Merge remote-tracking branch 'origin/main' into linting-and-deprecati…

…on-fixes

.github/workflows/helm-docs.yaml

@@ -1,5 +1,7 @@
 name: Generate Helm Docs
 on:
+  # Allow other workflows to trigger
+  workflow_call:
   push:
     paths:
       - '!*.md'

.github/workflows/release.yaml

@@ -5,7 +5,7 @@ on:
     branches:
       - "release-v*"
     tags:
-      - "*"
+      - "v*"
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
@@ -27,34 +27,41 @@ jobs:
         with:
           value: ${{github.ref_name}}
           index_of_str: "release-"
+
       - name: Find and Replace Helm Chart Version
         uses: jacobtomlinson/gha-find-replace@v3
         with:
           find: 'v(\d+)\.(\d+)\.(\d+)(-rc(\d)+)?'
           replace: "${{steps.release_number.outputs.substring}}"
           include: "deploy/charts/version-checker/Chart.yaml"
           regex: true
-      - name: Find and Replace Helm Chart README
-        uses: jacobtomlinson/gha-find-replace@v3
-        with:
-          find: 'v(\d+)\.(\d+)\.(\d+)(-rc(\d)+)?'
-          replace: "${{steps.release_number.outputs.substring}}"
-          include: "deploy/charts/version-checker/README.md"
-          regex: true
+
       - name: Find and Replace Kubernetes Manifests
         uses: jacobtomlinson/gha-find-replace@v3
         with:
           find: 'v(\d+)\.(\d+)\.(\d+)(-rc(\d)+)?'
           replace: "${{steps.release_number.outputs.substring}}"
           include: "deploy/yaml/deploy.yaml"
           regex: true
+
       - name: Find and Replace Makefile versions
         uses: jacobtomlinson/gha-find-replace@v3
         with:
           find: 'v(\d+)\.(\d+)\.(\d+)(-rc(\d)+)?'
           replace: "${{steps.release_number.outputs.substring}}"
           include: "Makefile"
           regex: true
+
+      - name: Install Helm Docs
+        uses: envoy/[email protected]
+        with:
+          version: 1.11.0
+      - name: Update Helm Docs
+        run: |
+          set -ex
+          cd deploy/charts/version-checker
+          helm-docs
+
       - name: Detect any Local Changes
         uses: dorny/paths-filter@v3
         id: filter
@@ -65,26 +72,38 @@ jobs:
               - 'Makefile'
               - 'deploy/yaml/deploy.yaml'
               - 'deploy/charts/version-checker/Chart.yaml'
+              - 'deploy/charts/version-checker/README.md'
+
       - name: Commit files
         if: steps.filter.outputs.versions == 'true'
         run: |
           git config --local user.email "github-actions[bot]@users.noreply.github.com"
           git config --local user.name "github-actions[bot]"
           git status
           git commit -a -m "Bump versions to ${{steps.release_number.outputs.substring}} "
+
       - name: Push changes
         if: steps.filter.outputs.versions == 'true'
         uses: ad-m/[email protected]
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           branch: ${{ github.ref_name }}
+
+      - name: Build Changelog
+        id: github_release
+        uses: mikepenz/release-changelog-builder-action@v5
+
       - name: Create Release PR
         uses: devops-infra/[email protected]
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           target_branch: main
           title: "Release ${{steps.release_number.outputs.substring}}"
-          body: "**Automated Release Pull Request**"
+          body: |-
+            "**Automated Release Pull Request**
+
+            ## Change log:
+            ${{steps.github_release.outputs.changelog}}
           draft: false
           get_diff: false
           allow_no_diff: false

Makefile

@@ -22,7 +22,7 @@ verify: test build ## tests and builds version-checker
 
 image: ## build docker image
 	GOARCH=$(ARCH) GOOS=linux CGO_ENABLED=0 go build -o ./bin/version-checker-linux ./cmd/.
-	docker build -t quay.io/jetstack/version-checker:v0.8.0 .
+	docker build -t quay.io/jetstack/version-checker:v0.8.1 .
 
