Merge pull request #1660 from gianlucam76/clusterapi

gianlucam76 · web-flow · commit c165067ef63e · 2026-03-23T09:17:20.000+01:00
(deps) advance clusterAPI to v1.12.4
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -8,7 +8,7 @@
     "dockerfile": "${localWorkspaceFolder}/.devcontainer/Dockerfile",
     "context": "${localWorkspaceFolder}",
     "args": {
-      "GO_VERSION": "1.25.6",
+      "GO_VERSION": "1.26.1",
       "KUBECTX_VERSION": "0.9.5",
       "SVELTOSCTL_VERSION": "0.53.0"
     }
diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml
@@ -18,7 +18,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: Build
       run: make build
     - name: FMT
@@ -37,7 +37,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: ut
       run: make test
       env:
@@ -50,7 +50,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: Free Disk Space (Ubuntu)
       uses: jlumbroso/free-disk-space@main
       with:
@@ -78,7 +78,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: Free Disk Space (Ubuntu)
       uses: jlumbroso/free-disk-space@main
       with:
@@ -106,7 +106,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: Free Disk Space (Ubuntu)
       uses: jlumbroso/free-disk-space@main
       with:
@@ -134,7 +134,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: Free Disk Space (Ubuntu)
       uses: jlumbroso/free-disk-space@main
       with:
@@ -162,7 +162,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: Free Disk Space (Ubuntu)
       uses: jlumbroso/free-disk-space@main
       with:
@@ -190,7 +190,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
       with:
-        go-version: 1.25.6
+        go-version: 1.26.1
     - name: Free Disk Space (Ubuntu)
       uses: jlumbroso/free-disk-space@main
       with:
diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM golang:1.25.6 AS builder
+FROM golang:1.26.1 AS builder
 
 ARG BUILDOS
 ARG TARGETARCH
diff --git a/Dockerfile_WithGit b/Dockerfile_WithGit
@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM golang:1.25.6 AS builder
+FROM golang:1.26.1 AS builder
 
 ARG BUILDOS
 ARG TARGETARCH
diff --git a/Makefile b/Makefile
@@ -72,7 +72,7 @@ KIND := $(TOOLS_BIN_DIR)/kind
 KUBECTL := $(TOOLS_BIN_DIR)/kubectl
 
 GOVULNCHECK_VERSION := "v1.1.4"
-GOLANGCI_LINT_VERSION := "v2.8.0"
+GOLANGCI_LINT_VERSION := "v2.11.3"
 CLUSTERCTL_VERSION := v1.12.3
 
 KUSTOMIZE_VER := v5.8.0
diff --git a/controllers/clustersummary_watchers.go b/controllers/clustersummary_watchers.go
@@ -373,7 +373,7 @@ func (m *manager) startWatcher(ctx context.Context, gvk *schema.GroupVersionKind
 		return err
 	}
 
-	watcherCtx, cancel := context.WithCancel(ctx)
+	watcherCtx, cancel := context.WithCancel(ctx) //nolint:gosec // cancel is stored in m.watchers and called when the watcher is stopped
 	m.watchers[*gvk] = cancel
 	go m.runInformer(watcherCtx.Done(), dcinformer.Informer(), logger)
 	return nil
diff --git a/controllers/dependencymanager/manager.go b/controllers/dependencymanager/manager.go
@@ -489,10 +489,20 @@ func (m *instance) updateClusterProfile(ctx context.Context, c client.Client, cl
 }
 
 func (m *instance) updateProfiles(ctx context.Context, c client.Client, logger logr.Logger) {
+	const interval = 30 * time.Second
 	for {
 		m.chartMux.Lock()
 
+		canceled := false
 		for profile := range m.profileToBeUpdated {
+			select {
+			case <-ctx.Done():
+				canceled = true
+			default:
+			}
+			if canceled {
+				break
+			}
 			clusters := m.profileClusterRequests.getClusterDeployments(&profile)
 			logger.V(logs.LogDebug).Info(fmt.Sprintf("updating prerequestite profile %s/%s", profile.Namespace, profile.Name))
 			err := m.updateProfileInstance(ctx, c, &profile, clusters)
@@ -503,8 +513,15 @@ func (m *instance) updateProfiles(ctx context.Context, c client.Client, logger l
 
 		m.chartMux.Unlock()
 
-		const interval = 30 * time.Second
-		time.Sleep(interval)
+		if canceled {
+			return
+		}
+
+		select {
+		case <-ctx.Done():
+			return
+		case <-time.After(interval):
+		}
 	}
 }
 
diff --git a/controllers/handlers_helm_test.go b/controllers/handlers_helm_test.go
@@ -1038,20 +1038,19 @@ resources:
 	})
 
