Merge pull request #110 from lili-wan/master

Update the service account creates new token (kubernete secret) #107
keikoproj · Jan 13, 2023 · 60651ef · 60651ef
2 parents d29a6e5 + 2bea487
commit 60651ef
Show file tree

Hide file tree

Showing 17 changed files with 140 additions and 164 deletions.
diff --git a/.github/workflows/unit_test.yaml b/.github/workflows/unit_test.yaml
@@ -14,7 +14,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v2
         with:
-          go-version: 1.15
+          go-version: 1.17
 
       - name: Check out code into the Go module directory
         uses: actions/checkout@v2

diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM golang:1.13 as builder
+FROM golang:1.17 as builder
 
 WORKDIR /workspace
 # Copy the Go Modules manifests

diff --git a/api/v1alpha1/StringOrStrings.go b/api/v1alpha1/StringOrStrings.go
@@ -2,11 +2,11 @@ package v1alpha1
 
 import "encoding/json"
 
-//StringOrStrings type accepts one string or multiple strings
+// StringOrStrings type accepts one string or multiple strings
 // +kubebuilder:object:generate=false
 type StringOrStrings []string
 
-//MarshalJSON function is a custom implementation of json.Marshal for StringOrStrings
+// MarshalJSON function is a custom implementation of json.Marshal for StringOrStrings
 func (s StringOrStrings) MarshalJSON() ([]byte, error) {
 	//This is going to be tricky
 	//if len(s) == 1 {
@@ -22,7 +22,7 @@ func (s StringOrStrings) MarshalJSON() ([]byte, error) {
 	return json.Marshal(k)
 }
 
-//UnmarshalJson function is a custom implementation of json to unmarshal StringOrStrings
+// UnmarshalJson function is a custom implementation of json to unmarshal StringOrStrings
 func (s *StringOrStrings) UnmarshalJSON(b []byte) error {
 	//Try to convert to array
 	var strings []string

diff --git a/api/v1alpha1/iamrole_types.go b/api/v1alpha1/iamrole_types.go
@@ -35,7 +35,7 @@ type IamroleSpec struct {
 
 // +kubebuilder:validation:Required
 
-//PolicyDocument type defines IAM policy struct
+// PolicyDocument type defines IAM policy struct
 type PolicyDocument struct {
 
 	// Version specifies IAM policy version
@@ -82,7 +82,7 @@ type AssumeRolePolicyDocument struct {
 	Statement []TrustPolicyStatement `json:"Statement,omitempty"`
 }
 
-//TrustPolicy struct holds Trust policy
+// TrustPolicy struct holds Trust policy
 // +optional
 type TrustPolicyStatement struct {
 	//Effect allowed/denied
@@ -95,7 +95,7 @@ type TrustPolicyStatement struct {
 	Condition *Condition `json:"Condition,omitempty"`
 }
 
-//Principal struct holds AWS principal
+// Principal struct holds AWS principal
 // +optional
 type Principal struct {
 	// +optional
@@ -106,7 +106,7 @@ type Principal struct {
 	Federated string `json:"Federated,omitempty"`
 }
 
-//Condition struct holds Condition
+// Condition struct holds Condition
 // +optional
 type Condition struct {
 	//StringEquals can be used to define Equal condition

diff --git a/controllers/iamrole_controller.go b/controllers/iamrole_controller.go
@@ -124,7 +124,7 @@ func (r *IamroleReconciler) Reconcile(req ctrl.Request) (ctrl.Result, error) {
 	return successRequeueIt()
 }
 
-//HandleReconcile function handles all the reconcile
+// HandleReconcile function handles all the reconcile
 func (r *IamroleReconciler) HandleReconcile(ctx context.Context, req ctrl.Request, iamRole *iammanagerv1alpha1.Iamrole) (ctrl.Result, error) {
 	log := logging.Logger(ctx, "controllers", "iamrole_controller", "HandleReconcile")
 	log = log.WithValues("iam_role_cr", iamRole.Name)
@@ -281,7 +281,7 @@ func (r *IamroleReconciler) HandleReconcile(ctx context.Context, req ctrl.Reques
 	return successRequeueIt()
 }
 
-//ConstructInput function constructs input for
+// ConstructInput function constructs input for
 func (r *IamroleReconciler) ConstructCreateIAMRoleInput(ctx context.Context, iamRole *iammanagerv1alpha1.Iamrole, roleName string) (*awsapi.IAMRoleRequest, *iammanagerv1alpha1.IamroleStatus, error) {
 	log := logging.Logger(ctx, "controllers", "iamrole_controller", "ConstructInput")
 	log.WithValues("iamrole", iamRole.Name)
@@ -376,8 +376,8 @@ func (StatusUpdatePredicate) Update(e event.UpdateEvent) bool {
 	return oldObj.Status == newObj.Status
 }
 
-//SetupWithManager sets up manager with controller
-//GenerationChangedPredicate will take care of not allowing to trigger reconcile for every time status update happens
+// SetupWithManager sets up manager with controller
+// GenerationChangedPredicate will take care of not allowing to trigger reconcile for every time status update happens
 func (r *IamroleReconciler) SetupWithManager(mgr ctrl.Manager) error {
 
 	//Lets try to predicate based on Status retry count
@@ -387,7 +387,7 @@ func (r *IamroleReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		Complete(r)
 }
 
