Fix typo

.github/workflows/ci.yaml

@@ -40,126 +40,126 @@ jobs:
             sudo apt-get install gnupg2 -y
             sudo apt-get install qemu-user-static -y
 
-      #- name: install helm unittest plugin
-      #  run: |
-      #      helm plugin install https://github.com/helm-unittest/helm-unittest --version ${HELM_UNITTEST_VERSION}
-      #      helm unittest --help
-
-      #- name: Test helm charts
-      #  run: make test-helm
-
-      #- name: Unit tests and envtest integration tests
-      #  run: make test
-
-      #- name: start k3d
-      #  run: |
-      #      docker version
-      #      k3d cluster create operator --agents 1 --image rancher/k3s:${K3S_VERSION}
-      #      JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}';
-      #      until kubectl get nodes -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do
-      #        sleep 1;
-      #      done
-
-      #      # Dump cluster info
-      #      kubectl cluster-info
-      #      which kubectl
-      #      kubectl version
-      #      kubectl describe node k3d-operator-server-0
-      #      kubectl describe node k3d-operator-agent-0
-
-
-      ## k3d integration tests
-      #- name: In cluster integration tests
-      #  run: |
-      #      export GNUPGHOME="$(mktemp -d)"
-      #      cat >$GNUPGHOME/foo <<EOF
-      #          %echo Generating a basic OpenPGP key
-      #          Key-Type: DSA
-      #          Key-Length: 1024
-      #          Subkey-Type: ELG-E
-      #          Subkey-Length: 1024
-      #          Name-Real: Joe Tester
-      #          Name-Comment: with stupid passphrase
-      #          Name-Email: [email protected]
-      #          Expire-Date: 0
-      #          Passphrase: abc
-      #          %no-protection
-      #          %commit
-      #          %echo done
-      #      EOF
-      #      gpg2 --batch --gen-key $GNUPGHOME/foo
-      #      export SOPS_GPG_EXEC=$( which gpg2 )
-      #      export FP=$( gpg2 --with-colons --fingerprint | awk -F: '$1 == "fpr" {print $10; exit}' )
-      #      echo "Fingreprint: $FP ; gpg executable: $SOPS_GPG_EXEC"
-
-      #      # Run k8s related commands
-      #      kubectl create namespace sops
-      #      make install
-      #      sleep 3
-      #      sops -e -p $FP \
-      #        --encrypted-suffix='Templates' \
-      #        config/samples/isindir_v1alpha3_sopssecret.yaml \
-      #        > config/samples/isindir_v1alpha3_sopssecret.enc.yaml
-      #      file config/samples/isindir_v1alpha3_sopssecret.enc.yaml
-      #      echo "====================================="
-      #      cat config/samples/isindir_v1alpha3_sopssecret.enc.yaml
-      #      echo "====================================="
-      #      kubectl apply -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops
-      #      sleep 3
-      #      nohup make run &
-      #      sleep 150
-      #      kubectl get sops --namespace sops
-      #      echo
-      #      kubectl get secrets --namespace sops
-      #      echo
-      #      export SECRETS_NUMBER=$( kubectl get secrets --namespace sops --no-headers \
-      #        | awk '$0 !~ /default-token/ { print $1; }' \
-      #        | wc -l )
-      #      if [[ $SECRETS_NUMBER -ne 5 ]]; then
-      #        echo "Expected number of secrets in sops namespace is 5 - Failed"
-      #        tail -40 nohup.out
-      #        exit 1
-      #      fi
-      #      # Check specific k8s for amount of data entries
-      #      ## my-secret-name-0
-      #      export DATA_ENTRIES=$( kubectl get secrets my-secret-name-0 --namespace sops --no-headers \
-      #        | awk '{print $3}' )
-      #      if [[ $DATA_ENTRIES -ne 2 ]]; then
-      #        echo "Expected number of data entries in my-secret-name-0 is 2 - Failed"
-      #        tail -40 nohup.out
-      #        exit 1
-      #      fi
-      #      ## my-secret-name-1
-      #      export DATA_ENTRIES=$( kubectl get secrets my-secret-name-1 --namespace sops --no-headers \
-      #        | awk '{print $3}' )
-      #      if [[ $DATA_ENTRIES -ne 3 ]]; then
-      #        echo "Expected number of data entries in my-secret-name-1 is 3 - Failed"
-      #        tail -40 nohup.out
-      #        exit 1
-      #      fi
-      #      ## my-secret-name-2
-      #      export DATA_ENTRIES=$( kubectl get secrets my-secret-name-2 --namespace sops --no-headers \
-      #        | awk '{print $3}' )
-      #      if [[ $DATA_ENTRIES -ne 2 ]]; then
-      #        echo "Expected number of data entries in my-secret-name-2 is 2 - Failed"
-      #        tail -40 nohup.out
-      #        exit 1
-      #      fi
-      #      # Delete to check GC works
-      #      kubectl delete -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops
-      #      sleep 15
-      #      kubectl get sops --namespace sops
-      #      echo
-      #      kubectl get secrets --namespace sops
-      #      echo
-      #      export SECRETS_NUMBER=$( kubectl get secrets --namespace sops \
-      #        | awk '$0!~/default-token/ && $0!~/NAME/ { print $1; }' \
-      #        | wc -l )
-      #      if [[ $SECRETS_NUMBER -ne 0 ]]; then
-      #        echo "Expected number of secrets in sops namespace is 0 - Failed"
