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+SHELL ["/bin/sh", "-o", "pipefail", "-c"]
 
 # Install Node.js and cdk8s-cli directly
 # hadolint ignore=DL3015
-RUN apt-get update && \
-    apt-get install -y --no-install-recommends ca-certificates=20240203~22.04.1 curl=7.81.0-1ubuntu1.20 && \
-    curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \
-    apt-get install -y nodejs=18.19.1-1nodesource1 && \
-    npm install -g [email protected] && \
-    curl -fsSL -o go1.24.4.linux-amd64.tar.gz https://go.dev/dl/go1.24.4.linux-amd64.tar.gz && \
-    tar -C /usr/local -xzf go1.24.4.linux-amd64.tar.gz && \
-    rm go1.24.4.linux-amd64.tar.gz && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+#RUN apt-get update && \
+#    apt-get install -y --no-install-recommends ca-certificates=20240203~22.04.1 curl=7.81.0-1ubuntu1.20 && \
+#    curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \
+#    apt-get install -y nodejs=18.19.1-1nodesource1 && \
+#    npm install -g [email protected] && \
+#    curl -fsSL -o go1.24.4.linux-amd64.tar.gz https://go.dev/dl/go1.24.4.linux-amd64.tar.gz && \
+#    tar -C /usr/local -xzf go1.24.4.linux-amd64.tar.gz && \
+#    rm go1.24.4.linux-amd64.tar.gz && \
+#    apt-get clean && \
+#    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+
+RUN apk add --no-cache ca-certificates curl nodejs npm \
+    && npm install -g [email protected] \
+    && curl -fsSL -o go1.24.4.linux-amd64.tar.gz https://go.dev/dl/go1.24.4.linux-amd64.tar.gz \
+    && tar -C /usr/local -xzf go1.24.4.linux-amd64.tar.gz \
+    && rm go1.24.4.linux-amd64.tar.gz \
+    && rm -rf /tmp/*
 
 # Set Go environment variables
 ENV PATH=$PATH:/usr/local/go/bin
@@ -95,7 +102,7 @@ WORKDIR /
 COPY --from=builder /workspace/manager .
 
 # Create non-root user
-RUN useradd --uid 65532 --create-home --shell /bin/bash nonroot
+RUN adduser -u 65532 -D -h /home/nonroot -s /bin/sh nonroot
 
 # Switch back to non-root user (this line should already exist)
 # USER root # This was part of the removed direct install, ensure it's not re-added here unless needed for COPY permissions

Makefile

@@ -45,8 +45,8 @@ export GO111MODULE=on
 # Base docker images
 
 DOCKERFILE_CONTAINER_IMAGE ?= docker.io/docker/dockerfile:1.4
-DEPLOYMENT_BASE_IMAGE ?= ubuntu
-DEPLOYMENT_BASE_IMAGE_TAG ?= 22.04
+DEPLOYMENT_BASE_IMAGE ?= alpine
+DEPLOYMENT_BASE_IMAGE_TAG ?= 3.20
 BUILD_CONTAINER_ADDITIONAL_ARGS ?=
 
 #
@@ -230,12 +230,11 @@ CAPI_KIND_CLUSTER_NAME ?= capi-test
 
 # It is set by Prow GIT_TAG, a git-based tag of the form vYYYYMMDD-hash, e.g., v20210120-v0.3.10-308-gc61521971
 
-# Next release is: v0.3.2-alpha
-TAG ?= v0.3.1-alpha
+# Next release is: v1.0.0-preview
+TAG ?= v1.0.0-preview.5
 ARCH ?= $(shell go env GOARCH)
 ALL_ARCH = amd64 arm arm64
 
-
 # Allow overriding manifest generation destination directory
 MANIFEST_ROOT ?= config
 CRD_ROOT ?= $(MANIFEST_ROOT)/crd/bases

README.md

@@ -36,43 +36,28 @@ The `Cdk8sAppProxy` CustomResourceDefinition (CRD) is used to manage the deploym
 
