Skip to content

Commit

Permalink
chore: bump to Golang 1.20 and replace inet.af with netip{,x}
Browse files Browse the repository at this point in the history
Signed-off-by: Clément Nussbaumer <[email protected]>
  • Loading branch information
clementnuss committed Mar 29, 2023
1 parent ac65893 commit 89f5330
Show file tree
Hide file tree
Showing 7 changed files with 29 additions and 35 deletions.
14 changes: 7 additions & 7 deletions .github/workflows/publish.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: "1.20"

- name: install and run golangci-lint
uses: golangci/[email protected]
Expand All @@ -35,7 +35,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: "1.20"

- name: Download K8s envtest - local K8s cluster control plane
run: |
Expand Down Expand Up @@ -73,7 +73,7 @@ jobs:
uses: helm/[email protected]
- uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: "1.20"
- uses: ko-build/[email protected]
name: Setup ko
env:
Expand Down Expand Up @@ -120,7 +120,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: "1.20"
- uses: ko-build/[email protected]
name: Setup ko

Expand Down Expand Up @@ -165,7 +165,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: "1.20"

- name: Install Helm
uses: azure/setup-helm@v3
Expand All @@ -191,7 +191,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: "1.20"
- uses: ko-build/[email protected]
name: Setup ko

Expand Down Expand Up @@ -232,7 +232,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: 1.19
go-version: "1.20"

- name: Login to DockerHub
uses: docker/login-action@v2
Expand Down
6 changes: 2 additions & 4 deletions go.mod
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/postfinance/kubelet-csr-approver