-      #        exit 1
-      #      fi
-      #      rm -fr $GNUPGHOME
+      - name: install helm unittest plugin
+        run: |
+            helm plugin install https://github.com/helm-unittest/helm-unittest --version ${HELM_UNITTEST_VERSION}
+            helm unittest --help
+
+      - name: Test helm charts
+        run: make test-helm
+
+      - name: Unit tests and envtest integration tests
+        run: make test
+
+      - name: start k3d
+        run: |
+            docker version
+            k3d cluster create operator --agents 1 --image rancher/k3s:${K3S_VERSION}
+            JSONPATH='{range .items[*]}{@.metadata.name}:{range @.status.conditions[*]}{@.type}={@.status};{end}{end}';
+            until kubectl get nodes -o jsonpath="$JSONPATH" 2>&1 | grep -q "Ready=True"; do
+              sleep 1;
+            done
+
+            # Dump cluster info
+            kubectl cluster-info
+            which kubectl
+            kubectl version
+            kubectl describe node k3d-operator-server-0
+            kubectl describe node k3d-operator-agent-0
+
+
+      # k3d integration tests
+      - name: In cluster integration tests
+        run: |
+            export GNUPGHOME="$(mktemp -d)"
+            cat >$GNUPGHOME/foo <<EOF
+                %echo Generating a basic OpenPGP key
+                Key-Type: DSA
+                Key-Length: 1024
+                Subkey-Type: ELG-E
+                Subkey-Length: 1024
+                Name-Real: Joe Tester
+                Name-Comment: with stupid passphrase
+                Name-Email: [email protected]
+                Expire-Date: 0
+                Passphrase: abc
+                %no-protection
+                %commit
+                %echo done
+            EOF
+            gpg2 --batch --gen-key $GNUPGHOME/foo
+            export SOPS_GPG_EXEC=$( which gpg2 )
+            export FP=$( gpg2 --with-colons --fingerprint | awk -F: '$1 == "fpr" {print $10; exit}' )
+            echo "Fingreprint: $FP ; gpg executable: $SOPS_GPG_EXEC"
+
+            # Run k8s related commands
+            kubectl create namespace sops
+            make install
+            sleep 3
+            sops -e -p $FP \
+              --encrypted-suffix='Templates' \
+              config/samples/isindir_v1alpha3_sopssecret.yaml \
+              > config/samples/isindir_v1alpha3_sopssecret.enc.yaml
+            file config/samples/isindir_v1alpha3_sopssecret.enc.yaml
+            echo "====================================="
+            cat config/samples/isindir_v1alpha3_sopssecret.enc.yaml
+            echo "====================================="
+            kubectl apply -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops
+            sleep 3
+            nohup make run &
+            sleep 150
+            kubectl get sops --namespace sops
+            echo
+            kubectl get secrets --namespace sops
+            echo
+            export SECRETS_NUMBER=$( kubectl get secrets --namespace sops --no-headers \
+              | awk '$0 !~ /default-token/ { print $1; }' \
+              | wc -l )
+            if [[ $SECRETS_NUMBER -ne 5 ]]; then
+              echo "Expected number of secrets in sops namespace is 5 - Failed"
+              tail -40 nohup.out
+              exit 1
+            fi
+            # Check specific k8s for amount of data entries
+            ## my-secret-name-0
+            export DATA_ENTRIES=$( kubectl get secrets my-secret-name-0 --namespace sops --no-headers \
+              | awk '{print $3}' )
+            if [[ $DATA_ENTRIES -ne 2 ]]; then
+              echo "Expected number of data entries in my-secret-name-0 is 2 - Failed"
+              tail -40 nohup.out
+              exit 1
+            fi
+            ## my-secret-name-1
+            export DATA_ENTRIES=$( kubectl get secrets my-secret-name-1 --namespace sops --no-headers \
+              | awk '{print $3}' )
+            if [[ $DATA_ENTRIES -ne 3 ]]; then
+              echo "Expected number of data entries in my-secret-name-1 is 3 - Failed"
+              tail -40 nohup.out
+              exit 1
+            fi
+            ## my-secret-name-2
+            export DATA_ENTRIES=$( kubectl get secrets my-secret-name-2 --namespace sops --no-headers \
+              | awk '{print $3}' )
+            if [[ $DATA_ENTRIES -ne 2 ]]; then
+              echo "Expected number of data entries in my-secret-name-2 is 2 - Failed"
+              tail -40 nohup.out
+              exit 1
+            fi
+            # Delete to check GC works
+            kubectl delete -f config/samples/isindir_v1alpha3_sopssecret.enc.yaml --namespace sops
+            sleep 15
+            kubectl get sops --namespace sops
+            echo
+            kubectl get secrets --namespace sops
+            echo
+            export SECRETS_NUMBER=$( kubectl get secrets --namespace sops \
+              | awk '$0!~/default-token/ && $0!~/NAME/ { print $1; }' \
+              | wc -l )
+            if [[ $SECRETS_NUMBER -ne 0 ]]; then
+              echo "Expected number of secrets in sops namespace is 0 - Failed"
+              exit 1
+            fi
+            rm -fr $GNUPGHOME
 
