Feature/121.2 apply blueprint continuously

CHANGELOG.md

@@ -8,25 +8,40 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 *Breaking Change ahead!*
 
+### Added
+- [#121] Added use case to check if dogus actually use the desired version and config before completing the blueprint
+
 ### Changed
 - [#119] *breaking* sensitive dogu config can now only be referenced with secrets
-  - it was not safe to have these values in clear text in the blueprint
+    - it was not safe to have these values in clear text in the blueprint
 - [#119] we now support blueprint v2 CRs
 - [#121] all health checks are now non-blocking
 - [#121] there are in general no steps anymore, which will block the reconciliation loop beyond some HTTP-Requests
 - [#121] *breaking* blueprints will now be executed as a continuous process
-  - the operator will now detect changes and will enforce the content of the blueprint
+    - the operator will now detect changes and will enforce the content of the blueprint
 - [#121] *breaking* the current state will now be reflected via conditions instead of the `statusPhase` field
 - [#121] *breaking* events were reworked, some events are now more general, some events got removed completely
-  - Note, that events are for humans. You should not compute them for automation as they have no consistency guarantees.
+    - Note, that events are for humans. You should not compute them for automation as they have no consistency guarantees.
+- [#121] Upgrade to Golang v1.25.1
+- [#121] Upgrade Makefiles to v10.4.0
+- [#121] *breaking* merge proxy config dogu action into one to simplify the status
 
 ### Removed
 - [#119] *breaking* no support for v1 blueprint CRs anymore
-  - make sure to persist your blueprints before upgrading
-  - you need to transform your blueprints to the new v2 format yourself 
+    - make sure to persist your blueprints before upgrading
+    - you need to transform your blueprints to the new v2 format yourself
 - [#121] remove maintenance mode
+  - remove dependency to k8s-service-discovery (maintenance-mode was the reason for this dependency)
 - [#121] *breaking* dogus will not be restarted by the blueprint operator anymore
-  - this is now the responsibility of the dogu operator
+    - this is now the responsibility of the dogu operator
+
+## [v2.8.0] - 2025-09-15
+### Changed
+- [#125] ignore nginx dependencies
+
+### Removed
+- [#125] component-dependency for component-oprator-crd
+  - it is replaced by a helm capabilities-check for the component CRD
 
 ## [v2.7.0] - 2025-07-17
 ### Fixed

Dockerfile

@@ -1,5 +1,5 @@
 # Build the manager binary
-FROM golang:1.24.3 AS builder
+FROM golang:1.25.1 AS builder
 
 WORKDIR /workspace
 
@@ -34,7 +34,7 @@ RUN make compile-generic
 FROM gcr.io/distroless/static:nonroot
 LABEL maintainer="[email protected]" \
       NAME="k8s-blueprint-operator" \
-      VERSION="2.7.0"
+      VERSION="2.8.0"
 
 WORKDIR /
 COPY --from=builder /workspace/target/k8s-blueprint-operator .

Jenkinsfile

@@ -12,9 +12,11 @@ github = new GitHub(this, git)
 changelog = new Changelog(this)
 Docker docker = new Docker(this)
 gpg = new Gpg(this, docker)
-goVersion = "1.24.3"
+goVersion = "1.25.1"
 Makefile makefile = new Makefile(this)
 
+componentOperatorVersion="1.10.0"
+
 // Configuration of repository
 repositoryOwner = "cloudogu"
 repositoryName = "k8s-blueprint-operator"
@@ -109,6 +111,11 @@ node('docker') {
             }
 
             stage('Deploy Manager') {
+                withCredentials([[$class: 'UsernamePasswordMultiBinding', credentialsId: 'harborhelmchartpush', usernameVariable: 'HARBOR_USERNAME', passwordVariable: 'HARBOR_PASSWORD']]) {
+                    k3d.helm("registry login ${registry} --username '${HARBOR_USERNAME}' --password '${HARBOR_PASSWORD}'")
+                    k3d.helm("install k8s-component-operator-crd oci://${registry}/k8s/k8s-component-operator-crd  --version ${componentOperatorVersion}")
+                    k3d.helm("registry logout ${registry}")
+                }
                 k3d.helm("install ${repositoryName} ${helmChartDir}")
             }
 