go 1.19
go 1.20

require (
github.com/foxcpp/go-mockdns v1.0.0
Expand All @@ -10,6 +10,7 @@ require (
github.com/thanhpk/randstr v1.0.4
github.com/tj/assert v0.0.3
go.uber.org/zap v1.24.0
go4.org/netipx v0.0.0-20230303233057-f1b76eb4bb35
k8s.io/api v0.26.3
k8s.io/apimachinery v0.26.3
k8s.io/client-go v0.26.3
Expand Down Expand Up @@ -60,8 +61,6 @@ require (
github.com/spf13/pflag v1.0.5 // indirect
go.uber.org/atomic v1.7.0 // indirect
go.uber.org/multierr v1.6.0 // indirect
go4.org/intern v0.0.0-20211027215823-ae77deb06f29 // indirect
go4.org/unsafe/assume-no-moving-gc v0.0.0-20220617031537-928513b29760 // indirect
golang.org/x/net v0.7.0 // indirect
golang.org/x/oauth2 v0.0.0-20220223155221-ee480838109b // indirect
golang.org/x/sys v0.5.0 // indirect
Expand All @@ -73,7 +72,6 @@ require (
google.golang.org/protobuf v1.28.1 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
inet.af/netaddr v0.0.0-20220811202034-502d2d690317
k8s.io/apiextensions-apiserver v0.26.1 // indirect
k8s.io/component-base v0.26.1 // indirect
k8s.io/klog/v2 v2.80.1 // indirect
Expand Down
14 changes: 3 additions & 11 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -32,8 +32,8 @@ cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RX
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
github.com/BurntSushi/toml v1.2.0 h1:Rt8g24XnyGTyglgET/PRUNlrUeu9F5L+7FilkXfZgs0=
github.com/BurntSushi/toml v1.2.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
github.com/BurntSushi/toml v1.2.1 h1:9F2/+DoOYIOksmaJFPw1tGFy1eDnIJXg+UHjuD8lTak=
github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
Expand All @@ -60,7 +60,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
github.com/dvyukov/go-fuzz v0.0.0-20210103155950-6a8e9d1f2415/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw=
github.com/emicklei/go-restful/v3 v3.9.0 h1:XwGDlfxEnQZzuopoqxwSEllNcCOM9DhhFyhFIIGKwxE=
github.com/emicklei/go-restful/v3 v3.9.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
Expand Down Expand Up @@ -312,11 +311,8 @@ go.uber.org/zap v1.19.0/go.mod h1:xg/QME4nWcxGxrpdeYfq7UvYrLh66cuVKdrbD1XF/NI=
go.uber.org/zap v1.23.0/go.mod h1:D+nX8jyLsMHMYrln8A0rJjFt/T/9/bGgIhAqxv5URuY=
go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
go4.org/intern v0.0.0-20211027215823-ae77deb06f29 h1:UXLjNohABv4S58tHmeuIZDO6e3mHpW2Dx33gaNt03LE=
go4.org/intern v0.0.0-20211027215823-ae77deb06f29/go.mod h1:cS2ma+47FKrLPdXFpr7CuxiTW3eyJbWew4qx0qtQWDA=
go4.org/unsafe/assume-no-moving-gc v0.0.0-20211027215541-db492cf91b37/go.mod h1:FftLjUGFEDu5k8lt0ddY+HcrH/qU/0qk+H8j9/nTl3E=
go4.org/unsafe/assume-no-moving-gc v0.0.0-20220617031537-928513b29760 h1:FyBZqvoA/jbNzuAWLQE2kG820zMAkcilx6BMjGbL/E4=
go4.org/unsafe/assume-no-moving-gc v0.0.0-20220617031537-928513b29760/go.mod h1:FftLjUGFEDu5k8lt0ddY+HcrH/qU/0qk+H8j9/nTl3E=
go4.org/netipx v0.0.0-20230303233057-f1b76eb4bb35 h1:nJAwRlGWZZDOD+6wni9KVUNHMpHko/OnRwsrCYeAzPo=
go4.org/netipx v0.0.0-20230303233057-f1b76eb4bb35/go.mod h1:TQvodOM+hJTioNQJilmLXu08JNb8i+ccq418+KWu1/Y=
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
Expand Down Expand Up @@ -448,7 +444,6 @@ golang.org/x/sys v0.0.0-20200625212154-ddb9806d33ae/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20200803210538-64077c9b5642/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210119212857-b64e53b001e4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210124154548-22da62e12c0c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
Expand Down Expand Up @@ -527,7 +522,6 @@ golang.org/x/tools v0.0.0-20200729194436-6467de6f59a7/go.mod h1:njjCfa9FT2d7l9Bc
golang.org/x/tools v0.0.0-20200804011535-6c149bb5ef0d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20200825202427-b303f430e36d/go.mod h1:njjCfa9FT2d7l9Bc6FUM5FLjQPp3cFF28FI3qnDFljA=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
Expand Down Expand Up @@ -647,8 +641,6 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
inet.af/netaddr v0.0.0-20220811202034-502d2d690317 h1:U2fwK6P2EqmopP/hFLTOAjWTki0qgd4GMJn5X8wOleU=
inet.af/netaddr v0.0.0-20220811202034-502d2d690317/go.mod h1:OIezDfdzOgFhuw4HuWapWq2e9l0H9tK4F1j+ETRtF3k=
k8s.io/api v0.26.3 h1:emf74GIQMTik01Aum9dPP0gAypL8JTLl/lHa4V9RFSU=
k8s.io/api v0.26.3/go.mod h1:PXsqwPMXBSBcL1lJ9CYDKy7kIReUydukS5JiRlxC3qE=
k8s.io/apiextensions-apiserver v0.26.1 h1:cB8h1SRk6e/+i3NOrQgSFij1B2S0Y0wDoNl66bn8RMI=
Expand Down
10 changes: 7 additions & 3 deletions internal/cmd/cmd.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,10 @@ import (
"regexp"
"strings"

"inet.af/netaddr"
"net/netip"

"go4.org/netipx"

clientset "k8s.io/client-go/kubernetes"

"github.com/peterbourgon/ff/v3"
Expand Down Expand Up @@ -71,10 +74,11 @@ func CreateControllerManager(config *controller.Config, logger logr.Logger) (
csrController.ProviderRegexp = regexp.MustCompile(config.RegexStr).MatchString

