fixup! build: Use "github.com/distribution/reference"

mesosphere · Feb 12, 2024 · ba9d8f7 · ba9d8f7
1 parent 9ac2651
commit ba9d8f7
Show file tree

Hide file tree

Showing 19 changed files with 257 additions and 249 deletions.
diff --git a/.golangci.yml b/.golangci.yml
@@ -31,7 +31,6 @@ linters:
     - misspell
     - nolintlint
     - prealloc
-    - revive
     - staticcheck
     - stylecheck
     - tagliatelle

diff --git a/apis/config/v1alpha1/dynamiccredentialprovideconfig_validation.go b/apis/config/v1alpha1/dynamiccredentialprovideconfig_validation.go
@@ -5,7 +5,7 @@ package v1alpha1
 
 import (
 	"k8s.io/apimachinery/pkg/api/errors"
-	runtime "k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/util/validation/field"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"

diff --git a/devbox.lock b/devbox.lock
diff --git a/go.mod b/go.mod
@@ -6,7 +6,7 @@ module github.com/mesosphere/dynamic-credential-provider
 go 1.21
 
 require (
-	github.com/docker/distribution v2.8.3+incompatible
+	github.com/distribution/reference v0.5.0
 	github.com/docker/docker v24.0.9+incompatible
 	github.com/docker/go-connections v0.5.0
 	github.com/foomo/htpasswd v0.0.0-20200116085101-e3a90e78da9c
@@ -55,8 +55,8 @@ require (
 	github.com/cyphar/filepath-securejoin v0.2.4 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/distribution/distribution/v3 v3.0.0-alpha.1 // indirect
-	github.com/distribution/reference v0.5.0 // indirect
 	github.com/docker/cli v24.0.6+incompatible // indirect
+	github.com/docker/distribution v2.8.3+incompatible // indirect
 	github.com/docker/docker-credential-helpers v0.7.0 // indirect
 	github.com/docker/go-metrics v0.0.1 // indirect
 	github.com/docker/go-units v0.5.0 // indirect

diff --git a/hack/flakes/flake.lock b/hack/flakes/flake.lock
diff --git a/make/pre-commit.mk b/make/pre-commit.mk
@@ -13,6 +13,6 @@ pre-commit: ; $(info $(M) running pre-commit)
 ifeq ($(wildcard $(PRE_COMMIT_CONFIG_FILE)),)
 	$(error Cannot find pre-commit config file $(PRE_COMMIT_CONFIG_FILE). Specify the config file via PRE_COMMIT_CONFIG_FILE variable)
 endif
-	env SKIP=$(SKIP) pre-commit run -a --show-diff-on-failure --config $(PRE_COMMIT_CONFIG_FILE)
+	env VIRTUALENV_PIP=24.0 SKIP=$(SKIP) pre-commit install-hooks pre-commit run -a --show-diff-on-failure --config $(PRE_COMMIT_CONFIG_FILE)
 	git fetch origin main
 	pre-commit run --hook-stage manual gitlint-ci
diff --git a/pkg/credentialprovider/dynamic/dynamic_test.go b/pkg/credentialprovider/dynamic/dynamic_test.go
@@ -12,7 +12,7 @@ import (
 