Makefile

@@ -1,9 +1,9 @@
 # Set these to the desired values
 ARTIFACT_ID=k8s-blueprint-operator
-VERSION=2.7.0
+VERSION=2.8.0
 IMAGE=cloudogu/${ARTIFACT_ID}:${VERSION}
-GOTAG=1.24.3
-MAKEFILES_VERSION=10.2.0
+GOTAG=1.25.1
+MAKEFILES_VERSION=10.4.0
 STAGE?=production
 
 

build/make/bats.mk

@@ -9,7 +9,7 @@ BATS_SUPPORT=$(BATS_LIBRARY_DIR)/bats-support
 BATS_FILE=$(BATS_LIBRARY_DIR)/bats-file
 BATS_BASE_IMAGE?=bats/bats
 BATS_CUSTOM_IMAGE?=cloudogu/bats
-BATS_TAG?=1.11.0
+BATS_TAG?=1.12.0
 BATS_DIR=build/make/bats
 BATS_WORKDIR="${WORKDIR}"/"${BATS_DIR}"
 
@@ -18,15 +18,19 @@ unit-test-shell: unit-test-shell-$(ENVIRONMENT)
 
 $(BATS_ASSERT):
 	@git clone --depth 1 https://github.com/bats-core/bats-assert $@
+	@rm -rf $@/.git
 
 $(BATS_MOCK):
 	@git clone --depth 1 https://github.com/grayhemp/bats-mock $@
+	@rm -rf $@/.git
 
 $(BATS_SUPPORT):
 	@git clone --depth 1 https://github.com/bats-core/bats-support $@
+	@rm -rf $@/.git
 
 $(BATS_FILE):
 	@git clone --depth 1 https://github.com/bats-core/bats-file $@
+	@rm -rf $@/.git
 
 $(BASH_SRC):
 	BASH_SRC:=$(shell find "${WORKDIR}" -type f -name "*.sh")
@@ -49,10 +53,10 @@ unit-test-shell-local: $(BASH_SRC) $(PASSWD) $(ETCGROUP) $(HOME_DIR) buildTestIm
 		"${BATS_DIR}"/customBatsEntrypoint.sh make unit-test-shell-generic-no-junit
 
 unit-test-shell-generic:
-	@bats --formatter junit --output ${BASH_TEST_REPORT_DIR} ${TESTS_DIR}
+	@bats --report-formatter junit --formatter junit --output ${BASH_TEST_REPORT_DIR} ${TESTS_DIR}
 
 unit-test-shell-generic-no-junit:
-	@bats ${TESTS_DIR}
+	@bats --report-formatter junit --output ${BASH_TEST_REPORT_DIR} ${TESTS_DIR}
 
 .PHONY buildTestImage:
 buildTestImage:

build/make/bats/Dockerfile

@@ -1,7 +1,7 @@
 ARG BATS_BASE_IMAGE
 ARG BATS_TAG
 
-FROM ${BATS_BASE_IMAGE:-bats/bats}:${BATS_TAG:-1.11.0}
+FROM ${BATS_BASE_IMAGE:-bats/bats}:${BATS_TAG:-1.12.0}
 