 clean: ## clean up created files
 	rm -rf \

deploy/charts/version-checker/Chart.yaml

@@ -1,6 +1,6 @@
 apiVersion: v2
-appVersion: "v0.8.0"
-version: "v0.8.0"
+appVersion: "v0.8.1"
+version: "v0.8.1"
 description: A Helm chart for version-checker
 home: https://github.com/jetstack/version-checker
 name: version-checker

deploy/charts/version-checker/README.md

@@ -1,6 +1,6 @@
 # version-checker
 
-![Version: v0.8.0](https://img.shields.io/badge/Version-v0.8.0-informational?style=flat-square) ![AppVersion: v0.8.0](https://img.shields.io/badge/AppVersion-v0.8.0-informational?style=flat-square)
+![Version: v0.8.1](https://img.shields.io/badge/Version-v0.8.1-informational?style=flat-square) ![AppVersion: v0.8.1](https://img.shields.io/badge/AppVersion-v0.8.1-informational?style=flat-square)
 
 A Helm chart for version-checker
 
@@ -75,4 +75,4 @@ A Helm chart for version-checker
 | versionChecker.testAllContainers | bool | `true` | Enable/Disable the requirement for an enable.version-checker.io annotation on pods. |
 
 ----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.14.2](https://github.com/norwoodj/helm-docs/releases/v1.14.2)
+Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)

deploy/yaml/deploy.yaml

@@ -50,7 +50,7 @@ spec:
     spec:
       serviceAccountName: version-checker
       containers:
-        - image: quay.io/jetstack/version-checker:v0.8.0
+        - image: quay.io/jetstack/version-checker:v0.8.1
           imagePullPolicy: Always
           ports:
             - containerPort: 8080

go.sum

@@ -18,12 +18,8 @@ github.com/Azure/go-autorest/tracing v0.6.0 h1:TYi4+3m5t6K48TGI9AUdb+IzbnSxvnvUM
 github.com/Azure/go-autorest/tracing v0.6.0/go.mod h1:+vhtPC754Xsa23ID7GlGsrdKBpUA79WCAKPPZVC2DeU=
 github.com/aws/aws-sdk-go-v2 v1.30.4 h1:frhcagrVNrzmT95RJImMHgabt99vkXGslubDaDagTk8=
 github.com/aws/aws-sdk-go-v2 v1.30.4/go.mod h1:CT+ZPWXbYrci8chcARI3OmI/qgd+f6WtuLOoaIA8PR0=
-github.com/aws/aws-sdk-go-v2/config v1.27.30 h1:AQF3/+rOgeJBQP3iI4vojlPib5X6eeOYoa/af7OxAYg=
-github.com/aws/aws-sdk-go-v2/config v1.27.30/go.mod h1:yxqvuubha9Vw8stEgNiStO+yZpP68Wm9hLmcm+R/Qk4=
 github.com/aws/aws-sdk-go-v2/config v1.27.31 h1:kxBoRsjhT3pq0cKthgj6RU6bXTm/2SgdoUMyrVw0rAI=
 github.com/aws/aws-sdk-go-v2/config v1.27.31/go.mod h1:z04nZdSWFPaDwK3DdJOG2r+scLQzMYuJeW0CujEm9FM=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.29 h1:CwGsupsXIlAFYuDVHv1nnK0wnxO0wZ/g1L8DSK/xiIw=
-github.com/aws/aws-sdk-go-v2/credentials v1.17.29/go.mod h1:BPJ/yXV92ZVq6G8uYvbU0gSl8q94UB63nMT5ctNO38g=
 github.com/aws/aws-sdk-go-v2/credentials v1.17.30 h1:aau/oYFtibVovr2rDt8FHlU17BTicFEMAi29V1U+L5Q=
 github.com/aws/aws-sdk-go-v2/credentials v1.17.30/go.mod h1:BPJ/yXV92ZVq6G8uYvbU0gSl8q94UB63nMT5ctNO38g=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.12 h1:yjwoSyDZF8Jth+mUk5lSPJCkMC0lMy6FaCD51jm6ayE=
@@ -176,10 +172,10 @@ github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/
 github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
-github.com/onsi/ginkgo/v2 v2.20.0 h1:PE84V2mHqoT1sglvHc8ZdQtPcwmvvt29WLEEO3xmdZw=
-github.com/onsi/ginkgo/v2 v2.20.0/go.mod h1:lG9ey2Z29hR41WMVthyJBGUBcBhGOtoPF2VFMvBXFCI=
-github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k=
-github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY=
+github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA=
+github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To=
+github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk=
+github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0=
 github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug=
@@ -244,8 +240,6 @@ golang.org/x/crypto v0.6.0/go.mod h1:OFC/31mSvZgRz0V1QTNCzfAI1aIRzbiufJtkMIlEp58
 golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/crypto v0.26.0 h1:RrRspgV4mU+YwB4FYnuBoKsUapNIL5cohGAmSH3azsw=
 golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
@@ -344,8 +338,6 @@ k8s.io/component-base v0.31.0 h1:/KIzGM5EvPNQcYgwq5NwoQBaOlVFrghoVGr8lG6vNRs=
 k8s.io/component-base v0.31.0/go.mod h1:TYVuzI1QmN4L5ItVdMSXKvH7/DtvIuas5/mm8YT3rTo=
 k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
 k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
-k8s.io/kube-openapi v0.0.0-20240822171749-76de80e0abd9 h1:y+4z/s0h3R97P/o/098DSjlpyNpHzGirNPlTL+GHdqY=
-k8s.io/kube-openapi v0.0.0-20240822171749-76de80e0abd9/go.mod h1:s4yb9FXajAVNRnxSB5Ckpr/oq2LP4mKSMWeZDVppd30=
 k8s.io/kube-openapi v0.0.0-20240827152857-f7e401e7b4c2 h1:GKE9U8BH16uynoxQii0auTjmmmuZ3O0LFMN6S0lPPhI=
 k8s.io/kube-openapi v0.0.0-20240827152857-f7e401e7b4c2/go.mod h1:coRQXBK9NxO98XUv3ZD6AK3xzHCxV6+b7lrquKwaKzA=
 k8s.io/utils v0.0.0-20240821151609-f90d01438635 h1:2wThSvJoW/Ncn9TmQEYXRnevZXi2duqHWf5OX9S3zjI=