-//UpdateStatus function updates the status based on the process step
+// UpdateStatus function updates the status based on the process step
 func (r *IamroleReconciler) UpdateStatus(ctx context.Context, iamRole *iammanagerv1alpha1.Iamrole, status iammanagerv1alpha1.IamroleStatus, requeueTime ...float64) (ctrl.Result, error) {
 	log := logging.Logger(ctx, "controllers", "iamrole_controller", "UpdateStatus")
 	log.WithValues("iamrole", fmt.Sprintf("k8s-%s", iamRole.ObjectMeta.Namespace))
@@ -422,7 +422,7 @@ func (r *IamroleReconciler) UpdateStatus(ctx context.Context, iamRole *iammanage
 	return ctrl.Result{RequeueAfter: time.Duration(requeueTime[0]) * time.Millisecond}, nil
 }
 
-//UpdateMeta function updates the metadata (mostly finalizers in this case)
+// UpdateMeta function updates the metadata (mostly finalizers in this case)
 func (r *IamroleReconciler) UpdateMeta(ctx context.Context, iamRole *iammanagerv1alpha1.Iamrole) {
 	log := logging.Logger(ctx, "controllers", "iamrole_controller", "UpdateMeta")
 	log = log.WithValues("iam_role_cr", iamRole.ObjectMeta.Name)
@@ -445,7 +445,7 @@ func ignoreNotFound(err error) error {
 	return err
 }
 
-//successRequeueIt function requeues it after defined time
+// successRequeueIt function requeues it after defined time
 func successRequeueIt() (ctrl.Result, error) {
 
 	return ctrl.Result{RequeueAfter: time.Duration(config.Props.ControllerDesiredFrequency()) * time.Second}, nil

diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/keikoproj/iam-manager
 
-go 1.12
+go 1.17
 
 require (
 	github.com/aws/aws-sdk-go v1.25.38
@@ -10,15 +10,61 @@ require (
 	github.com/onsi/gomega v1.8.1
 	github.com/pborman/uuid v1.2.0
 	github.com/pkg/errors v0.8.1
-	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
-	golang.org/x/sys v0.0.0-20220406163625-3f8b81556e12 // indirect
-	golang.org/x/tools v0.1.10 // indirect
 	gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15
 	k8s.io/api v0.17.2
 	k8s.io/apimachinery v0.17.2
 	k8s.io/client-go v0.17.2
 	k8s.io/klog v1.0.0
-	rsc.io/quote/v3 v3.1.0 // indirect
 	sigs.k8s.io/controller-runtime v0.5.2
-	sigs.k8s.io/controller-tools v0.2.5 // indirect
+)
+
+require (
+	cloud.google.com/go v0.38.0 // indirect
+	github.com/beorn7/perks v1.0.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/evanphx/json-patch v4.5.0+incompatible // indirect
+	github.com/go-logr/zapr v0.1.0 // indirect
+	github.com/gogo/protobuf v1.2.2-0.20190723190241-65acae22fc9d // indirect
+	github.com/golang/groupcache v0.0.0-20190129154638-5b532d6fd5ef // indirect
+	github.com/golang/protobuf v1.3.2 // indirect
+	github.com/google/go-cmp v0.3.0 // indirect
+	github.com/google/gofuzz v1.0.0 // indirect
+	github.com/google/uuid v1.1.1 // indirect
+	github.com/googleapis/gnostic v0.3.1 // indirect
+	github.com/hashicorp/golang-lru v0.5.1 // indirect
+	github.com/hpcloud/tail v1.0.0 // indirect
+	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af // indirect
+	github.com/json-iterator/go v1.1.8 // indirect
+	github.com/kr/pretty v0.1.0 // indirect
+	github.com/kr/text v0.1.0 // indirect
+	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
+	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+	github.com/modern-go/reflect2 v1.0.1 // indirect
+	github.com/prometheus/client_golang v1.0.0 // indirect
+	github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90 // indirect
+	github.com/prometheus/common v0.4.1 // indirect
+	github.com/prometheus/procfs v0.0.2 // indirect
+	github.com/spf13/pflag v1.0.5 // indirect
+	go.uber.org/atomic v1.3.2 // indirect
+	go.uber.org/multierr v1.1.0 // indirect
+	go.uber.org/zap v1.10.0 // indirect
+	golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect
+	golang.org/x/net v0.5.0 // indirect
+	golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45 // indirect
+	golang.org/x/sys v0.4.0 // indirect
+	golang.org/x/term v0.4.0 // indirect
+	golang.org/x/text v0.6.0 // indirect
+	golang.org/x/time v0.0.0-20190308202827-9d24e82272b4 // indirect
+	golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.0.1 // indirect
+	google.golang.org/appengine v1.5.0 // indirect
+	gopkg.in/fsnotify.v1 v1.4.7 // indirect
+	gopkg.in/inf.v0 v0.9.1 // indirect
+	gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect
+	gopkg.in/yaml.v2 v2.2.7 // indirect
+	k8s.io/apiextensions-apiserver v0.17.2 // indirect
+	k8s.io/kube-openapi v0.0.0-20191107075043-30be4d16710a // indirect
+	k8s.io/utils v0.0.0-20191114184206-e782cd3c129f // indirect
+	sigs.k8s.io/yaml v1.1.0 // indirect
 )