Merge from 'cert-manager/webhook-example/master'

2024-10-31 06:00:24 +08:00
parent 4fe54aabf0 0dcb653740
commit d22266fd9a
11 changed files with 355 additions and 1058 deletions
@@ -1,4 +1,4 @@
-FROM golang:1.17-alpine AS build_deps
+FROM golang:1.22-alpine3.19 AS build_deps
 RUN apk add --no-cache git
@@ -15,7 +15,7 @@ COPY . .
 RUN CGO_ENABLED=0 go build -o webhook -ldflags '-w -extldflags "-static"' .
-FROM alpine:3.9
+FROM alpine:3.18
 RUN apk add --no-cache ca-certificates
@@ -1,41 +1,45 @@
-OS ?= $(shell go env GOOS)
+GO ?= $(shell which go)
-ARCH ?= $(shell go env GOARCH)
+OS ?= $(shell $(GO) env GOOS)
 ARCH ?= $(shell $(GO) env GOARCH)
 IMAGE_NAME := "webhook"
 IMAGE_TAG := "latest"
 OUT := $(shell pwd)/_out
-KUBE_VERSION=1.21.2
+KUBEBUILDER_VERSION=1.28.0
-$(shell mkdir -p "$(OUT)")
+HELM_FILES := $(shell find deploy/freedns-webhook)
 export TEST_ASSET_ETCD=_test/kubebuilder/bin/etcd
 export TEST_ASSET_KUBE_APISERVER=_test/kubebuilder/bin/kube-apiserver
 export TEST_ASSET_KUBECTL=_test/kubebuilder/bin/kubectl
-test: _test/kubebuilder
+test: _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/etcd _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/kube-apiserver _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/kubectl
-	go test -v .
+	TEST_ASSET_ETCD=_test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/etcd \
 	TEST_ASSET_KUBE_APISERVER=_test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/kube-apiserver \
 	TEST_ASSET_KUBECTL=_test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/kubectl \
 	$(GO) test -v .
-_test/kubebuilder:
+_test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH).tar.gz: | _test
-	curl -fsSL https://go.kubebuilder.io/test-tools/$(KUBE_VERSION)/$(OS)/$(ARCH) -o kubebuilder-tools.tar.gz
+	curl -fsSL https://go.kubebuilder.io/test-tools/$(KUBEBUILDER_VERSION)/$(OS)/$(ARCH) -o $@
 	mkdir -p _test/kubebuilder
 	tar -xvf kubebuilder-tools.tar.gz
 	mv kubebuilder/bin _test/kubebuilder/
 	rm kubebuilder-tools.tar.gz
 	rm -R kubebuilder
-clean: clean-kubebuilder
+_test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/etcd _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/kube-apiserver _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)/kubectl: _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH).tar.gz | _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH)
 	tar xfO $< kubebuilder/bin/$(notdir $@) > $@ && chmod +x $@
-clean-kubebuilder:
+.PHONY: clean
-	rm -Rf _test/kubebuilder
+clean:
 	rm -r _test $(OUT)
 .PHONY: build
 build:
 	docker build -t "$(IMAGE_NAME):$(IMAGE_TAG)" .