       - name: Set up Docker variables
         id: set_variable

Dockerfile

@@ -2,7 +2,6 @@
 # https://wiki.ubuntu.com/Releases
 # https://hub.docker.com/_/ubuntu/tags?page=1&name=noble
 # UPDATE_HERE
-#FROM ubuntu:noble-20240225 as asdf-builder
 FROM ubuntu:mantic-20240216 as asdf-builder
 
 # UPDATE_HERE
@@ -14,9 +13,7 @@ SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 # Install build tools
 RUN apt-get -y update \
       && apt-get -y install build-essential \
-      && apt-get -y install autoconf automake gdb git \
-      && apt-get -y install libffi-dev zlib1g-dev libssl-dev \
-      && apt-get -y install curl wget \
+      && apt-get -y install autoconf automake gdb git libffi-dev zlib1g-dev libssl-dev curl wget \
       && apt-get clean && rm -rf /var/lib/apt/lists/*
 
 # Install asdf
@@ -58,17 +55,13 @@ RUN CGO_ENABLED=0 GO111MODULE=on go build -a -o manager cmd/main.go
 
 ############################################################
 # UPDATE_HERE
-#FROM ubuntu:noble-20240225
 FROM ubuntu:mantic-20240216
 
 # Install build tools
-# --no-install-recommends
-RUN apt-get -y update
-#RUN apt-get -y upgrade
-RUN apt-get -y install ca-certificates
-RUN apt-get -V --no-install-recommends -y install gnupg2
-RUN apt-get clean
-RUN rm -rf /var/lib/apt/lists/*
+RUN apt-get -y update \
+      && apt-get -y upgrade \
+      && apt-get -y install --no-install-recommends gnupg2 ca-certificates \
+      && apt-get clean && rm -rf /var/lib/apt/lists/*
 
 WORKDIR /usr/local/bin
 COPY --from=asdf-builder /workspace/manager .

chart/helm3/sops-secrets-operator/README.md

@@ -138,7 +138,7 @@ The following table lists the configurable parameters of the Sops-secrets-operat
 | imagePullSecrets | list | `[]` | Secrets to pull image from private docker repository |
 | initImage.pullPolicy | string | `"Always"` | Init container image pull policy |
 | initImage.repository | string | `"ubuntu"` | Init container image name |
-| initImage.tag | string | `"noble-20240225"` | Init container image tag |
+| initImage.tag | string | `"mantic-20240216"` | Init container image tag |
 | kubeconfig | object | `{"enabled":false,"path":null}` | Paths to a kubeconfig. Only required if out-of-cluster. |
 | logging | object | `{"development":false,"encoder":"json","level":"info","stacktraceLevel":"error","timeEncoding":"iso8601"}` | Logging configuration section suggested values Development Mode (encoder=consoleEncoder,logLevel=Debug,stackTraceLevel=Warn). Production Mode (encoder=jsonEncoder,logLevel=Info,stackTraceLevel=Error) (default) |
 | logging.development | bool | `false` | Zap Development Mode enabled |

chart/helm3/sops-secrets-operator/tests/operator_test.yaml

@@ -198,7 +198,7 @@ tests:
       - equal:
           path: spec.template.spec.initContainers[0].image
           # UPDATE_HERE
-          value: ubuntu:noble-20240225
+          value: ubuntu:mantic-20240216
       - equal:
           path: spec.template.spec.initContainers[0].imagePullPolicy
           value: Always

chart/helm3/sops-secrets-operator/values.yaml

@@ -22,7 +22,7 @@ initImage:
   # -- Init container image name
   repository: ubuntu
   # -- Init container image tag
-  tag: noble-20240225
+  tag: mantic-20240216
   # -- Init container image pull policy
   pullPolicy: Always