From c29d03bbf50b6efab8ce4484ab6f26e2a3e31f55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Ma=C5=82ek?= Date: Mon, 5 Dec 2022 17:08:18 +0100 Subject: [PATCH 1/2] fix: use authenticated github client when GITHUB_TOKEN env is available --- go.mod | 1 + go.sum | 2 ++ pkg/clusters/addons/certmanager/addon.go | 6 ++-- pkg/clusters/addons/istio/addon.go | 6 ++-- pkg/clusters/addons/knative/knative.go | 6 ++-- pkg/utils/github/release.go | 42 +++++++++++------------- 6 files changed, 31 insertions(+), 32 deletions(-) diff --git a/go.mod b/go.mod index adc85b25..414b8f7c 100644 --- a/go.mod +++ b/go.mod @@ -36,6 +36,7 @@ require github.com/docker/go-connections v0.4.0 // indirect require ( github.com/ghodss/yaml v1.0.0 + github.com/google/go-github/v48 v48.1.0 github.com/kong/deck v1.16.1 golang.org/x/sync v0.1.0 gopkg.in/yaml.v2 v2.4.0 diff --git a/go.sum b/go.sum index c127a30d..878f3f87 100644 --- a/go.sum +++ b/go.sum @@ -190,6 +190,8 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/google/go-github/v39 v39.2.0 h1:rNNM311XtPOz5rDdsJXAp2o8F67X9FnROXTvto3aSnQ= github.com/google/go-github/v39 v39.2.0/go.mod h1:C1s8C5aCC9L+JXIYpJM5GYytdX52vC1bLvHEF1IhBrE= +github.com/google/go-github/v48 v48.1.0 h1:nqPqq+0oRY2AMR/SRskGrrP4nnewPB7e/m2+kbT/UvM= +github.com/google/go-github/v48 v48.1.0/go.mod h1:dDlehKBDo850ZPvCTK0sEqTCVWcrGl2LcDiajkYi89Y= github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8= github.com/google/go-querystring v1.1.0/go.mod h1:Kcdr2DB4koayq7X8pmAG4sNG59So17icRSOU623lUBU= github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= diff --git a/pkg/clusters/addons/certmanager/addon.go b/pkg/clusters/addons/certmanager/addon.go index 5a501d12..069a98cb 100644 --- a/pkg/clusters/addons/certmanager/addon.go +++ b/pkg/clusters/addons/certmanager/addon.go @@ -82,7 +82,7 @@ func (a *Addon) Dependencies(_ context.Context, _ clusters.Cluster) []clusters.A func (a *Addon) Deploy(ctx context.Context, cluster clusters.Cluster) error { var err error if a.version == nil { - a.version, err = github.FindLatestReleaseForRepo("jetstack", "cert-manager") + a.version, err = github.FindLatestReleaseForRepo(ctx, "jetstack", "cert-manager") if err != nil { return err } @@ -199,8 +199,7 @@ const ( defaultIssuerWaitSeconds = 60 ) -var ( - defaultIssuer = fmt.Sprintf(`--- +var defaultIssuer = fmt.Sprintf(`--- apiVersion: cert-manager.io/v1 kind: ClusterIssuer metadata: @@ -208,7 +207,6 @@ metadata: spec: selfSigned: {} `, DefaultIssuerName) -) func (a *Addon) deployDefaultIssuer(ctx context.Context, cluster clusters.Cluster) error { if err := clusters.ApplyManifestByYAML(ctx, cluster, defaultIssuer); err != nil { diff --git a/pkg/clusters/addons/istio/addon.go b/pkg/clusters/addons/istio/addon.go index e3d6cef6..7592f0a5 100644 --- a/pkg/clusters/addons/istio/addon.go +++ b/pkg/clusters/addons/istio/addon.go @@ -114,7 +114,7 @@ func (a *Addon) Dependencies(_ context.Context, _ clusters.Cluster) []clusters.A func (a *Addon) Deploy(ctx context.Context, cluster clusters.Cluster) error { // if an specific version was not provided we'll fetch and use the latest release tag if a.istioVersion.String() == "0.0.0" { - if err := a.useLatestIstioVersion(); err != nil { + if err := a.useLatestIstioVersion(ctx); err != nil { return err } } @@ -230,8 +230,8 @@ const ( // useLatestIstioVersion locates and sets the istio version to deploy to the latest // non-prelease tag found. -func (a *Addon) useLatestIstioVersion() error { - latestVersion, err := github.FindLatestReleaseForRepo("istio", "istio") +func (a *Addon) useLatestIstioVersion(ctx context.Context) error { + latestVersion, err := github.FindLatestReleaseForRepo(ctx, "istio", "istio") if err != nil { return err } diff --git a/pkg/clusters/addons/knative/knative.go b/pkg/clusters/addons/knative/knative.go index 0bead0db..09ca54cf 100644 --- a/pkg/clusters/addons/knative/knative.go +++ b/pkg/clusters/addons/knative/knative.go @@ -55,7 +55,7 @@ func (a *Addon) Dependencies(_ context.Context, _ clusters.Cluster) []clusters.A func (a *Addon) Deploy(ctx context.Context, cluster clusters.Cluster) error { if a.version == "0.0.0" { - if err := a.useLatestKnativeVersion(); err != nil { + if err := a.useLatestKnativeVersion(ctx); err != nil { return err } } @@ -249,8 +249,8 @@ func deleteKnative(ctx