diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index 8afcb4793..26dd650cb 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -13,11 +13,17 @@ jobs: - name: Checkout code uses: actions/checkout@v4 + - name: Get Go version + id: go-version + run: | + GO_VERSION=$(cat release-tools/prow.sh | grep "configvar CSI_PROW_GO_VERSION_BUILD" | awk '{print $3}' | sed 's/"//g') + echo "version=$GO_VERSION" >> $GITHUB_OUTPUT + - name: Install go uses: actions/setup-go@v5 with: - go-version: ^1.19 - + go-version: ${{ steps.go-version.outputs.version }} + - name: Build images from Dockerfile run: | make diff --git a/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumegroupsnapshot/v1alpha1/types.go b/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumegroupsnapshot/v1alpha1/types.go index b8de64948..4110c2929 100644 --- a/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumegroupsnapshot/v1alpha1/types.go +++ b/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumegroupsnapshot/v1alpha1/types.go @@ -36,6 +36,7 @@ type VolumeGroupSnapshotSpec struct { // class will be used. // Empty string is not allowed for this field. // +optional + // +kubebuilder:validation:XValidation:rule="size(self) > 0",message="volumeGroupSnapshotClassName must not be the empty string when set" VolumeGroupSnapshotClassName *string `json:"volumeGroupSnapshotClassName,omitempty" protobuf:"bytes,2,opt,name=volumeGroupSnapshotClassName"` } @@ -44,6 +45,9 @@ type VolumeGroupSnapshotSpec struct { // object should be used. // Exactly one of its members must be set. // Members in VolumeGroupSnapshotSource are immutable. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.selector) || has(self.selector)", message="selector is required once set" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.volumeGroupSnapshotContentName) || has(self.volumeGroupSnapshotContentName)", message="volumeGroupSnapshotContentName is required once set" +// +kubebuilder:validation:XValidation:rule="(has(self.selector) && !has(self.volumeGroupSnapshotContentName)) || (!has(self.selector) && has(self.volumeGroupSnapshotContentName))", message="exactly one of selector and volumeGroupSnapshotContentName must be set" type VolumeGroupSnapshotSource struct { // Selector is a label query over persistent volume claims that are to be // grouped together for snapshotting. @@ -53,6 +57,7 @@ type VolumeGroupSnapshotSource struct { // Once a VolumeGroupSnapshotContent is created and the sidecar starts to process // it, the volume list will not change with retries. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="selector is immutable" Selector *metav1.LabelSelector `json:"selector,omitempty" protobuf:"bytes,1,opt,name=selector"` // VolumeGroupSnapshotContentName specifies the name of a pre-existing VolumeGroupSnapshotContent @@ -61,6 +66,7 @@ type VolumeGroupSnapshotSource struct { // only needs a representation in Kubernetes. // This field is immutable. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="volumeGroupSnapshotContentName is immutable" VolumeGroupSnapshotContentName *string `json:"volumeGroupSnapshotContentName,omitempty" protobuf:"bytes,2,opt,name=volumeGroupSnapshotContentName"` } @@ -265,6 +271,8 @@ type VolumeGroupSnapshotContentSpec struct { // VolumeGroupSnapshot object MUST be provided for binding to happen. // This field is immutable after creation. // Required. + // +kubebuilder:validation:XValidation:rule="has(self.name) && has(self.__namespace__)",message="both volumeGroupSnapshotRef.name and volumeGroupSnapshotRef.namespace must be set" + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="volumeGroupSnapshotRef is immutable" VolumeGroupSnapshotRef core_v1.ObjectReference `json:"volumeGroupSnapshotRef" protobuf:"bytes,1,opt,name=volumeGroupSnapshotRef"` // DeletionPolicy determines whether this VolumeGroupSnapshotContent and the @@ -347,11 +355,15 @@ type VolumeGroupSnapshotContentStatus struct { // VolumeGroupSnapshotContentSource represents the CSI source of a group snapshot. // Exactly one of its members must be set. // Members in VolumeGroupSnapshotContentSource are immutable. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.volumeHandles) || has(self.volumeHandles)", message="volumeHandles is required once set" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.groupSnapshotHandles) || has(self.groupSnapshotHandles)", message="groupSnapshotHandles is required once set" +// +kubebuilder:validation:XValidation:rule="(has(self.volumeHandles) && !has(self.groupSnapshotHandles)) || (!has(self.volumeHandles) && has(self.groupSnapshotHandles))", message="exactly one of volumeHandles and groupSnapshotHandles must be set" type VolumeGroupSnapshotContentSource struct { // VolumeHandles is a list of volume handles on the backend to be snapshotted // together. It is specified for dynamic provisioning of the VolumeGroupSnapshot. // This field is immutable. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="volumeHandles is immutable" VolumeHandles []string `json:"volumeHandles,omitempty" protobuf:"bytes,1,opt,name=volumeHandles"` // GroupSnapshotHandles specifies the CSI "group_snapshot_id" of a pre-existing @@ -360,6 +372,7 @@ type VolumeGroupSnapshotContentSource struct { // representation was (or should be) created. // This field is immutable. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="groupSnapshotHandles is immutable" GroupSnapshotHandles *GroupSnapshotHandles `json:"groupSnapshotHandles,omitempty" protobuf:"bytes,2,opt,name=groupSnapshotHandles"` } diff --git a/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumesnapshot/v1/types.go b/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumesnapshot/v1/types.go index fdb867cdb..d1a98e281 100644 --- a/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumesnapshot/v1/types.go +++ b/vendor/github.com/kubernetes-csi/external-snapshotter/client/v7/apis/volumesnapshot/v1/types.go @@ -91,6 +91,7 @@ type VolumeSnapshotSpec struct { // CreateSnapshot will fail and generate an event. // Empty string is not allowed for this field. // +optional + // +kubebuilder:validation:XValidation:rule="size(self) > 0",message="volumeSnapshotClassName must not be the empty string when set" VolumeSnapshotClassName *string `json:"volumeSnapshotClassName,omitempty" protobuf:"bytes,2,opt,name=volumeSnapshotClassName"` } @@ -99,6 +100,9 @@ type VolumeSnapshotSpec struct { // object should be used. // Exactly one of its members must be set. // Members in VolumeSnapshotSource are immutable. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.persistentVolumeClaimName) || has(self.persistentVolumeClaimName)", message="persistentVolumeClaimName is required once set" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.volumeSnapshotContentName) || has(self.volumeSnapshotContentName)", message="volumeSnapshotContentName is required once set" +// +kubebuilder:validation:XValidation:rule="(has(self.volumeSnapshotContentName) && !has(self.persistentVolumeClaimName)) || (!has(self.volumeSnapshotContentName) && has(self.persistentVolumeClaimName))", message="exactly one of volumeSnapshotContentName and persistentVolumeClaimName must be set" type VolumeSnapshotSource struct { // persistentVolumeClaimName specifies the name of the PersistentVolumeClaim // object representing the volume from which a snapshot should be created. @@ -108,6 +112,7 @@ type VolumeSnapshotSource struct { // created. // This field is immutable. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="persistentVolumeClaimName is immutable" PersistentVolumeClaimName *string `json:"persistentVolumeClaimName,omitempty" protobuf:"bytes,1,opt,name=persistentVolumeClaimName"` // volumeSnapshotContentName specifies the name of a pre-existing VolumeSnapshotContent @@ -115,6 +120,7 @@ type VolumeSnapshotSource struct { // This field should be set if the snapshot already exists and only needs a representation in Kubernetes. // This field is immutable. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="volumeSnapshotContentName is immutable" VolumeSnapshotContentName *string `json:"volumeSnapshotContentName,omitempty" protobuf:"bytes,2,opt,name=volumeSnapshotContentName"` } @@ -289,6 +295,7 @@ type VolumeSnapshotContentList struct { } // VolumeSnapshotContentSpec is the specification of a VolumeSnapshotContent +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.sourceVolumeMode) || has(self.sourceVolumeMode)", message="sourceVolumeMode is required once set" type VolumeSnapshotContentSpec struct { // volumeSnapshotRef specifies the VolumeSnapshot object to which this // VolumeSnapshotContent object is bound. @@ -298,6 +305,7 @@ type VolumeSnapshotContentSpec struct { // VolumeSnapshot object MUST be provided for binding to happen. // This field is immutable after creation. // Required. + // +kubebuilder:validation:XValidation:rule="has(self.name) && has(self.__namespace__)",message="both spec.volumeSnapshotRef.name and spec.volumeSnapshotRef.namespace must be set" VolumeSnapshotRef core_v1.ObjectReference `json:"volumeSnapshotRef" protobuf:"bytes,1,opt,name=volumeSnapshotRef"` // deletionPolicy determines whether this VolumeSnapshotContent and its physical snapshot on @@ -340,17 +348,22 @@ type VolumeSnapshotContentSpec struct { // This field is immutable. // This field is an alpha field. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="sourceVolumeMode is immutable" SourceVolumeMode *core_v1.PersistentVolumeMode `json:"sourceVolumeMode" protobuf:"bytes,6,opt,name=sourceVolumeMode"` } // VolumeSnapshotContentSource represents the CSI source of a snapshot. // Exactly one of its members must be set. // Members in VolumeSnapshotContentSource are immutable. +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.volumeHandle) || has(self.volumeHandle)", message="volumeHandle is required once set" +// +kubebuilder:validation:XValidation:rule="!has(oldSelf.snapshotHandle) || has(self.snapshotHandle)", message="snapshotHandle is required once set" +// +kubebuilder:validation:XValidation:rule="(has(self.volumeHandle) && !has(self.snapshotHandle)) || (!has(self.volumeHandle) && has(self.snapshotHandle))", message="exactly one of volumeHandle and snapshotHandle must be set" type VolumeSnapshotContentSource struct { // volumeHandle specifies the CSI "volume_id" of the volume from which a snapshot // should be dynamically taken from. // This field is immutable. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="volumeHandle is immutable" VolumeHandle *string `json:"volumeHandle,omitempty" protobuf:"bytes,1,opt,name=volumeHandle"` // snapshotHandle specifies the CSI "snapshot_id" of a pre-existing snapshot on @@ -358,6 +371,7 @@ type VolumeSnapshotContentSource struct { // was (or should be) created. // This field is immutable. // +optional + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="snapshotHandle is immutable" SnapshotHandle *string `json:"snapshotHandle,omitempty" protobuf:"bytes,2,opt,name=snapshotHandle"` }