pkg/client/selfhosted/selfhosted.go

@@ -22,14 +22,14 @@ import (
 )
 
 const (
-	// {host}/v2/{repo/image}/tags/list?n=500.
+	// {host}/v2/{repo/image}/tags/list?n=500
 	tagsPath = "%s/v2/%s/tags/list?n=500"
-	// /v2/{repo/image}/manifests/{tag}.
+	// /v2/{repo/image}/manifests/{tag}
 	manifestPath = "%s/v2/%s/manifests/%s"
-	// Token endpoint.
+	// Token endpoint
 	defaultTokenPath = "/v2/token"
 
-	// HTTP headers to request API version.
+	// HTTP headers to request API version
 	dockerAPIv1Header = "application/vnd.docker.distribution.manifest.v1+json"
 	dockerAPIv2Header = "application/vnd.docker.distribution.manifest.v2+json"
 )
@@ -85,79 +85,84 @@ func New(ctx context.Context, log *logrus.Entry, opts *Options) (*Client, error)
 		log:     log.WithField("client", opts.Host),
 	}
 
-	if err := client.setupHostAndAuth(ctx); err != nil {
+	if err := configureHost(ctx, client, opts); err != nil {
 		return nil, err
 	}
 
-	client.setDefaultScheme()
-
-	if err := client.setupTLSConfig(); err != nil {
+	if err := configureTLS(client, opts); err != nil {
 		return nil, err
 	}
 
 	return client, nil
 }
 
-func (c *Client) setupHostAndAuth(ctx context.Context) error {
-	if c.Options.Host == "" {
+func configureHost(ctx context.Context, client *Client, opts *Options) error {
+	if opts.Host == "" {
 		return nil
 	}
 