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	credentialproviderv1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 
 	"github.com/mesosphere/dynamic-credential-provider/pkg/credentialprovider/dynamic"
@@ -26,6 +26,8 @@ func Test_dynamicProvider_GetCredentials(t *testing.T) {
 		dummyImageFmt                  = "img.%s/abc/def:v1.2.3"
 		mirrorUser                     = "mirroruser"
 		mirrorPassword                 = "mirrorpassword"
+		testUser                       = "testuser"
+		testPassword                   = "testpassword"
 		wildcardDomain                 = "*.*"
 		credentialProviderResponseKind = "CredentialProviderResponse" //nolint:gosec // No actual credentials here.
 	)
@@ -48,12 +50,12 @@ func Test_dynamicProvider_GetCredentials(t *testing.T) {
 				cfgFile: filepath.Join("testdata", "config-with-mirror-only.yaml"),
 				img:     fmt.Sprintf(dummyImageFmt, v),
 				want: &credentialproviderv1.CredentialProviderResponse{
-					TypeMeta: v1.TypeMeta{
+					TypeMeta: metav1.TypeMeta{
 						APIVersion: credentialproviderv1.SchemeGroupVersion.String(),
 						Kind:       credentialProviderResponseKind,
 					},
 					CacheKeyType:  credentialproviderv1.ImagePluginCacheKeyType,
-					CacheDuration: &v1.Duration{Duration: expectedDummyDuration},
+					CacheDuration: &metav1.Duration{Duration: expectedDummyDuration},
 					Auth: map[string]credentialproviderv1.AuthConfig{
 						fmt.Sprintf(dummyImageFmt, v): {
 							Username: mirrorUser,
@@ -67,20 +69,20 @@ func Test_dynamicProvider_GetCredentials(t *testing.T) {
 				cfgFile: filepath.Join("testdata", "config-with-mirror-first.yaml"),
 				img:     fmt.Sprintf(dummyImageFmt, v),
 				want: &credentialproviderv1.CredentialProviderResponse{
-					TypeMeta: v1.TypeMeta{
+					TypeMeta: metav1.TypeMeta{
 						APIVersion: credentialproviderv1.SchemeGroupVersion.String(),
 						Kind:       credentialProviderResponseKind,
 					},
 					CacheKeyType:  credentialproviderv1.ImagePluginCacheKeyType,
-					CacheDuration: &v1.Duration{Duration: expectedDummyDuration},
+					CacheDuration: &metav1.Duration{Duration: expectedDummyDuration},
 					Auth: map[string]credentialproviderv1.AuthConfig{
 						fmt.Sprintf(dummyImageFmt, v): {
 							Username: mirrorUser,
 							Password: mirrorPassword,
 						},
 						wildcardDomain: {
-							Username: v + "user",
-							Password: v + "password",
+							Username: v + testUser,
+							Password: v + testPassword,
 						},
 					},
 				},
@@ -90,20 +92,20 @@ func Test_dynamicProvider_GetCredentials(t *testing.T) {
 				cfgFile: filepath.Join("testdata", "config-with-mirror-last.yaml"),
 				img:     fmt.Sprintf(dummyImageFmt, v),
 				want: &credentialproviderv1.CredentialProviderResponse{
-					TypeMeta: v1.TypeMeta{
+					TypeMeta: metav1.TypeMeta{
 						APIVersion: credentialproviderv1.SchemeGroupVersion.String(),
 						Kind:       credentialProviderResponseKind,
 					},
 					CacheKeyType:  credentialproviderv1.ImagePluginCacheKeyType,
-					CacheDuration: &v1.Duration{Duration: expectedDummyDuration},
+					CacheDuration: &metav1.Duration{Duration: expectedDummyDuration},
 					Auth: map[string]credentialproviderv1.AuthConfig{
 						wildcardDomain: {
 							Username: mirrorUser,
 							Password: mirrorPassword,
 						},
 						fmt.Sprintf(dummyImageFmt, v): {
-							Username: v + "user",
-							Password: v + "password",
+							Username: v + testUser,
+							Password: v + testPassword,
 						},
 					},
 				},
@@ -113,12 +115,12 @@ func Test_dynamicProvider_GetCredentials(t *testing.T) {
 				cfgFile: filepath.Join("testdata", "config-with-mirror-last.yaml"),
 				img:     "noorigin/image:v1.2.3.4",
 				want: &credentialproviderv1.CredentialProviderResponse{
-					TypeMeta: v1.TypeMeta{
+					TypeMeta: metav1.TypeMeta{
 						APIVersion: credentialproviderv1.SchemeGroupVersion.String(),
 						Kind:       credentialProviderResponseKind,
 					},
 					CacheKeyType:  credentialproviderv1.ImagePluginCacheKeyType,
-					CacheDuration: &v1.Duration{Duration: expectedDummyDuration},
+					CacheDuration: &metav1.Duration{Duration: expectedDummyDuration},
 					Auth: map[string]credentialproviderv1.AuthConfig{
 						wildcardDomain: {Username: mirrorUser, Password: mirrorPassword},
 					},
@@ -129,16 +131,16 @@ func Test_dynamicProvider_GetCredentials(t *testing.T) {
 				cfgFile: filepath.Join("testdata", "config-no-mirror.yaml"),
 				img:     fmt.Sprintf(dummyImageFmt, v),
 				want: &credentialproviderv1.CredentialProviderResponse{
-					TypeMeta: v1.TypeMeta{
+					TypeMeta: metav1.TypeMeta{
 						APIVersion: credentialproviderv1.SchemeGroupVersion.String(),
 						Kind:       credentialProviderResponseKind,
 					},
 					CacheKeyType:  credentialproviderv1.ImagePluginCacheKeyType,
-					CacheDuration: &v1.Duration{Duration: expectedDummyDuration},
+					CacheDuration: &metav1.Duration{Duration: expectedDummyDuration},
 					Auth: map[string]credentialproviderv1.AuthConfig{
 						fmt.Sprintf(dummyImageFmt, v): {
-							Username: v + "user",
-							Password: v + "password",
+							Username: v + testUser,
+							Password: v + testPassword,
 						},
 					},
 				},
@@ -148,12 +150,12 @@ func Test_dynamicProvider_GetCredentials(t *testing.T) {
 				cfgFile: filepath.Join("testdata", "config-with-mirror-with-path-only.yaml"),
 				img:     fmt.Sprintf(dummyImageFmt, v),
 				want: &credentialproviderv1.CredentialProviderResponse{
-					TypeMeta: v1.TypeMeta{
+					TypeMeta: metav1.TypeMeta{
 						APIVersion: credentialproviderv1.SchemeGroupVersion.String(),
 						Kind:       credentialProviderResponseKind,
 					},
 					CacheKeyType:  credentialproviderv1.ImagePluginCacheKeyType,
-					CacheDuration: &v1.Duration{Duration: expectedDummyDuration},
+					CacheDuration: &metav1.Duration{Duration: expectedDummyDuration},
 					Auth: map[string]credentialproviderv1.AuthConfig{
 						fmt.Sprintf(dummyImageFmt, v): {
 							Username: mirrorUser,

