Upgrade all Kubernetes dependencies

[erikgb]

What would you like to be added:

Upgrade all Kubernetes dependencies to version 1.24 including controller-runtime to version 0.12.

I had a look at this, but it seems like a complex task that require more experience with the code-base than I currently have. There has been a lot of changes in envtest that require the bootstrapping of the envtest clusters to be rewritten.

CC: @kensipe @iblancasa

Why is this needed:

Scanning kuttl with a vulnerability scanner like Trivy, shows that we have quite a few vulnerabilities in our dependency tree. I had a look at this, and to me it seems like most of them are rooted in the fact that we depend on old Kubernetes dependencies versions that are not maintained anymore (EOL).

We currently depend on K8s 1.20, and I also think it is about time to upgrade this. K8s 1.20 is long passed EOL, and with the upcoming K8s 1.25 some APIs are removed - which are still used in kuttl.

[iblancasa]

Is there anything pending about this issue?

[erikgb]

@iblancasa Thanks a million for your great work in bumping dependencies! This looks great now! I just scanned current main branch with trivy:

D:~/projects/github/kuttl $ trivy filesystem .
2022-09-08T21:23:20.681+0200    INFO    Vulnerability scanning is enabled
2022-09-08T21:23:20.681+0200    INFO    Secret scanning is enabled
2022-09-08T21:23:20.681+0200    INFO    If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2022-09-08T21:23:20.681+0200    INFO    Please see also https://aquasecurity.github.io/trivy/v0.31.3/docs/secret/scanning/#recommendation for faster secret detection
2022-09-08T21:23:20.735+0200    INFO    Number of language-specific files: 1
2022-09-08T21:23:20.735+0200    INFO    Detecting gomod vulnerabilities...
D:~/projects/github/kuttl $ 

Closing issue as resolved by #375.

[kensipe]

thanks @erikgb and @iblancasa great to see