 	It("getCredentialsAndCAFiles returns files containing credentials and CA", func() {
-		type Credentials struct {
-			Username     string
-			Password     string
-			RefreshToken string
-			AccessToken  string
-		}
-
-		credentials := Credentials{
+		credentials := struct {
+			Username     string `json:"username"`
+			Password     string `json:"password"`
+			RefreshToken string `json:"refresh_token"`
+			AccessToken  string `json:"access_token"`
+		}{
 			Username:     randomString(),
 			Password:     randomString(),
 			RefreshToken: randomString(),
 			AccessToken:  randomString(),
 		}
 
+		//nolint:gosec // This is dummy data for testing purposes
 		credentialsBytes, err := json.Marshal(credentials)
 		Expect(err).To(BeNil())
 
diff --git a/controllers/handlers_kustomize_test.go b/controllers/handlers_kustomize_test.go
@@ -620,6 +620,10 @@ func createTarGz(dest string) {
 	tarWriter := tar.NewWriter(gzWriter)
 	defer tarWriter.Close()
 
+	root, err := os.OpenRoot("testdata")
+	Expect(err).To(BeNil())
+	defer root.Close()
+
 	err = filepath.Walk("testdata/", func(path string, info os.FileInfo, err error) error {
 		if err != nil {
 			return err
@@ -636,12 +640,12 @@ func createTarGz(dest string) {
 		if !info.Mode().IsRegular() {
 			return nil
 		}
-		file, err := os.Open(path)
+		f, err := root.Open(path[len("testdata")+1:])
 		if err != nil {
 			return err
 		}
-		defer file.Close()
-		_, err = io.Copy(tarWriter, file)
+		defer f.Close()
+		_, err = io.Copy(tarWriter, f)
 		return err
 	})
 	Expect(err).To(BeNil())
diff --git a/controllers/handlers_utils.go b/controllers/handlers_utils.go
@@ -22,6 +22,8 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
+	"io"
+	"io/fs"
 	"os"
 	"path/filepath"
 	"sort"
@@ -174,20 +176,44 @@ func deployContentOfSource(ctx context.Context, deployingToMgmtCluster bool, des
 
 func readFiles(dir string) (map[string]string, error) {
 	files := make(map[string]string)
-	err := filepath.Walk(dir, func(path string, info os.FileInfo, err error) error {
+
+	// 1. Open the directory as a Root handle
+	root, err := os.OpenRoot(dir)
+	if err != nil {
+		return nil, err
+	}
+	defer root.Close()
+
+	// 2. WalkDir is faster than Walk as it doesn't Lstat every file unnecessarily
+	err = filepath.WalkDir(dir, func(path string, d fs.DirEntry, err error) error {
 		if err != nil {
 			return err
 		}
 
-		if !info.IsDir() {
-			content, err := os.ReadFile(path)
+		if !d.IsDir() {
+			// 3. Get the path relative to the root directory
+			rel, err := filepath.Rel(dir, path)
 			if err != nil {
 				return err
 			}
-			files[filepath.Base(path)] = string(content)
+
+			// 4. Open the file via the Root handle to prevent symlink traversal
+			f, err := root.Open(rel)
+			if err != nil {
+				return err
+			}
+			defer f.Close()
+
+			content, err := io.ReadAll(f)
+			if err != nil {
+				return err
+			}
+
+			files[d.Name()] = string(content)
 		}
 		return nil
 	})
+
 	return files, err
 }
 
@@ -1092,12 +1118,12 @@ func getDeployedGroupVersionKinds(clusterSummary *configv1beta1.ClusterSummary,
 	gvks := make([]schema.GroupVersionKind, 0)
 	// For backward compatible we still look at this field.
 	// New code set only FeatureDeploymentInfo
-	fs := getFeatureSummaryForFeatureID(clusterSummary, featureID)
-	if fs != nil {
+	featureSummary := getFeatureSummaryForFeatureID(clusterSummary, featureID)
+	if featureSummary != nil {
 		//nolint:staticcheck // using for backward compatibility
-		for j := range fs.DeployedGroupVersionKind {
+		for j := range featureSummary.DeployedGroupVersionKind {
 			//nolint:staticcheck // using for backward compatibility
-			gvk, _ := schema.ParseKindArg(fs.DeployedGroupVersionKind[j])
+			gvk, _ := schema.ParseKindArg(featureSummary.DeployedGroupVersionKind[j])
 			gvks = append(gvks, *gvk)
 		}
 	}
diff --git a/controllers/resourcesummary_collection.go b/controllers/resourcesummary_collection.go
@@ -62,17 +62,22 @@ func collectAndProcessResourceSummaries(ctx context.Context, c client.Client, sh
 		}
 
 		for i := range clusterList {
-			cluster := &clusterList[i]
-			if _, ok := clustersWithDD[*cluster]; !ok {
-				continue
-			}
+			select {
+			case <-ctx.Done():
+				return
+			default:
+				cluster := &clusterList[i]
+				if _, ok := clustersWithDD[*cluster]; !ok {
+					continue
+				}
 