 # Make bash more findable by scripts and tests
 RUN apk add make git bash

build/make/bats/customBatsEntrypoint.sh

@@ -3,4 +3,11 @@ set -o errexit
 set -o nounset
 set -o pipefail
 
-"$@"
+targetReportDir="${PWD}"/target/shell_test_reports
+uidgid=1000:1000
+exitcode=0
+"$@" || exitcode=$?
+echo "Resetting file ownership to ${uidgid} in ${targetReportDir}/"
+chown -R ${uidgid} "${targetReportDir}"/*
+echo "exiting with code ${exitcode}"
+exit ${exitcode}

build/make/build.mk

@@ -3,7 +3,7 @@
 ADDITIONAL_LDFLAGS?=-extldflags -static
 LDFLAGS?=-ldflags "$(ADDITIONAL_LDFLAGS) -X main.Version=$(VERSION) -X main.CommitID=$(COMMIT_ID)"
 GOIMAGE?=golang
-GOTAG?=1.24
+GOTAG?=1.25
 GOOS?=linux
 GOARCH?=amd64
 PRE_COMPILE?=

build/make/k8s.mk

@@ -11,7 +11,7 @@ BINARY_YQ_4_VERSION?=v4.40.3
 BINARY_HELM = $(UTILITY_BIN_PATH)/helm
 BINARY_HELM_VERSION?=v3.13.0
 CONTROLLER_GEN = $(UTILITY_BIN_PATH)/controller-gen
-CONTROLLER_GEN_VERSION?=v0.14.0
+CONTROLLER_GEN_VERSION?=v0.19.0
 
 # Setting SHELL to bash allows bash commands to be executed by recipes.
 # Options are set to exit when a recipe line exits non-zero or a piped command fails.

build/make/static-analysis.mk

@@ -2,12 +2,12 @@
 
 STATIC_ANALYSIS_DIR=$(TARGET_DIR)/static-analysis
 GOIMAGE?=golang
-GOTAG?=1.24
+GOTAG?=1.25
 CUSTOM_GO_MOUNT?=-v /tmp:/tmp
 
 REVIEW_DOG=$(TMP_DIR)/bin/reviewdog
 LINT=$(TMP_DIR)/bin/golangci-lint
-LINT_VERSION?=v2.1.6
+LINT_VERSION?=v2.5.0
 # ignore tests and mocks
 LINTFLAGS=--tests=false --timeout 10m --issues-exit-code 0
 ADDITIONAL_LINTER=-E bodyclose -E containedctx -E contextcheck -E decorder -E dupl -E errname -E forcetypeassert -E funlen -E unparam

docs/operations/apply_blueprints_de.md

@@ -3,35 +3,32 @@
 Sie können einen Blueprint anwenden, indem Sie eine `Blueprint`-Ressource auf den Cluster-Namespace anwenden, in dem das Cloudogu MultiNode EcoSystem läuft:
 
 ```yaml
-apiVersion: k8s.cloudogu.com/v1
+apiVersion: k8s.cloudogu.com/v2
 kind: Blueprint
 metadata:
+  labels:
+    app: ces
+    app.kubernetes.io/name: k8s-blueprint-lib
   name: my-blueprint
 spec:
-  # fügen Sie die blueprint.json hier ein
-  blueprint: |
-    {
-      "blueprintApi": "v2",
-      "dogus": [ ... ],
-      "components": [ ... ],
-      "config": {
-        "global": { ... },
-        "dogus": { ... }
-      }
-    }
-  # fügen Sie hier die blueprint-mask.json ein
-  blueprintMask: |
-    {
-      "blueprintMaskApi": "v1",
-      "blueprintMaskId": "my-blueprint-mask",
-      "dogus": [ ... ]
-    }
+  displayName: "Blueprint Sample v6.834"
+  # fügen Sie die blueprint hier ein
+  blueprint:
+    dogus: ...
+    components: ...
+    config:
+      global: ...
+      dogus: ...
+  # fügen Sie hier die blueprint-mask ein
+  blueprintMask:
+    dogus: ...
 ```
 