 .PHONY: rendered-manifest.yaml
-rendered-manifest.yaml:
+rendered-manifest.yaml: $(OUT)/rendered-manifest.yaml
 $(OUT)/rendered-manifest.yaml: $(HELM_FILES) | $(OUT)
 	helm template \
 	    --name freedns-webhook \
            --set image.repository=$(IMAGE_NAME) \
            --set image.tag=$(IMAGE_TAG) \
-        deploy/freedns-webhook > "$(OUT)/rendered-manifest.yaml"
+            deploy/freedns-webhook > $@
 _test $(OUT) _test/kubebuilder-$(KUBEBUILDER_VERSION)-$(OS)-$(ARCH):
 	mkdir -p $@
@@ -1,16 +1,16 @@
 approvers:
 - munnerz
 - joshvanl
 - meyskens
 - wallrj
 - jakexks
 - maelvls
 - irbekrm
 - inteon
 reviewers:
 - munnerz
 - joshvanl
 - meyskens
 - wallrj
 - jakexks
 - maelvls
 - irbekrm
 - inteon
@@ -2,6 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
  name: {{ include "freedns-webhook.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    app: {{ include "freedns-webhook.name" . }}
    chart: {{ include "freedns-webhook.chart" . }}
@@ -2,6 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "freedns-webhook.fullname" . }}
  namespace: {{ .Release.Namespace | quote }}
  labels:
    app: {{ include "freedns-webhook.name" . }}
    chart: {{ include "freedns-webhook.chart" . }}
@@ -14,7 +14,7 @@ certManager:
 image:
  repository: penguinade/cert-manager-webhook-freedns
-  tag: 2022.03.15
+  tag: 2024.10.31.04
  pullPolicy: IfNotPresent
 nameOverride: ""
@@ -9,7 +9,7 @@ import (
 	"strconv"
 	"strings"
-	logf "github.com/jetstack/cert-manager/pkg/logs"
+	logf "github.com/cert-manager/cert-manager/pkg/logs"
 	"golang.org/x/net/html"
 )
@@ -36,12 +36,12 @@ const URI_LOGOUT = "https://freedns.afraid.org/logout/"
 const URI_DELETE_RECORD = "https://freedns.afraid.org/subdomain/delete2.php?data_id[]=%s&submit=delete%%20selected"
 func LogInfo(Mesg string) {
-	// fmt.Println(Mesg)
+	//fmt.Println(Mesg)
 	logf.V(logf.InfoLevel).Info(Mesg)
 }
 func LogDebug(Mesg string) {
-	// fmt.Println(Mesg)
+	//fmt.Println(Mesg)
 	logf.V(logf.DebugLevel).Info(Mesg)
 }
@@ -1,103 +1,110 @@
 module github.com/cert-manager/webhook-freedns
-go 1.17
+go 1.22.0
 require (
-	github.com/jetstack/cert-manager v1.7.1
+	github.com/cert-manager/cert-manager v1.15.1
-	github.com/miekg/dns v1.1.34
+	github.com/miekg/dns v1.1.61
-	github.com/stretchr/testify v1.7.0
+	github.com/stretchr/testify v1.9.0
-	k8s.io/apiextensions-apiserver v0.23.1
+	k8s.io/apiextensions-apiserver v0.30.2
-	k8s.io/client-go v0.23.1
+	k8s.io/client-go v0.30.2
 )
 require (
 	github.com/NYTimes/gziphandler v1.1.1 // indirect
-	github.com/PuerkitoBio/purell v1.1.1 // indirect
+	github.com/antlr/antlr4/runtime/Go/antlr/v4 v4.0.0-20230305170008-8188dc5388df // indirect
-	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
+	github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
-	github.com/blang/semver v3.5.1+incompatible // indirect
+	github.com/blang/semver/v4 v4.0.0 // indirect
-	github.com/cespare/xxhash/v2 v2.1.1 // indirect
+	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
-	github.com/coreos/go-semver v0.3.0 // indirect
+	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/coreos/go-systemd/v22 v22.3.2 // indirect
+	github.com/coreos/go-semver v0.3.1 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
-	github.com/emicklei/go-restful v2.9.5+incompatible // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
-	github.com/evanphx/json-patch v4.12.0+incompatible // indirect
+	github.com/emicklei/go-restful/v3 v3.12.0 // indirect
-	github.com/felixge/httpsnoop v1.0.1 // indirect
+	github.com/evanphx/json-patch v5.9.0+incompatible // indirect
-	github.com/fsnotify/fsnotify v1.5.1 // indirect
+	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
-	github.com/go-logr/logr v1.2.0 // indirect
+	github.com/felixge/httpsnoop v1.0.4 // indirect
-	github.com/go-openapi/jsonpointer v0.19.5 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
-	github.com/go-openapi/jsonreference v0.19.5 // indirect
+	github.com/go-logr/logr v1.4.1 // indirect
-	github.com/go-openapi/swag v0.19.14 // indirect
+	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