diff --git a/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1-withpath.sh b/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1-withpath.sh
@@ -12,6 +12,6 @@ echo '{
   "cacheKeyType":"Image",
   "cacheDuration":"5s",
   "auth":{
-    "*.v1withpath/apath": {"username":"v1withpath/apathuser","password":"v1withpath/apathpassword"}
+    "*.v1withpath/apath": {"username":"v1withpath/apathtestuser","password":"v1withpath/apathtestpassword"}
   }
 }'
diff --git a/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1.sh b/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1.sh
@@ -12,6 +12,6 @@ echo '{
   "cacheKeyType":"Image",
   "cacheDuration":"5s",
   "auth":{
-    "*.v1": {"username":"v1user","password":"v1password"}
+    "*.v1": {"username":"v1testuser","password":"v1testpassword"}
   }
 }'
diff --git a/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1alpha1.sh b/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1alpha1.sh
@@ -12,6 +12,6 @@ echo '{
   "cacheKeyType":"Image",
   "cacheDuration":"5s",
   "auth":{
-    "*.v1alpha1": {"username":"v1alpha1user","password":"v1alpha1password"}
+    "*.v1alpha1": {"username":"v1alpha1testuser","password":"v1alpha1testpassword"}
   }
 }'
diff --git a/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1beta1.sh b/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-v1beta1.sh
@@ -12,6 +12,6 @@ echo '{
   "cacheKeyType":"Image",
   "cacheDuration":"5s",
   "auth":{
-    "*.v1beta1": {"username":"v1beta1user","password":"v1beta1password"}
+    "*.v1beta1": {"username":"v1beta1testuser","password":"v1beta1testpassword"}
   }
 }'
diff --git a/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-wildcard.sh b/pkg/credentialprovider/dynamic/testdata/staticcredentialprovider-wildcard.sh
@@ -12,6 +12,6 @@ echo '{
   "cacheKeyType":"Image",
   "cacheDuration":"5s",
   "auth":{
-    "*.*": {"username":"wildcarduser","password":"wildcardpassword"}
+    "*.*": {"username":"wildcardtestuser","password":"wildcardtestpassword"}
   }
 }'
diff --git a/pkg/credentialprovider/plugin/plugin.go b/pkg/credentialprovider/plugin/plugin.go
@@ -16,7 +16,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime/serializer/json"
 	utilruntime "k8s.io/apimachinery/pkg/util/runtime"
 	"k8s.io/kubelet/pkg/apis/credentialprovider/install"
-	v1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
+	credentialproviderv1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 )
 