 ### Example Manifest
 
-An example of a `Cdk8sAppProxy` manifest can be found in [`examples/cdk8sappproxy_sample.yaml`](./examples/cdk8sappproxy_sample.yaml). Below is a snippet:
+An example of a `Cdk8sAppProxy` manifest can be found in [`examples/cdk8sappproxy_sample-go.yaml`](./examples/cdk8sappproxy_sample-go.yaml). Below is a snippet:
 
 ```yaml
 apiVersion: addons.cluster.x-k8s.io/v1alpha1
 kind: Cdk8sAppProxy
 metadata:
-  name: cdk8s-sample-app
+  name: cdk8s-sample-app-go
   namespace: default
 spec:
   gitRepository:
-    url: "https://github.com/PatrickLaabs/cluster-api-addon-provider-cdk8s/examples/cdk8s-sample-deployment"
+    url: "https://github.com/PatrickLaabs/cluster-api-addon-provider-cdk8s"
     reference: "main"
-    path: "."
-    # authSecretRef:
-    #   name: git-credentials
+    referencePollInterval: '5'
+    path: "examples/cdk8s-sample-deployment"
   clusterSelector: {}
-    # matchLabels:
-      # environment: development
-# ---
-# apiVersion: v1
-# kind: Secret
-# metadata:
-#   name: git-credentials
-#   namespace: default
-# type: Opaque
-# data:
-#   # Base64 encoded username
-#   username: <base64-encoded-username>
-#   # Base64 encoded password/token
-#   password: <base64-encoded-password-or-token>
-
+          # matchLabels:
+  # environment: development
 ```
 
 ### Cdk8sAppProxySpec Fields
 
-- **localPath**: (Optional) The local filesystem path to the cdk8s application directory. One of `localPath` or `gitRepository` must be specified.
-- **gitRepository**: (Optional) Specifies the Git repository for the cdk8s application. One of `localPath` or `gitRepository` must be specified.
+- **gitRepository**: (Optional) Specifies the Git repository for the cdk8s application. `gitRepository` must be specified.
     - **url**: (Required) The Git repository URL.
     - **reference**: (Optional) The Git reference (branch, tag, or commit) to check out.
     - **path**: (Optional) The path within the repository where the cdk8s application is located. Defaults to the root.

api/v1alpha1/cdk8sappproxy_types.go

@@ -17,7 +17,6 @@ limitations under the License.
 package v1alpha1
 
 import (
-	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
 )
@@ -29,30 +28,23 @@ type GitRepositorySpec struct {
 	URL string `json:"url"`
 
 	// Reference is the git reference (branch, tag, or commit).
-	// +kubebuilder:validation:Optional
-	Reference string `json:"reference,omitempty"`
+	// +kubebuilder:validation:Required
+	Reference string `json:"reference"`
+
+	// ReferencePollInterval polls the defined git repository for changes.
+	// Defaults to 5 min.
+	// +kubebuilder:validation:optional
+	ReferencePollInterval *metav1.Duration `json:"referencePollInterval,omitempty"`
 
 	// Path is the path within the repository where the cdk8s application is located.
 	// Defaults to the root of the repository.
-	// +kubebuilder:validation:Optional
-	Path string `json:"path,omitempty"`
-
-	// AuthSecretRef is a reference to a Secret in the same namespace
-	// containing authentication credentials for the Git repository.
-	// The secret must contain 'username' and 'password' fields.
-	// +kubebuilder:validation:Optional
-	AuthSecretRef *corev1.LocalObjectReference `json:"authSecretRef,omitempty"`
+	// +kubebuilder:validation:Required
+	Path string `json:"path"`
 }
 
 // Cdk8sAppProxySpec defines the desired state of Cdk8sAppProxy.
 type Cdk8sAppProxySpec struct {
-	// LocalPath is the local filesystem path to the cdk8s app.
-	// One of LocalPath or GitRepository must be specified.
-	// +kubebuilder:validation:Optional
-	LocalPath string `json:"localPath,omitempty"`
-
 	// GitRepository specifies the Git repository for the cdk8s app.
-	// One of LocalPath or GitRepository must be specified.
 	// +kubebuilder:validation:Optional
 	GitRepository *GitRepositorySpec `json:"gitRepository,omitempty"`