 	github.com/go-openapi/jsonpointer v0.21.0 // indirect
 	github.com/go-openapi/jsonreference v0.21.0 // indirect
 	github.com/go-openapi/swag v0.23.0 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/golang/protobuf v1.5.4 // indirect
-	github.com/google/go-cmp v0.5.6 // indirect
+	github.com/google/cel-go v0.17.8 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/uuid v1.3.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 	github.com/googleapis/gnostic v0.5.5 // indirect
 	github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect
-	github.com/grpc-ecosystem/grpc-gateway v1.16.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.20.0 // indirect
-	github.com/imdario/mergo v0.3.12 // indirect
+	github.com/imdario/mergo v0.3.16 // indirect
-	github.com/inconshreveable/mousetrap v1.0.0 // indirect
+	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
-	github.com/mailru/easyjson v0.7.6 // indirect
+	github.com/mailru/easyjson v0.7.7 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.2 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/pkg/errors v0.9.1 // indirect
-	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/prometheus/client_golang v1.11.0 // indirect
+	github.com/prometheus/client_golang v1.18.0 // indirect
-	github.com/prometheus/client_model v0.2.0 // indirect
+	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.28.0 // indirect
+	github.com/prometheus/common v0.46.0 // indirect
-	github.com/prometheus/procfs v0.6.0 // indirect
+	github.com/prometheus/procfs v0.15.0 // indirect
-	github.com/spf13/cobra v1.2.1 // indirect
+	github.com/spf13/cobra v1.8.0 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
-	go.etcd.io/etcd/api/v3 v3.5.0 // indirect
+	github.com/stoewer/go-strcase v1.3.0 // indirect
-	go.etcd.io/etcd/client/pkg/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/api/v3 v3.5.13 // indirect
-	go.etcd.io/etcd/client/v3 v3.5.0 // indirect
+	go.etcd.io/etcd/client/pkg/v3 v3.5.13 // indirect
-	go.opentelemetry.io/contrib v0.20.0 // indirect
+	go.etcd.io/etcd/client/v3 v3.5.13 // indirect
-	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.20.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.51.0 // indirect
-	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.20.0 // indirect
+	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.51.0 // indirect
-	go.opentelemetry.io/otel v0.20.0 // indirect
+	go.opentelemetry.io/otel v1.26.0 // indirect
-	go.opentelemetry.io/otel/exporters/otlp v0.20.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.26.0 // indirect
-	go.opentelemetry.io/otel/metric v0.20.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.26.0 // indirect
-	go.opentelemetry.io/otel/sdk v0.20.0 // indirect
+	go.opentelemetry.io/otel/metric v1.26.0 // indirect
-	go.opentelemetry.io/otel/sdk/export/metric v0.20.0 // indirect
+	go.opentelemetry.io/otel/sdk v1.26.0 // indirect
-	go.opentelemetry.io/otel/sdk/metric v0.20.0 // indirect
+	go.opentelemetry.io/otel/trace v1.26.0 // indirect
-	go.opentelemetry.io/otel/trace v0.20.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.2.0 // indirect
-	go.opentelemetry.io/proto/otlp v0.7.0 // indirect
+	go.uber.org/multierr v1.11.0 // indirect
-	go.uber.org/atomic v1.7.0 // indirect
+	go.uber.org/zap v1.27.0 // indirect
-	go.uber.org/multierr v1.6.0 // indirect
+	golang.org/x/crypto v0.24.0 // indirect
-	go.uber.org/zap v1.19.1 // indirect
+	golang.org/x/exp v0.0.0-20240506185415-9bf2ced13842 // indirect
-	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
+	golang.org/x/mod v0.18.0 // indirect
-	golang.org/x/net v0.0.0-20211209124913-491a49abca63 // indirect
+	golang.org/x/net v0.26.0 // indirect
-	golang.org/x/oauth2 v0.0.0-20210819190943-2bc19b11175f // indirect
+	golang.org/x/oauth2 v0.20.0 // indirect
-	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
+	golang.org/x/sync v0.7.0 // indirect
-	golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e // indirect
+	golang.org/x/sys v0.21.0 // indirect
-	golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b // indirect
+	golang.org/x/term v0.21.0 // indirect