-	hostRegex, scheme, err := parseURL(c.Options.Host)
+	hostRegex, scheme, err := parseURL(opts.Host)
 	if err != nil {
-		return fmt.Errorf("failed parsing url: %w", err)
+		return fmt.Errorf("failed parsing url: %s", err)
 	}
-	c.hostRegex = hostRegex
-	c.httpScheme = scheme
-
-	if len(c.Options.Username) > 0 || len(c.Options.Password) > 0 {
-		if len(c.Options.Bearer) > 0 {
-			return errors.New("cannot specify Bearer token as well as username/password")
-		}
+	client.hostRegex = hostRegex
+	client.httpScheme = scheme
 
-		tokenPath := c.Options.TokenPath
-		if tokenPath == "" {
-			tokenPath = defaultTokenPath
-		}
-
-		token, err := c.setupBasicAuth(ctx, c.Options.Host, tokenPath)
-		if httpErr, ok := selfhostederrors.IsHTTPError(err); ok {
-			return fmt.Errorf("failed to setup token auth (%d): %s", httpErr.StatusCode, httpErr.Body)
-		}
-		if err != nil {
-			return fmt.Errorf("failed to setup token auth: %w", err)
-		}
-		c.Bearer = token
+	if err := configureAuth(ctx, client, opts); err != nil {
+		return err
 	}
 
 	return nil
 }
 
-func (c *Client) setDefaultScheme() {
-	if c.httpScheme == "" {
-		c.httpScheme = "https"
+func configureAuth(ctx context.Context, client *Client, opts *Options) error {
+	if len(opts.Username) == 0 && len(opts.Password) == 0 {
+		return nil
 	}
-}
 
-func (c *Client) setupTLSConfig() error {
-	if c.httpScheme != "https" {
-		return nil
+	if len(opts.Bearer) > 0 {
+		return errors.New("cannot specify Bearer token as well as username/password")
 	}
 
-	tlsConfig, err := newTLSConfig(c.Options.Insecure, c.Options.CAPath)
+	tokenPath := opts.TokenPath
+	if tokenPath == "" {
+		tokenPath = defaultTokenPath
+	}
+
+	token, err := client.setupBasicAuth(ctx, opts.Host, tokenPath)
+	if httpErr, ok := selfhostederrors.IsHTTPError(err); ok {
+		return fmt.Errorf("failed to setup token auth (%d): %s",
+			httpErr.StatusCode, httpErr.Body)
+	}
 	if err != nil {
-		return err
+		return fmt.Errorf("failed to setup token auth: %s", err)
 	}
 
-	c.Client.Transport = &http.Transport{
-		TLSClientConfig: tlsConfig,
-		Proxy:           http.ProxyFromEnvironment,
+	client.Bearer = token
+	return nil
+}
+
+func configureTLS(client *Client, opts *Options) error {
+	if client.httpScheme == "" {
+		client.httpScheme = "https"
+	}
+
+	if client.httpScheme == "https" {
+		tlsConfig, err := newTLSConfig(opts.Insecure, opts.CAPath)
+		if err != nil {
+			return err
+		}
+
+		client.Client.Transport = &http.Transport{
+			TLSClientConfig: tlsConfig,
+			Proxy:           http.ProxyFromEnvironment,
+		}
 	}
 
 	return nil
 }
 
-// Name returns the name of the host URL for the selfhosted client.
+// Name returns the name of the host URL for the selfhosted client
 func (c *Client) Name() string {
 	if len(c.Host) == 0 {
 		return "dockerapi"
@@ -255,6 +260,7 @@ func (c *Client) doRequest(ctx context.Context, url, header string, obj interfac
 	if err != nil {
 		return nil, err
 	}
+	defer resp.Body.Close()
 
 	if resp.StatusCode != http.StatusOK {
 		return nil, selfhostederrors.NewHTTPError(resp.StatusCode, body)
@@ -318,7 +324,7 @@ func newTLSConfig(insecure bool, CAPath string) (*tls.Config, error) {
 	if CAPath != "" {
 		certs, err := os.ReadFile(CAPath)
 		if err != nil {
-			return nil, fmt.Errorf("Failed to append %q to RootCAs: %v", CAPath, err)
+			return nil, fmt.Errorf("failed to append %q to RootCAs: %v", CAPath, err)
 		}
 		rootCAs.AppendCertsFromPEM(certs)
 	}