// IP Prefixes parsing and IPSet construction
var setBuilder netaddr.IPSetBuilder

var setBuilder netipx.IPSetBuilder

for _, ipPrefix := range strings.Split(config.IPPrefixesStr, ",") {
ipPref, err := netaddr.ParseIPPrefix(ipPrefix)
ipPref, err := netip.ParsePrefix(ipPrefix)
if err != nil {
logger.V(-5).Info(fmt.Sprintf("Unable to parse IP prefix: %s, exiting", ipPrefix))

Expand Down
4 changes: 2 additions & 2 deletions internal/controller/csr_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ import (
"fmt"
"strings"

"inet.af/netaddr"
"go4.org/netipx"
certificatesv1 "k8s.io/api/certificates/v1"
corev1 "k8s.io/api/core/v1"
apierrors "k8s.io/apimachinery/pkg/api/errors"
Expand All @@ -49,7 +49,7 @@ type Config struct {
RegexStr string
ProviderRegexp func(string) bool
IPPrefixesStr string
ProviderIPSet *netaddr.IPSet
ProviderIPSet *netipx.IPSet
MaxExpirationSeconds int32
K8sConfig *rest.Config
DNSResolver HostResolver
Expand Down
2 changes: 1 addition & 1 deletion internal/controller/provider_specific_checks.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,6 @@ import (

// ProviderChecks is a function in which the Cloud Provider specifies a series of checks
// to run against the CSRs. The out-of-band identity checks of the CSRs should happen here
func ProviderChecks(csr *certificatesv1.CertificateSigningRequest, x509csr *x509.CertificateRequest) (valid bool, reason string) {
func ProviderChecks(_ *certificatesv1.CertificateSigningRequest, _ *x509.CertificateRequest) (valid bool, reason string) {
return true, ""
}
14 changes: 7 additions & 7 deletions internal/controller/regex_ip_checks.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,11 @@ import (
"context"
"crypto/x509"
"fmt"
"net/netip"
"strings"
"time"

"inet.af/netaddr"

"go4.org/netipx"
certificatesv1 "k8s.io/api/certificates/v1"
)

Expand Down Expand Up @@ -62,10 +62,10 @@ func (r *CertificateSigningRequestReconciler) DNSCheck(ctx context.Context, csr
allResolvedAddrs = append(allResolvedAddrs, resolvedAddrs...)
}

var setBuilder netaddr.IPSetBuilder
var setBuilder netipx.IPSetBuilder

for _, a := range allResolvedAddrs {
ipaddr, err := netaddr.ParseIP(a)
ipaddr, err := netip.ParseAddr(a)
if err != nil {
return false, fmt.Sprintf("Error while parsing resolved IP address %s, denying the CSR", ipaddr), nil
}
Expand All @@ -83,7 +83,7 @@ func (r *CertificateSigningRequestReconciler) DNSCheck(ctx context.Context, csr

sanIPAddrs := x509cr.IPAddresses
for _, ip := range sanIPAddrs {
ipa, ok := netaddr.FromStdIP(ip)
ipa, ok := netipx.FromStdIP(ip)
if !ok {
return false, fmt.Sprintf("Error while parsing x509 CR IP address %s, denying the CSR", ip), nil
}
Expand All @@ -99,10 +99,10 @@ func (r *CertificateSigningRequestReconciler) DNSCheck(ctx context.Context, csr

// WhitelistedIPCheck verifies that the x509cr SAN IP Addresses are contained in the
// set of ProviderSpecified IP addresses
func (r *CertificateSigningRequestReconciler) WhitelistedIPCheck(csr *certificatesv1.CertificateSigningRequest, x509cr *x509.CertificateRequest) (valid bool, reason string, err error) {
func (r *CertificateSigningRequestReconciler) WhitelistedIPCheck(_ *certificatesv1.CertificateSigningRequest, x509cr *x509.CertificateRequest) (valid bool, reason string, err error) {
sanIPAddrs := x509cr.IPAddresses
for _, ip := range sanIPAddrs {
ipa, ok := netaddr.FromStdIP(ip)
ipa, ok := netipx.FromStdIP(ip)
if !ok {
return false, fmt.Sprintf("Error while parsing x509 CR IP address %s, denying the CSR", ip), nil
}
Expand Down

0 comments on commit 89f5330

Please sign in to comment.