CSPL-3964: Upgrade operator sdk to 1.41.1 and Golang version to 1.24.4

[gabrielm-splunk]

Description

Upgrading operator-sdk to version 1.41.1 and Golang version to 1.24.4. There were some linting changes that trickled through, but were very minor, so just decided to leave in. Thankfully, there weren't any breaking changes, so this was pretty straightforward other than some go mod changes (ran go mod tidy to resolve). This will help resolve security vulnerability: https://splunk.atlassian.net/browse/VULN-42799

Key Changes

The main updates are in the .env and Dockerfile

Testing and Verification

Ran operator locally, installed operator on EKS cluster, and ran unit tests. Added this branch to be picked up by integration testing, so will monitor outputs of that.

Related Issues

• Upgrade operator sdk
• Upgrade golang version
• Security vulnerability scan alert

PR Checklist

• Code changes adhere to the project's coding standards.
• Relevant unit and integration tests are included.
• Documentation has been updated accordingly.
• All tests pass locally.
• The PR description follows the project's guidelines.

[gabrielm-splunk]

I see the check for biased language is failing here, any insights on how to solve? There were very minimal changes and the only change that's included that has the biased word master is in the deps for Masterminds

[coveralls]

Pull Request Test Coverage Report for Build 19141739219

Details

• 8 of 8 (100.0%) changed or added relevant lines in 8 files are covered.
• No unchanged relevant lines lost coverage.
• Overall coverage increased (+0.009%) to 86.561%

---

Totals
Change from base Build 19137368717:	0.009%
Covered Lines:	10718
Relevant Lines:	12382

---

💛 - Coveralls

[rlieberman-splunk]

I see the check for biased language is failing here, any insights on how to solve? There were very minimal changes and the only change that's included that has the biased word master is in the deps for Masterminds

We can add the go.mod file to https://github.com/splunk/splunk-operator/blob/main/.biased_lang_exclude. go.sum is already excluded. There's more information here if you need it too! https://github.com/splunk/biased-lang-linter/pkgs/container/biased_lang#excluding-directories-and-files

[gabrielm-splunk]

I see the check for biased language is failing here, any insights on how to solve? There were very minimal changes and the only change that's included that has the biased word master is in the deps for Masterminds

We can add the go.mod file to https://github.com/splunk/splunk-operator/blob/main/.biased_lang_exclude. go.sum is already excluded. There's more information here if you need it too! https://github.com/splunk/biased-lang-linter/pkgs/container/biased_lang#excluding-directories-and-files

Got it, done @rlieberman-splunk

[kasiakoziol]

https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.40.0/:

• https://github.com/splunk/splunk-operator/blob/main/Makefile#L256 - Upgrade guide suggest using 1.55.0.
• What about other things from this upgrade doc?

https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.41.0/

• splunk-operator/Makefile

  Line 207 in fb134af

  CONTROLLER_TOOLS_VERSION ?= v0.16.1

• splunk-operator/go.mod

  Line 29 in fb134af

  sigs.k8s.io/controller-runtime v0.14.5

[kasiakoziol]

Please remember to remove it before merge.

[gabrielm-splunk]

https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.40.0/:

• https://github.com/splunk/splunk-operator/blob/main/Makefile#L256 - Upgrade guide suggest using 1.55.0.
• What about other things from this upgrade doc?

https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.41.0/

• splunk-operator/Makefile

  Line 207 in fb134af

  CONTROLLER_TOOLS_VERSION ?= v0.16.1

• splunk-operator/go.mod

  Line 29 in fb134af

  sigs.k8s.io/controller-runtime v0.14.5

@kasiakoziol Yeah, I missed some of these. I was looking at a wrong version of the upgrade-sdk-version doc, will address today

[patrykw-splunk]

Open question, does this MR should include certificate watcher changes?
I'm also wondering if Cert-manager specific resources from the upgrade guide should be included here.

Here is a reference
https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.40.0/

[gabrielm-splunk]

Open question, does this MR should include certificate watcher changes? I'm also wondering if Cert-manager specific resources from the upgrade guide should be included here.

Here is a reference https://sdk.operatorframework.io/docs/upgrading-sdk-version/v1.40.0/

We discussed this offline and determined that we will handle cert-manager-specific changes in a follow-up PR

[gabrielm-splunk]

Although not fully ideal, I saw precedent for doing this for examples here and here so felt more comfortable with this (test was failing trying to run these scripts prior to this)

[gabrielm-splunk]

Description on why these changes were necessary:

Sometimes the wildcard parsing here would cause us to not be able to properly pick up the first directory, causing the disabled app changes to not be processed sometimes. This change uses Go idiomatic way to do the same thing in a more reliable way.

[gabrielm-splunk]

Not 100% sure why this is now necessary since the upgrade, but the Monitoring Console would hang while waiting to become ready without this "manual" controller registration

[kasiakoziol]

@gabrielm-splunk If you want to upgrade to 1.34, you have to pull my changes from develop because that's not only a one line change.

[gabrielm-splunk]

@gabrielm-splunk If you want to upgrade to 1.34, you have to pull my changes from develop because that's not only a one line change.

@kasiakoziol I did rebase off of develop, so it does contain those changes, unless you pushed within the last couple of hours