-	golang.org/x/text v0.3.7 // indirect
+	golang.org/x/text v0.16.0 // indirect
-	golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac // indirect
+	golang.org/x/time v0.5.0 // indirect
-	google.golang.org/appengine v1.6.7 // indirect
+	golang.org/x/tools v0.22.0 // indirect
-	google.golang.org/genproto v0.0.0-20220118154757-00ab72f36ad5 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
-	google.golang.org/grpc v1.43.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240515191416-fc5f0ca64291 // indirect
-	google.golang.org/protobuf v1.27.1 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240515191416-fc5f0ca64291 // indirect
 	google.golang.org/grpc v1.64.1 // indirect
 	google.golang.org/protobuf v1.34.1 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
-	gopkg.in/natefinch/lumberjack.v2 v2.0.0 // indirect
+	gopkg.in/natefinch/lumberjack.v2 v2.2.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
-	k8s.io/api v0.23.1 // indirect
+	k8s.io/api v0.30.2 // indirect
-	k8s.io/apimachinery v0.23.1 // indirect
+	k8s.io/apimachinery v0.30.2 // indirect
-	k8s.io/apiserver v0.23.1 // indirect
+	k8s.io/apiserver v0.30.2 // indirect
-	k8s.io/component-base v0.23.1 // indirect
+	k8s.io/component-base v0.30.2 // indirect
-	k8s.io/klog/v2 v2.30.0 // indirect
+	k8s.io/klog/v2 v2.120.1 // indirect
-	k8s.io/kube-aggregator v0.23.1 // indirect
+	k8s.io/kms v0.30.2 // indirect
-	k8s.io/kube-openapi v0.0.0-20211115234752-e816edb12b65 // indirect
+	k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f // indirect
-	k8s.io/utils v0.0.0-20210930125809-cb0fa318a74b // indirect
+	k8s.io/utils v0.0.0-20240502163921-fe8a2dddb1d0 // indirect
-	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.0.25 // indirect
+	sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.30.3 // indirect
-	sigs.k8s.io/controller-runtime v0.11.0 // indirect
+	sigs.k8s.io/controller-runtime v0.18.2 // indirect
-	sigs.k8s.io/json v0.0.0-20211020170558-c049b76a60c6 // indirect
+	sigs.k8s.io/gateway-api v1.1.0 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.2.0 // indirect
+	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/yaml v1.3.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
 	sigs.k8s.io/yaml v1.4.0 // indirect
 )
@@ -13,8 +13,8 @@ import (
 	"k8s.io/client-go/rest"
 	"github.com/cert-manager/webhook-freedns/freedns"
-	"github.com/jetstack/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
+	"github.com/cert-manager/cert-manager/pkg/acme/webhook/apis/acme/v1alpha1"
-	"github.com/jetstack/cert-manager/pkg/acme/webhook/cmd"
+	"github.com/cert-manager/cert-manager/pkg/acme/webhook/cmd"
 )
 var GroupName = os.Getenv("GROUP_NAME")
@@ -36,7 +36,7 @@ func main() {
 // customDNSProviderSolver implements the provider-specific logic needed to
 // 'present' an ACME challenge TXT record for your own DNS provider.
-// To do so, it must implement the `github.com/jetstack/cert-manager/pkg/acme/webhook.Solver`
+// To do so, it must implement the `github.com/cert-manager/cert-manager/pkg/acme/webhook.Solver`
 // interface.
 type customDNSProviderSolver struct {
 	// If a Kubernetes 'clientset' is needed, you must:
@@ -4,11 +4,11 @@ import (
 	"os"
 	"testing"
-	"github.com/jetstack/cert-manager/test/acme/dns"
+	acmetest "github.com/cert-manager/cert-manager/test/acme"
 )
 var (
-	zone = os.Getenv("TEST_ZONE_NAME")
+	zone = os.Getenv("FREEDNS_DOMAIN")
 )
 func TestRunsSuite(t *testing.T) {
@@ -17,12 +17,11 @@ func TestRunsSuite(t *testing.T) {
 	// ChallengeRequest passed as part of the test cases.
 	//
-	// Uncomment the below fixture when implementing your custom DNS provider
+	fixture := acmetest.NewFixture(&customDNSProviderSolver{},
-	fixture := dns.NewFixture(&customDNSProviderSolver{},
+		acmetest.SetResolvedZone(zone),
-		dns.SetResolvedZone(zone),
+		acmetest.SetManifestPath("testdata/freedns-solver"),
-		dns.SetAllowAmbientCredentials(false),
+		acmetest.SetUseAuthoritative(false),
 		dns.SetManifestPath("testdata/freedns-solver"),
 	)
-	fixture.RunConformance(t)
+	fixture.RunBasic(t)
-
+	fixture.RunExtended(t)
 }