 var (
@@ -27,7 +27,7 @@ var (
 //nolint:gochecknoinits // init is idiomatically used to set up schemes
 func init() {
 	install.Install(scheme)
-	utilruntime.Must(scheme.SetVersionPriority(v1.SchemeGroupVersion))
+	utilruntime.Must(scheme.SetVersionPriority(credentialproviderv1.SchemeGroupVersion))
 }
 
 // CredentialProvider is an interface implemented by the kubelet credential provider plugin to fetch
@@ -37,7 +37,7 @@ type CredentialProvider interface {
 		ctx context.Context,
 		image string,
 		args []string,
-	) (*v1.CredentialProviderResponse, error)
+	) (*credentialproviderv1.CredentialProviderResponse, error)
 }
 
 // ExecPlugin implements the exec-based plugin for fetching credentials that is invoked by the kubelet.
@@ -76,7 +76,7 @@ func (e *ExecPlugin) runPlugin(ctx context.Context, r io.Reader, w io.Writer, ar
 		return err
 	}
 
-	if gvk.GroupVersion() != v1.SchemeGroupVersion {
+	if gvk.GroupVersion() != credentialproviderv1.SchemeGroupVersion {
 		return fmt.Errorf("%w: %s", ErrUnsupportedAPIVersion, gvk)
 	}
 
@@ -119,8 +119,9 @@ var (
 	ErrConversionFailure = errors.New("conversion failure")
 )
 
-func decodeRequest(data []byte) (*v1.CredentialProviderRequest, error) {
-	obj, gvk, err := codecs.UniversalDecoder(v1.SchemeGroupVersion).Decode(data, nil, nil)
+func decodeRequest(data []byte) (*credentialproviderv1.CredentialProviderRequest, error) {
+	obj, gvk, err := codecs.UniversalDecoder(credentialproviderv1.SchemeGroupVersion).
+		Decode(data, nil, nil)
 	if err != nil {
 		if runtime.IsNotRegisteredError(err) {
 			return nil, fmt.Errorf("%w: %v", ErrUnsupportedRequestKind, err)
@@ -136,14 +137,14 @@ func decodeRequest(data []byte) (*v1.CredentialProviderRequest, error) {
 		)
 	}
 
-	if gvk.Group != v1.GroupName {
+	if gvk.Group != credentialproviderv1.GroupName {
 		return nil, fmt.Errorf(
 			"%w: %s (expected %s)",
-			ErrUnsupportedAPIVersion, gvk.GroupVersion(), v1.SchemeGroupVersion,
+			ErrUnsupportedAPIVersion, gvk.GroupVersion(), credentialproviderv1.SchemeGroupVersion,
 		)
 	}
 
-	request, ok := obj.(*v1.CredentialProviderRequest)
+	request, ok := obj.(*credentialproviderv1.CredentialProviderRequest)
 	if !ok {
 		return nil, fmt.Errorf(
 			"%w: unable to convert %T to *CredentialProviderRequest",
@@ -155,14 +156,14 @@ func decodeRequest(data []byte) (*v1.CredentialProviderRequest, error) {
 	return request, nil
 }
 
-func encodeResponse(response *v1.CredentialProviderResponse) ([]byte, error) {
+func encodeResponse(response *credentialproviderv1.CredentialProviderResponse) ([]byte, error) {
 	mediaType := "application/json"
 	info, ok := runtime.SerializerInfoForMediaType(codecs.SupportedMediaTypes(), mediaType)
 	if !ok {
 		return nil, fmt.Errorf("unsupported media type %q", mediaType)
 	}
 
