Merge pull request #59 from kyma-project/fix/vul

update + tidy deps

Makefile

@@ -203,11 +203,11 @@ lint: ## Download & Build & Run golangci-lint against code.
 .PHONY: configure-git-origin
 configure-git-origin:
 	@git remote | grep '^origin$$' -q || \
-		git remote add origin https://github.com/kyma-project/template-operator
+		git remote add origin https://github.com/kyma-project/cfapi
 
 .PHONY: build-manifests
 build-manifests: manifests kustomize ## Install CRDs into the K8s cluster specified in ~/.kube/config.
-	$(KUSTOMIZE) build config/default > template-operator.yaml
+	$(KUSTOMIZE) build config/default > cfapi-operator.yaml
 
 DEFAULT_CR ?= $(shell pwd)/config/samples/default-sample-cr.yaml
 .PHONY: build-module

controllers/cfapi_auth.go

@@ -1,87 +1,87 @@
-package controllers
-
-import (
-	"context"
-	"strings"
-
-	rbacv1 "k8s.io/api/rbac/v1"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/log"
-)
-
-func (r *CFAPIReconciler) getUserClusterAdmins(ctx context.Context) (error, []rbacv1.Subject) {
-	subjects := []rbacv1.Subject{}
-	crblist := &rbacv1.ClusterRoleBindingList{}
-	err := r.Client.List(ctx, crblist, client.MatchingLabels{"app": "kyma"})
-	if err != nil {
-		return err, subjects
-	}
-	for _, crb := range crblist.Items {
-		if crb.RoleRef.Name == "cluster-admin" {
-			for _, subject := range crb.Subjects {
-				if subject.Kind == "User" {
-					subjects = append(subjects, subject)
-				}
-			}
-		}
-	}
-	return nil, subjects
-}
-
-func toSubjectList(users []string) []rbacv1.Subject {
-	if users == nil {
-		return nil
-	}
-	var subjects = make([]rbacv1.Subject, len(users))
-	for i, user := range users {
-		subjects[i] = rbacv1.Subject{
-			Kind: "User",
-			Name: user,
-		}
-	}
-	return subjects
-}
-
-func (r *CFAPIReconciler) assignCfAdministrators(ctx context.Context, subjects []rbacv1.Subject, cfNs string) error {
-	logger := log.FromContext(ctx)
-	var err error
-	_subjects := subjects
-
-	if len(subjects) == 0 {
-		logger.Info("No CF administrators specified, will set kyma cluster admins as CF administrators")
-		err, _subjects = r.getUserClusterAdmins(ctx)
-		if err != nil {
-			logger.Error(err, "Failed to list users having clusterrole/cluster-admin")
-			return nil
-		}
-		if len(_subjects) == 0 {
-			logger.Info("No users with kyma cluster-admin role found, no CF administrators set")
-			return nil
-		}
-	}
-
-	rb := &rbacv1.RoleBinding{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      "cfapi-admins-binding",
-			Namespace: cfNs,
-			Annotations: map[string]string{
-				"cloudfoundry.org/propagate-cf-role": "true",
-			},
-		},
-		RoleRef: rbacv1.RoleRef{
-			APIGroup: "rbac.authorization.k8s.io",
-			Kind:     "ClusterRole",
-			Name:     "korifi-controllers-admin",
-		},
-		Subjects: _subjects,
-	}
-
-	userNames := make([]string, len(_subjects))
-	for i, subject := range _subjects {
-		userNames[i] = subject.Name
-	}
-	logger.Info("Bind role/korifi-controllers-admin to cluser-admin users " + strings.Join(userNames, ","))
-
-	return r.createIfMissing(ctx, rb)
-}
+package controllers
+
+import (
+	"context"
+	"strings"
+
+	rbacv1 "k8s.io/api/rbac/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/log"
+)
+
+func (r *CFAPIReconciler) getUserClusterAdmins(ctx context.Context) ([]rbacv1.Subject, error) {
+	subjects := []rbacv1.Subject{}
+	crblist := &rbacv1.ClusterRoleBindingList{}
+	err := r.Client.List(ctx, crblist, client.MatchingLabels{"app": "kyma"})
+	if err != nil {
+		return subjects, err
+	}
+	for _, crb := range crblist.Items {
+		if crb.RoleRef.Name == "cluster-admin" {
+			for _, subject := range crb.Subjects {
+				if subject.Kind == "User" {
+					subjects = append(subjects, subject)
+				}
+			}
+		}
+	}
+	return subjects, nil
+}
+
+func toSubjectList(users []string) []rbacv1.Subject {
+	if users == nil {
+		return nil
+	}
+	var subjects = make([]rbacv1.Subject, len(users))
+	for i, user := range users {
+		subjects[i] = rbacv1.Subject{
+			Kind: "User",
+			Name: user,
+		}
+	}
+	return subjects
+}
+
+func (r *CFAPIReconciler) assignCfAdministrators(ctx context.Context, subjects []rbacv1.Subject, cfNs string) error {
+	logger := log.FromContext(ctx)
+	var err error
+	_subjects := subjects
+
+	if len(subjects) == 0 {
+		logger.Info("No CF administrators specified, will set kyma cluster admins as CF administrators")
+		_subjects, err = r.getUserClusterAdmins(ctx)
+		if err != nil {
+			logger.Error(err, "Failed to list users having clusterrole/cluster-admin")
+			return nil
+		}
+		if len(_subjects) == 0 {
+			logger.Info("No users with kyma cluster-admin role found, no CF administrators set")
+			return nil
+		}
+	}
+
+	rb := &rbacv1.RoleBinding{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "cfapi-admins-binding",
+			Namespace: cfNs,
+			Annotations: map[string]string{
+				"cloudfoundry.org/propagate-cf-role": "true",
+			},
+		},
+		RoleRef: rbacv1.RoleRef{
+			APIGroup: "rbac.authorization.k8s.io",
+			Kind:     "ClusterRole",
+			Name:     "korifi-controllers-admin",
+		},
+		Subjects: _subjects,
+	}
+
+	userNames := make([]string, len(_subjects))
+	for i, subject := range _subjects {
+		userNames[i] = subject.Name
+	}
+	logger.Info("Bind role/korifi-controllers-admin to cluser-admin users " + strings.Join(userNames, ","))
+
+	return r.createIfMissing(ctx, rb)
+}