 Das Dokument [Blueprint-Format](https://github.com/cloudogu/k8s-blueprint-lib/blob/develop/docs/operations/blueprintV2_format_de.md) beschreibt die Struktur des Blueprint im Detail.
 Blueprint-CR-Beispiele können dem [Sample-Repository](https://github.com/cloudogu/k8s-ecosystem-samples/tree/main/blueprints) entnommen werden. Wenn `k8s-blueprint-operator` korrekt installiert wurde, lässt sich dies z. B. so auf den Cluster anwenden:
 
 ```bash
-kubectl apply -n ecosystem -f k8s_v1_blueprint.yaml
+kubectl apply -n ecosystem -f k8s_v2_blueprint.yaml
 ```
 
+**Hinweis:** Pro Namespace ist nur ein Blueprint zulässig. Ändern Sie entweder das vorhandene Blueprint oder wenden Sie erneut ein `kubectl apply` mit demselben Blueprint-Namen an, um es zu aktualisieren.

docs/operations/apply_blueprints_en.md

@@ -3,33 +3,31 @@
 You can apply a blueprint by applying a `Blueprint` resource to the cluster namespace where the Cloudogu MultiNode EcoSystem is running in:
 
 ```yaml
-apiVersion: k8s.cloudogu.com/v1
+apiVersion: k8s.cloudogu.com/v2
 kind: Blueprint
 metadata:
+  labels:
+    app: ces
+    app.kubernetes.io/name: k8s-blueprint-lib
   name: my-blueprint
 spec:
-  # put your blueprint.json here
-  blueprint: |
-    {
-      "blueprintApi": "v2",
-      "dogus": [ ... ],
-      "components": [ ... ],
-      "config": {
-        "global": { ... },
-        "dogus": { ... }
-      }
-    }
-  # put your blueprint-mask.json here
-  blueprintMask: |
-    {
-      "blueprintMaskApi": "v1",
-      "blueprintMaskId": "my-blueprint-mask",
-      "dogus": [ ... ]
-    }
+  displayName: "Blueprint Sample v6.834"
+  # put your blueprint here
+  blueprint: 
+    dogus: ...
+    components: ...
+    config:
+      global: ...
+      dogus: ...
+  # put your blueprint-mask here
+  blueprintMask:
+      dogus: ...
 ```
 The document [blueprint format](https://github.com/cloudogu/k8s-blueprint-lib/blob/develop/docs/operations/blueprintV2_format_en.md) describes the structure of the Blueprint in detail.
 You may see examples of Blueprint-CRs in the [sample repository](https://github.com/cloudogu/k8s-ecosystem-samples/tree/main/blueprints). With `k8s-blueprint-operator` properly being installed, you can apply it to the cluster like this:
 
 ```bash
-kubectl apply -n ecosystem -f k8s_v1_blueprint.yaml
+kubectl apply -n ecosystem -f k8s_v2_blueprint.yaml
 ```
+
+**Note:** Only one blueprint is permitted per namespace. Either change the existing one or apply with the same name to update it.

docs/operations/health_checks_de.md

@@ -5,9 +5,7 @@ Dabei wird folgendes geprüft:
 - Health aller Dogus anhand der Dogu-CRs
 - Health aller Components anhand der Component-CRs
 - Überprüfung, ob alle notwendigen Components installiert sind, die für das Blueprint gebraucht werden
-
-Die Health-Checks verwenden einen eingebauten Retry. 
-Timeout und Check-Interval lassen sich dafür in der [Health-Config](#health-config) festlegen.
+- Überprüfung, ob alle Dogus bereits die neueste Version und Konfiguration verwenden
 
 ## Health ignorieren
 

docs/operations/health_checks_en.md

@@ -5,9 +5,7 @@ The following is checked:
 - Health of all Dogus based on the Dogu-CRs
 - Health of all components based on the component CRs
 - Check whether all necessary components required for the blueprint are installed
-
-The health checks use a built-in retry.
-The timeout and check interval can be defined in the [Health-Config](#health-config).
+- Check whether all Dogus already use the latest version and configuration
 
 ## Ignoring health