-	encoder := codecs.EncoderForVersion(info.Serializer, v1.SchemeGroupVersion)
+	encoder := codecs.EncoderForVersion(info.Serializer, credentialproviderv1.SchemeGroupVersion)
 	data, err := runtime.Encode(encoder, response)
 	if err != nil {
 		return nil, fmt.Errorf("failed to encode response: %v", err)

diff --git a/pkg/credentialprovider/plugin/plugin_test.go b/pkg/credentialprovider/plugin/plugin_test.go
@@ -12,7 +12,7 @@ import (
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	v1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
+	credentialproviderv1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 )
 
 type fakePlugin struct{}
@@ -21,12 +21,12 @@ func (fakePlugin) GetCredentials(
 	_ context.Context,
 	_ string,
 	_ []string,
-) (*v1.CredentialProviderResponse, error) {
-	return &v1.CredentialProviderResponse{
-		CacheKeyType: v1.RegistryPluginCacheKeyType,
+) (*credentialproviderv1.CredentialProviderResponse, error) {
+	return &credentialproviderv1.CredentialProviderResponse{
+		CacheKeyType: credentialproviderv1.RegistryPluginCacheKeyType,
 		//nolint:revive // Dummy value in test file, no need for const.
 		CacheDuration: &metav1.Duration{Duration: 10 * time.Minute},
-		Auth: map[string]v1.AuthConfig{
+		Auth: map[string]credentialproviderv1.AuthConfig{
 			"*.registry.io": {
 				Username: "user",
 				Password: "password",

diff --git a/pkg/credentialprovider/static/static_credentials.go b/pkg/credentialprovider/static/static_credentials.go
@@ -11,7 +11,7 @@ import (
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/serializer"
 	"k8s.io/kubelet/pkg/apis/credentialprovider/install"
-	v1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
+	credentialproviderv1 "k8s.io/kubelet/pkg/apis/credentialprovider/v1"
 
 	"github.com/mesosphere/dynamic-credential-provider/pkg/credentialprovider/plugin"
 )
@@ -41,7 +41,7 @@ func (s staticProvider) GetCredentials(
 	_ context.Context,
 	_ string,
 	_ []string,
-) (response *v1.CredentialProviderResponse, err error) {
+) (response *credentialproviderv1.CredentialProviderResponse, err error) {
 	credentials, err := os.ReadFile(s.credentialsFile)
 	if err != nil {
 		return nil, fmt.Errorf("error reading credentials file: %w", err)
@@ -50,8 +50,9 @@ func (s staticProvider) GetCredentials(
 	return decodeResponse(credentials)
 }
 
-func decodeResponse(data []byte) (*v1.CredentialProviderResponse, error) {
-	obj, gvk, err := codecs.UniversalDecoder(v1.SchemeGroupVersion).Decode(data, nil, nil)
+func decodeResponse(data []byte) (*credentialproviderv1.CredentialProviderResponse, error) {
+	obj, gvk, err := codecs.UniversalDecoder(credentialproviderv1.SchemeGroupVersion).
+		Decode(data, nil, nil)
 	if err != nil {
 		return nil, err
 	}
@@ -60,11 +61,15 @@ func decodeResponse(data []byte) (*v1.CredentialProviderResponse, error) {
 		return nil, fmt.Errorf("kind was %q, expected CredentialProviderResponse", gvk.Kind)
 	}
 
-	if gvk.Group != v1.GroupName {
-		return nil, fmt.Errorf("group was %q, expected %s", gvk.Group, v1.GroupName)
+	if gvk.Group != credentialproviderv1.GroupName {
+		return nil, fmt.Errorf(
+			"group was %q, expected %s",
+			gvk.Group,
+			credentialproviderv1.GroupName,
+		)
 	}
 
-	response, ok := obj.(*v1.CredentialProviderResponse)
+	response, ok := obj.(*credentialproviderv1.CredentialProviderResponse)
 	if !ok {
 		return nil, fmt.Errorf("unable to convert %T to *CredentialProviderResponse", obj)
 	}