controllers/cfapi_controller_rendered_resources.go

@@ -41,12 +41,11 @@ import (
 	"k8s.io/client-go/tools/record"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller"
 	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
 	"sigs.k8s.io/controller-runtime/pkg/log"
 
-	"github.tools.sap/unified-runtime/cfapi-kyma-module/api/v1alpha1"
-
-	"sigs.k8s.io/controller-runtime/pkg/controller"
+	v1alpha1 "github.com/kyma-project/cfapi/api/v1alpha1"
 )
 
 const (

controllers/cfapi_controller_rendered_resources_test.go

@@ -8,7 +8,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/meta"
 	"k8s.io/client-go/kubernetes"
 
-	"github.tools.sap/unified-runtime/cfapi-kyma-module/api/v1alpha1"
+	v1alpha1 "github.com/kyma-project/cfapi/api/v1alpha1"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"

controllers/common_utils.go

@@ -42,7 +42,7 @@ const (
 func (r *CFAPIReconciler) installOneGlob(ctx context.Context, pattern string) error {
 	logger := log.FromContext(ctx)
 	logger.Info("Installing", "glob", pattern)
-	resources, err := loadOneGlob(pattern, logger)
+	resources, err := loadOneGlob(pattern)
 
 	if err != nil {
 		return err
@@ -57,15 +57,15 @@ func (r *CFAPIReconciler) installOneGlob(ctx context.Context, pattern string) er
 	return nil
 }
 
-func loadOneGlob(pattern string, logger logr.Logger) (*ManifestResources, error) {
+func loadOneGlob(pattern string) (*ManifestResources, error) {
 	filename, err := findOneGlob(pattern)
 	if err != nil {
 		return nil, err
 	}
-	return loadFile(filename, logger)
+	return loadFile(filename)
 }
 
-func loadFile(file string, logger logr.Logger) (*ManifestResources, error) {
+func loadFile(file string) (*ManifestResources, error) {
 	fileBytes, err := os.ReadFile(file)
 	if err != nil {
 		return nil, err

controllers/suite_test.go

@@ -25,8 +25,6 @@ import (
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/manager"
 
-	"github.tools.sap/unified-runtime/cfapi-kyma-module/controllers"
-
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
 	"k8s.io/client-go/kubernetes/scheme"
@@ -35,7 +33,8 @@ import (
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
 
-	operatorkymaprojectiov1alpha1 "github.tools.sap/unified-runtime/cfapi-kyma-module/api/v1alpha1"
+	operatorkymaprojectiov1alpha1 "github.com/kyma-project/cfapi/api/v1alpha1"
+	controllers "github.com/kyma-project/cfapi/controllers"
 	//+kubebuilder:scaffold:imports
 )