-			l := logger.WithValues("cluster", fmt.Sprintf("%s/%s", cluster.Namespace, cluster.Name))
-			err = collectResourceSummariesFromCluster(ctx, c, cluster, version, l)
-			if err != nil {
-				if !strings.Contains(err.Error(), "unable to retrieve the complete list of server APIs") {
-					l.V(logs.LogInfo).Info(fmt.Sprintf("failed to collect ResourceSummaries from cluster: %s/%s %v",
-						cluster.Namespace, cluster.Name, err))
+				l := logger.WithValues("cluster", fmt.Sprintf("%s/%s", cluster.Namespace, cluster.Name))
+				err = collectResourceSummariesFromCluster(ctx, c, cluster, version, l)
+				if err != nil {
+					if !strings.Contains(err.Error(), "unable to retrieve the complete list of server APIs") {
+						l.V(logs.LogInfo).Info(fmt.Sprintf("failed to collect ResourceSummaries from cluster: %s/%s %v",
+							cluster.Namespace, cluster.Name, err))
+					}
 				}
 			}
 		}
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/projectsveltos/addon-controller
 
-go 1.25.6
+go 1.26.1
 
 require (
 	dario.cat/mergo v1.0.2
@@ -25,15 +25,15 @@ require (
 	github.com/yuin/gopher-lua v1.1.1
 	golang.org/x/text v0.35.0
 	helm.sh/helm/v4 v4.1.3
-	k8s.io/api v0.35.2
-	k8s.io/apiextensions-apiserver v0.35.2
-	k8s.io/apimachinery v0.35.2
-	k8s.io/cli-runtime v0.35.2
-	k8s.io/client-go v0.35.2
-	k8s.io/component-base v0.35.2
+	k8s.io/api v0.35.3
+	k8s.io/apiextensions-apiserver v0.35.3
+	k8s.io/apimachinery v0.35.3
+	k8s.io/cli-runtime v0.35.3
+	k8s.io/client-go v0.35.3
+	k8s.io/component-base v0.35.3
 	k8s.io/klog/v2 v2.140.0
-	k8s.io/utils v0.0.0-20260210185600-b8788abfbbc2
-	sigs.k8s.io/cluster-api v1.12.3
+	k8s.io/utils v0.0.0-20260319190234-28399d86e0b5
+	sigs.k8s.io/cluster-api v1.12.4
 	sigs.k8s.io/controller-runtime v0.23.3
 	sigs.k8s.io/kustomize/api v0.21.1
 	sigs.k8s.io/kustomize/kyaml v0.21.1
@@ -171,7 +171,7 @@ require (
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 	gotest.tools/v3 v3.4.0 // indirect
-	k8s.io/apiserver v0.35.2 // indirect
+	k8s.io/apiserver v0.35.3 // indirect
 	k8s.io/cluster-bootstrap v0.34.2 // indirect
 	k8s.io/kube-openapi v0.0.0-20250910181357-589584f1c912 // indirect
 	k8s.io/kubectl v0.35.1 // indirect
diff --git a/go.sum b/go.sum
diff --git a/hack/tools/go.mod b/hack/tools/go.mod
diff --git a/hack/tools/go.sum b/hack/tools/go.sum

Original file line number	Diff line number	Diff line change
`@@ -8,7 +8,7 @@`
`8`	`8`	`"dockerfile": "${localWorkspaceFolder}/.devcontainer/Dockerfile",`
`9`	`9`	`"context": "${localWorkspaceFolder}",`
`10`	`10`	`"args": {`
`11`		`- "GO_VERSION": "1.25.6",`
	`11`	`+ "GO_VERSION": "1.26.1",`
`12`	`12`	`"KUBECTX_VERSION": "0.9.5",`
`13`	`13`	`"SVELTOSCTL_VERSION": "0.53.0"`
`14`	`14`	`}`
Original file line number	Diff line number	Diff line change
`@@ -373,7 +373,7 @@ func (m manager) startWatcher(ctx context.Context, gvk schema.GroupVersionKind`
`373`	`373`	`return err`
`374`	`374`	`}`
`375`	`375`
`376`		`- watcherCtx, cancel := context.WithCancel(ctx)`
	`376`	`+ watcherCtx, cancel := context.WithCancel(ctx) //nolint:gosec // cancel is stored in m.watchers and called when the watcher is stopped`
`377`	`377`	`m.watchers[*gvk] = cancel`
`378`	`378`	`go m.runInformer(watcherCtx.Done(), dcinformer.Informer(), logger)`
`379`	`379`	`return nil`