context.Context, cluster clusters.Cluster, version string // useLatestKnativeVersion locates and sets the knative version to deploy to the latest // non-prelease tag found. -func (a *Addon) useLatestKnativeVersion() error { - latestVersion, err := github.FindRawLatestReleaseForRepo("knative", "serving") +func (a *Addon) useLatestKnativeVersion(ctx context.Context) error { + latestVersion, err := github.FindRawLatestReleaseForRepo(ctx, "knative", "serving") if err != nil { return err } diff --git a/pkg/utils/github/release.go b/pkg/utils/github/release.go index 3852a23e..8ee95e54 100644 --- a/pkg/utils/github/release.go +++ b/pkg/utils/github/release.go @@ -1,24 +1,24 @@ package github import ( - "encoding/json" + "context" "fmt" - "io" "net/http" + "os" "github.com/blang/semver/v4" + "github.com/google/go-github/v48/github" + "golang.org/x/oauth2" ) -const releaseURLFormatter = "https://api.github.com/repos/%s/%s/releases/latest" - // FindLatestReleaseForRepo returns the latest release tag for a Github // repository given an Organization and Repository name. // // NOTE: latest release in this context does not necessarily mean the newest // version: if a repo releases a patch for an older release for instance // the the returned version could be that instead. -func FindLatestReleaseForRepo(org, repo string) (*semver.Version, error) { - rawTag, err := FindRawLatestReleaseForRepo(org, repo) +func FindLatestReleaseForRepo(ctx context.Context, org, repo string) (*semver.Version, error) { + rawTag, err := FindRawLatestReleaseForRepo(ctx, org, repo) if err != nil { return nil, err } @@ -33,27 +33,25 @@ func FindLatestReleaseForRepo(org, repo string) (*semver.Version, error) { // FindRawLatestReleaseForRepo returns the latest release tag as a string. // It should be used directly for non-semver releases. Semver releases should use FindLatestReleaseForRepo -func FindRawLatestReleaseForRepo(org, repo string) (string, error) { - releaseURL := fmt.Sprintf(releaseURLFormatter, org, repo) - resp, err := http.Get(releaseURL) //nolint:gosec - if err != nil { - return "", fmt.Errorf("couldn't determine latest %s/%s release: %w", org, repo, err) +func FindRawLatestReleaseForRepo(ctx context.Context, org, repo string) (string, error) { + var tc *http.Client + if ghToken := os.Getenv("GITHUB_TOKEN"); ghToken != "" { + ts := oauth2.StaticTokenSource( + &oauth2.Token{AccessToken: ghToken}, + ) + tc = oauth2.NewClient(ctx, ts) } - defer resp.Body.Close() + client := github.NewClient(tc) - body, err := io.ReadAll(resp.Body) + release, _, err := client.Repositories.GetLatestRelease(context.Background(), org, repo) if err != nil { - return "", err - } - - type latestReleaseData struct { - TagName string `json:"tag_name"` + return "", fmt.Errorf("couldn't fetch latest %s/%s release: %w", org, repo, err) } - data := latestReleaseData{} - if err := json.Unmarshal(body, &data); err != nil { - return "", fmt.Errorf("bad data from api when fetching latest %s/%s release tag: %w", org, repo, err) + releaseURL := release.URL + if releaseURL == nil { + return "", fmt.Errorf("release URL is nil for %s/%s", org, repo) } - return data.TagName, nil + return *release.TagName, nil } From d30e7431ace082b4b44333e471bab189956fb94f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Patryk=20Ma=C5=82ek?= Date: Mon, 5 Dec 2022 17:23:53 +0100 Subject: [PATCH 2/2] Add changelog --- CHANGELOG.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index bdc6f2d5..b89fd728 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,11 @@ ## Unreleased -- Changed Kong addon to use udpProxy dict from charts value file to instantiate +- When available, calls to Github API, requesting the latest release from a repository + will use `GITHUB_TOKEN` environment variable as token to authenticate against + Github API. + [#456](https://github.com/Kong/kubernetes-testing-framework/pull/456) +- Changed Kong addon to use udpProxy dict from charts value file to instantiate a udp proxy, instead of creating a udp proxy by kubectl. ## v0.23.0 @@ -26,10 +30,10 @@ ## v0.22.0 -### Added +### Added - loadimage addon now supports loading multiple images. - [#391](https://github.com/Kong/kubernetes-testing-framework/pull/391) + [#391](https://github.com/Kong/kubernetes-testing-framework/pull/391) ### Fixed